Using ZXTM to load-balance Windows Media Services

Application Acceleration - Apache and WebLogicMicrosoft Windows Media Services is a platform for streaming live or on-demand audio and video content over the Internet or an intranet. This article explains how to configure ZXTM to load-balance traffic to and from a cluster of Windows servers providing Media Services.

Introduction

Windows Media Server supports two streaming protocols, RTSP and MMS. Both of these services can run over TCP or UDP.

A client will make a TCP connection to the server and negotiate the best communication method. Since windows media player version 9 the client will attempt to make connections in the following order, selecting the first communication method that works:

  1. an RTSP connection using TCP/554;
  2. an MMS connection on TCP/1755;
  3. an HTTP connection on TCP/80.

Both the MMS and RTSP protocols attempt to open a UDP stream back to the client. This stream will originate from UDP/5004 on the media server and be sent to a port that is negotiated over the original TCP connection.

The following instructions describe how to configure a ZXTM system to forward return traffic from port UDP/5004 to the remote client.

Note: This method makes use of the IP Transparency capability and is therefore suitable for ZXTM Appliances, and ZXTM software on Linux.

IP Transparency is preinstalled on ZXTM Appliances; if you are using the ZXTM Software, please refer to the KnowledgeHub document IP Transparency in the ZXTM Software for installation instructions.

For configuration instructions, please see section 2.4: 'IP Transparency' in the ZXTM User Manual

Step One - Create the Control Services

You will first need to create two virtual servers. You can do this by using the "Manage a new service" wizard, directing traffic to your back-end windows servers.

Create a service called "RTSP Control" using "Generic client first" and port number 554.

Name: RTSP Control
Protocol: Generic client first
Port: 554

Add your nodes to the list and complete the Wizard. When you have finished, do the same thing for the MMS service, calling it "MMS Control" and changing the port to 1755.

Name: MMS Control
Protocol: Generic client first
Port: 1755

Finally, create the HTTP service that will be used if the client cannot communicate via either of the above:

Name: HTTP Service
Protocol: HTTP
Port: 80

Step Two - Enable IP Transparency

Because the server will be making a connection back out to the client we need to let the server see the originating IP address. For this we will make use of the IP Transparency module.

Go to Services -> Pools and select the pool "RTSP Control". Edit the pool and go to Connection Management -> IP Transparency. Set transparent to "Yes" and click "Update".

Now go back to the main pools page and do the same for the "MMS Control" pool.

This step is not nececssary for the HTTP pool.

Step Three - Configure Active-Passive failover

If you are using ZXTM in an active-passive configuration you will need to set up a Traffic IP Group with two IP addresses, one for the internet facing service and a second for the nodes to use as their default routes. In Services -> Traffic IP Groups, add a new group using the name "MMS Group" and the IP you will be using on the internet facing service. Click "Create Traffic IP Group".

Now edit the newly created group and add a second IP that is on the same segment as you nodes that they can use as their default gateways. Also set the keeptogether option to "Yes" and click update. See section 2.4: 'IP Transparency' in the ZXTM User Manual for more details.

Step Four - ZXTM Appliance

Edit your networking settings and enable NAT for the external interface (where incoming traffic is recieved).

Step Five - ZXTM Software

You will need to configure your OS to forward and NAT packets from the back-end Windows Servers.

This step needs to be done outside of the ZXTM admin interface. If you already have firewall rules setup on the device you will need to merge these rules in with your current configuration.

To enable IP forwarding and NAT:

iptables -t nat -A POSTROUTING -o <interface> -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

For stricter firewalling rules, so that only UDP packets from port 5004 on the server subnet are forwarded;

iptables -A FORWARD -s <subnet>/<mask> -p udp --sport 5004 -j ACCEPT
iptables -A FORWARD -j LOG --log-prefix "Drop Fwd "
iptables -A FORWARD -j REJECT --reject-with icmp-admin-prohibited
iptables -P FORWARD DROP

You will need to change the first line so the subnet and mask match the network that the Windows Media nodes reside on. What we are doing is allowing traffic originating on that network with a source port of 5004 to pass through the ZXTM appliance. All other traffic that attempts to use the ZXTM as a gateway will be logged to the kernel ring buffer and then rejected with an icmp-administratively-prohibited packet.

That's it!

That should be all you need to do. Enjoy.

Mark Boddington [Zeus Systems Engineering] 26 September 2006  Permalink  
Leave a comment ...
Your email address will not be displayed.
Your URL will be displayed.
This public messageboard is not a forum for technical support. To report technical support problems, please contact our dedicated Support team using the instructions at the bottom of this page.
Options:
 
(Line breaks become <br />)
(Set cookies for name, email & url)
Download Free ZXTM Desktop Edition

Recent Articles

Other Resources



www.zeus.com

powered by
b2evolution
About this site. The ZXTM KnowledgeHub service is provided without warranty, and articles and comments may not reflect the views of Zeus Technology. For technical support queries, please contact Zeus Technical Support. Disclaimer and Privacy statement.