Latest
How to set up and manage an F5 in the ADC Portal
As an F5 engineer, they asked me to test the product and share my honest thoughts.
Insights from the load balancer experts
Storage
Load balancing Weka is no longer optional — the new normal is 100X faster
Within the space of a few years our customers are demanding increases in performance and capacity — not just 10X, but 100X!..
Healthcare
Help! Our legacy modalities are awesome — but they don't understand DNS!
Connecting remote sites to central data centers necessitates GSLB. But implementation for legacy modalities isn't straightforward...
GSLB
Complete guide to DNS load balancing: Choosing the right method for your applications
DNS is a naming convention that translates human-readable web addresses into IP-addresses, and vice versa...
Events
Loadbalancer.org buys new head office building in Portsmouth
We thought it was about time we bought our very own office building!..
Security
New PuTTY vulnerability "vuln-ech-overflow" identified - upgrade to 0.66 to protect your environment
Due to the way that PuTTY uses a signed integer variable to store the number of characters to be erased and there was inadequate checking for overflow, there was the potential for an attacker to corrupt important data in certain circumstances...
Events
IP EXPO Europe 2015 - Thank you to everyone who visited our stand
Thank you to everyone who visited our stand at IP Expo 2015...
GSLB
Cloud-based Global Server Load Balancing (GSLB) made simple with concierge service from Loadbalancer.org
Anyone who has been watching Loadbalancer.org over the last few years will have noticed the things that we don't like :-). We've made it pretty clear that we don't like load balancing firewalls and we've also been pretty reluctant to turn our load balancers into a GSLB...
Security
Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)
Anomaly score based blocking is more flexible and effective than simple first error blocking...
Open source
Transparent Load balancing with HAProxy on Amazon EC2
One of our favorite methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately, because of Amazon's infrastructure, this is not possible in EC2 so we need to use another method which means we are left with layer 4 NAT and transparent HAproxy using TProxy...
Security
Simple Denial of Service DOS attack mitigation using HAProxy
Denial of Service (DOS) attacks can be used to degrade or cripple the functionality of a site...
Security
How do I get an A+ from Qualys SSL, but keep FIPS compliance as well?
Is getting an A+ rating with the Qualys scanner starting to feel a bit like chasing a mythical unicorn? Every time you get close to catching and keeping the beast — it run's away and they change the rules again!..
Security
Shell-shocked by shell shock? I give you "CMD Caret" ^&
There seems to have been so much hype over the recent bash bug, shell shock! And there were all the people in the Microsoft world thinking YES we are so cool we are NOT affected by it!..
Loadbalancer.org product roadmap – new features, release notes and more (as always, a work in progress)
We've had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as and when customer requirements change...
Microsoft
How to enhance Microsoft IIS health checks using VBscript
By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of each real (backend) server. For IIS, this would typically be port 80...
Microsoft
Windows NLB (WNLB) and its disadvantages
WNLB causes switch flooding and does not support multiple scheduling algorithms for distributing client load...
Open source
Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol
By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client...
Security
Heartbleed 2.0? Not exactly but more OpenSSL issues have been found
Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not...
Security
Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160
To ensure complete protection all SSL certificates that have been used with a vulnerable version of OpenSSL should be regenerated using a new private key...
Application Management
Load Balancing Exchange 2013
Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation...
Application Management
Load Balancing Exchange 2010
In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport). Mandatory roles are Mailbox, Client Access and Hub Transport...
Security
Why did my Loadbalancer just fail the PCI compliance test?
Let me first say that I'm not really a fan of PCI scanners. It's not so much that I'm anti security scanners but rather that scanning for vulnerabilities based on only the version number a package returns seems rather simplistic to me...
Open source
SSL offload testing with HAProxy and Stunnel
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested...
HAProxy
3 ways to send HAProxy health check email alerts: Configuration how-to
The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert...
HAProxy
HAProxy load balancer feedback agent — We've Open Sourced both our Windows and Linux versions for you!
In general when you are load balancing a cluster you can evenly spread the connections through the cluster. However, with some applications, you might get very high load from just a few users doing heavy work, which can compromise performance...
Performance
What do you mean my pipe is saturated?
Some of the most common questions we get at Loadbalancer.org are performance related. It is quite difficult to give a straight answer to these questions as the real answer is often slightly unsatisfactory...
Performance
Look, why can't you just tell me how many people are connected to the load balancer?
I must confess, at certain times it has looked like open warfare would break out between the support team and development team at Loadbalancer.org over the last few months...
Microsoft
Microsoft drops support for mstshash RDP cookies? (embrace and destroy policy?)
We are pretty sure Microsoft have quietly fixed this bug and not told anyone... But the story is quite fun so lets leave it here for a lesson in corporate stupidity..