| 摘要: | 隨著網路基礎建設的蓬勃發展,各家ISP業者辛勤耕耘的結果,造就更高的網路頻寬,同時也讓使用者以更低廉的價格來租用網路,但是在追求高頻寬的同時,未必等同於擁有更好的品質,萬一遇到網路斷線的狀況,還是什麼也不能做,所以為了能兼顧經濟效益與提供不中斷的服務,衍生出所謂的備援機制,也就是利用多套的伺服器與多條網路整合應用達到服務不中斷的目的。
備援機制常分為熱備援與冷備援,其中負載平衡架構便是熱備援中重要的應用,一般主機備援多使用單一高效能伺服器或是叢集伺服器來達成,而線路備援則是利用多條不同ISP業者提供的線路,透過各種負載分配方式來分散流量,降低伺服器負載並保持網路暢通。
負載平衡的技術與流量分配演算法很多,各自有其優缺點,針對不同的網路環境與所需提供網路服務的種類,有不同的應用方式,本論文主要以公務機關常見的分散式網路架構為例,探討各種備援方式的優劣,同時研究發展一套能兼顧提升網路可用度與強化資安管控的機制,完成以少量預算達成網路負載平衡與防堵資安漏洞的目的。
With the vigorous development of network infrastructure, ISPs provide wider network bandwidth and lower price for users to lease the network. Even though in pursuit of wide-bandwidth service, it does not mean to have better quality as well. In order to consider the economic benefits and to provide uninterrupted services, the so-called redundancy mechanism is derived. This mechanism integrates multiple sets of servers and multiple lines to achieve the purpose of uninterrupted services.
The redundancy mechanism is divided into hot-standby-redundancy and cold-standby-redundancy, where the load balancing system is an important application of hot-standby-redundancy. Generally, the host redundancy uses a single high efficiency servers or cluster servers to achieve uninterrupted services, while the line redundancy uses a number of lines provided by different ISPs to spread the traffic load using various load balancing methods and keep the network free from interruption.
In different network environments and services, there are many algorithms for the load-balancing technology and traffic allocation, and each has its own advantages and disadvantages. This thesis takes the distributed network architecture for example, which is commonly applied in a government organization, and explores the pros and cons of various redundancy mechanisms. In addition, this thesis develops a redundancy mechanism which can improve network availability, strengthen information security management, and be implemented with a lower budget to achieve load balancing purpose. |
