Insights from the load balancer experts

Unlocking the power of Endurance: A beginner's API guide for smarter load balancing

We asked ourselves: how can we make our load balancers not just a component, but a fully integrated part of a modern, automated environment?

Security

A simple Citrix SSO replacement; with Okta, Apache and OpenID Connect

This setup allows you to leverage the power of a centralized identity management system to secure your web apps, while maintaining the flexibility and performance you expect...

Damian Pacuszka

6 mins

Healthcare

Help! Our legacy modalities are awesome — but they don't understand DNS!

Connecting remote sites to central data centers necessitates GSLB. But implementation for legacy modalities isn't straightforward...

Lenin Martinez

7 mins

Comparisons

Compare Layer 4, 7, and Global Server Load Balancing (GSLB) techniques

The first question we always ask our customers is: "are you looking for performance, reliability, maintainability — or all three?"..

Dave Saunders

9 mins

GSLB

Cloud-based Global Server Load Balancing (GSLB) made simple with concierge service from Loadbalancer.org

Anyone who has been watching Loadbalancer.org over the last few years will have noticed the things that we don't like :-). We've made it pretty clear that we don't like load balancing firewalls and we've also been pretty reluctant to turn our load balancers into a GSLB...

Theo Garvey

2 mins

Security

Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)

Anomaly score based blocking is more flexible and effective than simple first error blocking...

Malcolm Turnbull

4 mins

Open source

Transparent Load balancing with HAProxy on Amazon EC2

One of our favorite methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately, because of Amazon's infrastructure, this is not possible in EC2 so we need to use another method which means we are left with layer 4 NAT and transparent HAproxy using TProxy...

Ben Cabot

3 mins

Security

Simple Denial of Service DOS attack mitigation using HAProxy

Denial of Service (DOS) attacks can be used to degrade or cripple the functionality of a site...

Malcolm Turnbull

5 mins

Security

How do I get an A+ from Qualys SSL, but keep FIPS compliance as well?

Is getting an A+ rating with the Qualys scanner starting to feel a bit like chasing a mythical unicorn? Every time you get close to catching and keeping the beast — it run's away and they change the rules again!..

Scott McKeown

6 mins

Security

Shell-shocked by shell shock? I give you "CMD Caret" ^&

There seems to have been so much hype over the recent bash bug, shell shock! And there were all the people in the Microsoft world thinking YES we are so cool we are NOT affected by it!..

Andrew Smalley

2 mins

Loadbalancer.org product roadmap – new features, release notes and more (as always, a work in progress)

Understandably, we get quite a few requests for a product roadmap containing release notes and feature updates. We've had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as and when customer requirements change...

Malcolm Turnbull

24 mins

Microsoft

How to enhance Microsoft IIS health checks using VBscript

By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of each real (backend) server. For IIS, this would typically be port 80...

Rob Cooper

3 mins

Microsoft

Windows NLB (WNLB) and its disadvantages

WNLB causes switch flooding and does not support multiple scheduling algorithms for distributing client load...

Rob Cooper

1 min

Open source

Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol

By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client...

Rob Cooper

3 mins

Security

Heartbleed 2.0? Not exactly but more OpenSSL issues have been found

Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not...

Rob Cooper

1 min

Security

Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160

To ensure complete protection all SSL certificates that have been used with a vulnerable version of OpenSSL should be regenerated using a new private key...

Rob Cooper

2 mins

Application Management

Load Balancing Exchange 2013

Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation...

Rob Cooper

2 mins

Application Management

Load Balancing Exchange 2010

In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport). Mandatory roles are Mailbox, Client Access and Hub Transport...

Rob Cooper

2 mins

Security

Why did my Loadbalancer just fail the PCI compliance test?

Let me first say that I'm not really a fan of PCI scanners. It's not so much that I'm anti security scanners but rather that scanning for vulnerabilities based on only the version number a package returns seems rather simplistic to me...

Aaron West

1 min

Open source

SSL offload testing with HAProxy and Stunnel

There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested...

Mark Brookes

4 mins

HAProxy

3 ways to send HAProxy health check email alerts: Configuration how-to

The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert...

Ben Cabot

4 mins

HAProxy

HAProxy load balancer feedback agent — We've Open Sourced both our Windows and Linux versions for you!

In general when you are load balancing a cluster you can evenly spread the connections through the cluster. However, with some applications, you might get very high load from just a few users doing heavy work, which can compromise performance...

Malcolm Turnbull

10 mins

Performance

What do you mean my pipe is saturated?

Some of the most common questions we get at Loadbalancer.org are performance related. It is quite difficult to give a straight answer to these questions as the real answer is often slightly unsatisfactory...

Malcolm Turnbull

2 mins

Performance

Look, why can't you just tell me how many people are connected to the load balancer?

I must confess, at certain times it has looked like open warfare would break out between the support team and development team at Loadbalancer.org over the last few months...

Malcolm Turnbull

6 mins

Microsoft

Microsoft drops support for mstshash RDP cookies? (embrace and destroy policy?)

We are pretty sure Microsoft have quietly fixed this bug and not told anyone... But the story is quite fun so lets leave it here for a lesson in corporate stupidity..

Dave Saunders

5 mins

High Availability

Exchange 2013 - Microsoft finally have an email solution designed for high availability and load balancing

In Exchange Server 2013, there are two basic building blocks – the Client Access Array and the Database Availability Group (DAG)...

Malcolm Turnbull

3 mins

HAProxy

HAProxy email alerts guide

As of haproxy-1.6-dev1 it is now possible to send email alerts directly from HAProxy thanks to the excellent work done for us by Simon Horman...

Aaron West

2 mins

HAProxy

Setting up HAProxy with Transparent Mode on Centos 6.x

Transparent mode with HAProxy allows you to see the IP Address of the clients computer while still having a high availability service using HAProxy...

Scott McKeown

4 mins

Insights from the load balancer experts

Unlocking the power of Endurance: A beginner's API guide for smarter load balancing

A simple Citrix SSO replacement; with Okta, Apache and OpenID Connect

Help! Our legacy modalities are awesome — but they don't understand DNS!

Compare Layer 4, 7, and Global Server Load Balancing (GSLB) techniques

Recent blogs

Cloud-based Global Server Load Balancing (GSLB) made simple with concierge service from Loadbalancer.org

Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)

Transparent Load balancing with HAProxy on Amazon EC2

Simple Denial of Service DOS attack mitigation using HAProxy

How do I get an A+ from Qualys SSL, but keep FIPS compliance as well?

Shell-shocked by shell shock? I give you "CMD Caret" ^&

Loadbalancer.org product roadmap – new features, release notes and more (as always, a work in progress)

How to enhance Microsoft IIS health checks using VBscript

Windows NLB (WNLB) and its disadvantages

Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol

Heartbleed 2.0? Not exactly but more OpenSSL issues have been found

Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160

Load Balancing Exchange 2013

Load Balancing Exchange 2010

Why did my Loadbalancer just fail the PCI compliance test?

SSL offload testing with HAProxy and Stunnel

3 ways to send HAProxy health check email alerts: Configuration how-to

HAProxy load balancer feedback agent — We've Open Sourced both our Windows and Linux versions for you!

What do you mean my pipe is saturated?

Look, why can't you just tell me how many people are connected to the load balancer?

Microsoft drops support for mstshash RDP cookies? (embrace and destroy policy?)

Exchange 2013 - Microsoft finally have an email solution designed for high availability and load balancing

HAProxy email alerts guide

Setting up HAProxy with Transparent Mode on Centos 6.x

Get Started Today, for Free