About the author

Rob Cooper

Rob’s been with the company since 2010 and helps to maintain the critical link between the Sales, Support and Development departments by providing deployment, testing and documentation skills. He’s also responsible for all Microsoft and VMware approvals and certifications and ensuring ongoing compliance. When not at the Loadbalancer.org offices he enjoys getting out on his boat as well as playing bass guitar.

1st July 2016

in Disaster recovery

Seamless Load Balancer Recovery – as easy as 1, 2, 3

So, you've configured two loadbalancer.org appliances as a clustered pair for high availability, the pair has been working fine but then one day you receive an email alert that one of the pair has failed for some reason, for example a disk failure. The remaining unit continues to provide load balanced services without issue, but now you want to repair the failed unit and re-create the clustered pair without any disruption to running services.

Continue reading...
9th March 2016

in AWS and Azure

Load balancing Microsoft Remote Desktop Services in AWS

We have an increasing number of customers who are using our Enterprise AWS load balancer appliance for load balancing remote desktop services in the AWS cloud.

Continue reading...
20th August 2014

in High Availability

Enhanced Microsoft IIS health checks using VBscript

By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of each real (backend) server. For IIS, this would typically be port 80. In many cases this kind of health check is adequate but for IIS this is often not the case. When a particular IIS site is stopped, whilst it's not possible to perform an HTTP GET, it's often possible to still be able to perform a TCP connect to the port. This means that this basic type of health check cannot be relied on for IIS. The load balancer can be configured to perform a more comprehensive HTTP negotiate check which verifies that IIS can actually serve web content and this is sufficient in most cases. However, you may also want to check that other applications and services are running correctly before reporting that the server is OK. Microsoft VBscript is a powerful tool that can be used to do exactly this.

Continue reading...
16th July 2014

in Load Balancing

Windows NLB (WNLB) and its disadvantages

Whilst Windows Network Load Balancing (WNLB) has been constantly improved in each version of Windows since it's introduction in Windows 2000, it still has a fairly extensive list of disadvantages when compared to a hardware or virtual based load balancer.

Continue reading...
18th June 2014

in HAProxy

Source IP Addresses, STunnel, HAProxy and Server Logs

When using proxies such as STunnel and HAProxy it's easy to loose track of the client source IP address. This occurs for example when HAProxy is used in it's default configuration to load balance a number of back-end web servers. By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client. One way around this is to enable X-Forward-For headers for HAProxy (the default for Loadbalancer.org appliances) and configure the web servers to track the IP address in this header. For more details on enabling this for IIS and Apache web servers, please see IIS and X-Forwarded-For Headers and Apache and X-Forwarded-For Headers. For more complicated scenarios where SSL termination is also required on the load balancer and the original source IP address is still required, additional steps are needed.

Continue reading...
9th June 2014

in SSL

Heartbleed 2.0? Not exactly but more OpenSSL issues have been found

In the wake of the recent Heartbleed Bug another series of OpenSSL vulnerabilities have been found. Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not. However if successfully exploited, there is potential for eavesdropping and traffic manipulation (CVE-2014-0224) as well as running arbitrary code on the vulnerable client or server (CVE-2014-0195).

Continue reading...
10th April 2014

in SSL

Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160

The bug is in OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server.

Continue reading...
14th February 2014

in Load Balancing

Load Balancing Exchange 2013

Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation. This has greatly simplified both the deployment process and the implementation of a load balancer. Exchange 2013 has been consolidated into two roles, these are: the Client Access Server role and the Mailbox Server role. In Exchange Server 2013, there are two basic building blocks – the Client Access Array and the Database Availability Group (DAG). Each provides a unit of high availability and fault tolerance that are decoupled from one another. Multiple Client Access Servers make up the Client Access Array, while multiple Mailbox Servers form the DAG. One of the main differences from Exchange 2010 is that all client connections are made using HTTPS. Outlook clients no longer use RPC to access their mailbox. This is now handled only by RPC over HTTPS (aka Outlook Anywhere). Native RPC is only used for server to sever communication

Continue reading...
14th February 2014

in Load Balancing

Load Balancing Exchange 2010

In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport).  Mandatory roles are Mailbox, Client Access and Hub Transport. The Edge Transport and Unified Messaging roles are optional and depend on the infrastructure and operational requirements. The CAS role does not have any built-in load balancing functionality. The HT role does provide load balancing functionality for server to server mail traffic, but not external SMTP traffic that arrives from other applications or from outside the organization directly to the HT server. Based on this, it is a common requirement to load balance both the CAS and HT roles. In some cases only the CAS role is load balanced. The exact load balancing requirements depend on the number of servers in use and how / where the roles are deployed.

Continue reading...
12th February 2014

in High Availability

Cluster recovery made easier

Loadbalancer.org has always given high-availability the utmost priority in its product design. However prior to v7.6, cluster recovery (i.e. re-synchronized master & slave appliances after a cluster failure) without downtime was a slightly convoluted process that while possible - was not simple. Loadbalancer.org support staff often recommended a full heartbeat restart on both nodes as the simplest solution even though it involved a small amount of downtime. We've made a big effort to ensure that this process in V7.6 is as simple as possible in the rare event of a cluster hardware or software failure.

Continue reading...
6th September 2011

in High Availability

Load balancing Microsoft Print Server

Microsoft print server provides a great way to share printers throughout your organisation, but when the print server service falls over, the phone quickly starts to ring. By adding a load balancer and a second print server configured with the same print queues , you'll quickly have a load balanced and resilient printing infrastructure for your users.

Continue reading...
9th February 2011

in Load Balancing

Apache and X-Forwarded-For Headers

It's easier to get Apache to log client IP addresses utilizing X-Forwarded-For headers than it is using IIS. By default, the logs do not record source IP addresses for clients but this is very easy to change using the LogFormat directive in the httpd.conf file as explained below.

Continue reading...
4th February 2011

in Load Balancing

IIS and X-Forwarded-For Header

Although its not technically a standard, the XFF or x-forwarded-for header, is incredibly useful if you have any kind of proxy in front of your web servers. When you load balance your web site at layer 7, it will become non-transparent. This means that the actual client source IP address is replaced by the load balancers IP address, and therefore ONLY this address will be recorded in the IIS logs. One way around this is to insert X-Forwarded-For headers on the load balancer to track the actual client source IP address. IIS can then be reconfigured to make this data available in the logs.

Continue reading...
23rd March 2010

in HAProxy

Load balancing Microsoft Office Communications Server (OCS) with HAProxy:

Here at Loadbalancer.org we have recently started the certification process of our product with Microsoft Office Communications Server (OCS). We already have several customers doing this with our units in Direct Routing mode but with the new Loadbalancer.org - ENTERPRISE v6.8 you can do it with the Microsoft recommended SNAT mode. So how can you do this yourself for free with the open source load balancer HAProxy? Read on......

Continue reading...
Live chat