Load balancing LDAP Servers
LDAP (Lightweight Directory Access Protocol) is an open, cross-platform application protocol. It is designed to allow information to be shared regarding hosts, users, DNS, certificates, printers, and more in a network. A commonly used implementation is OpenLDAP, as well as Microsoft Active Directory which features LDAP support. LDAP can also be used with Kerberos to provide authentication services.
Loadbalancer.org appliances can be used in conjunction with a cluster of LDAP servers to provide a highly available LDAP service. Using load balancers also makes LDAP server maintenance easier, as well as making the service scalable should additional servers needed to be added in the future to increase capacity.
Offering performance without limitations, the best-value hardware load balancer on the market supports any environment. Licensed for unlimited throughput, bandwidth and features, upgrading is seamless if your requirements change down the line.
|Protocol||Role||Default Ports||Supported Load Balancing Methods|
|TCP/UCP/LDAP||For LDAP communication||389 (or 3268 for Global Catalog access on a Microsoft AD server)||Layer 4 DR, Layer 4 NAT, Layer 7 TCP|
|TCP/UDP/LDAPS (“LDAP over SSL”)||For LDAP communication using TLS/SSL||636 (or 3269 for Global Catalog access over TLS/SSL on a Microsoft AD server)||Layer 4 DR, Layer 4 NAT, Layer 7 TCP|
Are there any caveats when load balancing LDAP servers?
It is important to note that source IP transparency is required when load balancing LDAP servers. The LDAP servers must see the true source IP address of connecting clients. For this reason, we recommend using layer 4 DR mode or layer 4 NAT mode for load balancing LDAP, as these modes are source IP transparent by default.