Motivation and Overview

Figure 1 illustrates the Anypoint abstraction. An Anypoint connection allows communication between two logical endpoints: an ensemble of end nodes and another peer IP site. In a typical use, the ensemble is a server cluster and the peer is a client interacting with it through some request/response service protocol. Many connections may be active to the same ensemble. The current ensemble membership for a connection is its active set. Anypoint switches direct the traffic flow between each peer and its active set under the control of the ALRM plugins. This serves four related purposes:

• Dynamic request redirection. Anypoint switches direct inbound requests to selected servers according to service-specific policies in the ALRM. The ALRM may consider information above the transport layer, such as client identity, client location, or the nature of the request, as well as server status and traffic conditions. Content-aware policies can optimize server cache effectiveness as well as balance load [31,18,5], as in the NFS storage router example in Section 3.2.

• Server resource management. Switch-based redirection enables flexible resource provisioning in Internet server clusters. A management interface in the switch allows the service to reassign server resources with dynamic, coordinated changes to its active sets [7,13], without relying on the client to select a new server or refresh a DNS cache.

• Response merging. Anypoint supports direct delivery of content to each peer from multiple ensemble nodes [22,5]. The peer receives the response traffic on a single connection and assembles it using ordering information inserted by lightweight translation functions at the switch. The reassembly buffer resides in the peer, not in the switch.

• Service composition. ALRMs can act as ``wrappers'' to compose or extend services. For example, an ALRM might support mirroring for an ordered multicast of request traffic across replicated servers. Since the ALRM understands the service protocol, it might distribute read traffic evenly and mirror only those requests that modify service state.

This paper focuses on the first three goals, i.e., the role of Anypoint as a basis for virtualized, manageable, scalable Internet services.

Redirecting switches are controversial because the Internet architecture implicitly assumes that each IP datagram is addressed and delivered to a uniquely defined end host, running a single instance of its operating system (cf. RFC 1122 [12]). Anypoint provides a rich set of capabilities enabling an ensemble operating system and its applications to manage the ensemble as a coordinated virtual ``host''--effectively a multicomputer with internal policies for handling network traffic addressed to it. Crucially, the indirection hides the ensemble's internal structure from the connection peer: the peer addresses inbound traffic to a virtual IP address (VIP) for the ensemble and receives outbound traffic with that VIP as the source address. This use of network address translation (NAT)--which may be damaging in other contexts--is done with the guidance and consent of the ensemble applications, and is transparent to the peer. The switch does not obscure the identity of the peer from the ensemble members.