Load balancing Microsoft SharePoint
Microsoft SharePoint is Microsoft’s enterprise collaboration platform. SharePoint makes it easier for people to work together. Using SharePoint, staff can set up websites to share information with others, manage documents from start to finish, publish reports to help everyone make better decisions and search across a range of internal and external data sources to find answers and information more quickly and effectively.
Supported Microsoft Sharepoint Protocols
|Protocol||Ports||Load balancing methods|
|HTTP||80||Layer 7 SNAT (Recommended) Using Reverse Proxy mode is the easiest and most flexible load balancing method, offering advanced URL switching, cookie insertion and WAFcapabilities.
Layer 4 DR Direct Routing has the advantage of being fully transparent and seriously fast but requires solving the arp problem.
Layer 4 NAT Traditional NAT mode gives easy to implement fast and transparent load balancing but usually requires a two-arm configuration (two subnets).
|HTTPS||443||All load balancing methods can be easily configured for SSL Pass-through.
This has the advantage of being fast, secure and easy to maintain. Identical SSL certificates will need to exist on each of your backend servers for pass-through security.
SSL Termination or off-loading must be used when advanced Layer 7 functionality such as cookies or URL switching is required. You can also implement SNI if you have multiple domain certificates one one public IP address. Optional re-encryption is also available between the load balancer and IIS.
Offering performance without limitations, the best-value hardware load balancer on the market supports any environment. Licensed for unlimited throughput, bandwidth and features, upgrading is seamless if your requirements change down the line.
How do we get the client source IP address in our web server logs?
There are several ways to answer this question with a load balancer.
- Layer 4 DR/NAT (HTTP & HTTPS): These load balancing modes are source IP address transparent by default.
- Layer 7 (HTTP): The insertion of XFF headers can be enabled for HTTP traffic. Then change the behavior in your webserver to log the XFF header.
- Layer 7 (HTTPS): You must additionally terminate the SSL and enable Proxy Protocol support. Then you can insert the XFF header to the unencrypted HTTP traffic and modify your webserver to log the XFF header.
*If all else fails then Layer 7 with two-arm TPROXY is fully transparent
Do I require persistence for SharePoint?
Since the release of Microsoft Sharepoint 2013 you no longer require persistence. Instead the Distributed Cache service can maintain authentication information across all Sharepoint frontend web servers.
Can I offload SSL on the load balancer?
- SSL Offloading
- SSL Bridging