Layer 4 Direct Routing (LVS-DR) and Layer 4 TUN (LVS-TUN) in AWS
LVS-DR and LVS-TUN are both forms of Direct Server Return where the load balancer only has to deal with one half of the connection...
Aaron is a proven authority in complex load balancing. His expertise spans high-availability, GSLB, DSR, WAF integration, and security best practices for mission-critical applications. Drawing on strong experience in open-source solutions and enterprise environments, he provides trustworthy, experience-driven insights into advanced network architecture.
LVS-DR and LVS-TUN are both forms of Direct Server Return where the load balancer only has to deal with one half of the connection...
Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate...
How frustrating do you find it when hackers or robots fill in your website forms with "Buy Viagra Now!" type spam?..
Technically, the only mode on a load balancer that is a real Reverse Proxy is Layer 7 mode. Whereas all Layer 4 load balancing modes such as NAT, DR and TUN are nothing like a reverse proxy. The clients are effectively talking directly (transparently) to the backend servers...
The appliance works quite nicely in a oVirt environment and should work just as well with a full Red Hat’s Enterprise Virtualization environment (RHEV)!..
Let’s Encrypt offers us a free way to get SSL certificates with the aim of being less complex than other current solutions...
In part one we were introduced to Polaris-GSLB which is a cool little open source GSLB solution. In part two of this Blog I’m going to show you how to build Polaris-GSLB on CentOS 7...
Here at Loadbalancer.org we’re not known for being huge fans of GSLB solutions as some of our customers may already know...
We can write custom health checks specific to your environment checking availability of servers as well as other backend systems such as REST servers, databases and storage...
Once HAProxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the client bypassing the load balancer...
Policy Based Routing is a clever way to give us more control over which routing path connections will take. It allows us to specify custom routing tables and then add rules offering fine grained control over which routing table a connection will use...
Let me first say that I'm not really a fan of PCI scanners. It's not so much that I'm anti security scanners but rather that scanning for vulnerabilities based on only the version number a package returns seems rather simplistic to me...