Latest
Loadbalancer.org Enterprise: A technical guide to Layer 7 Manual Configuration
For times when you need to dive deeper and implement advanced settings that aren't directly available through the standard interface.
Insights from the load balancer experts
F5 / Citrix / Kemp
How to set up and manage an F5 in the ADC Portal
As an F5 engineer, they asked me to test the product and share my honest thoughts...
F5 / Citrix / Kemp
How to connect and manage a Citrix NetScaler in the Loadbalancer ADC Portal
As a NetScaler specialist, they asked me to test the product and share my honest thoughts...
How-tos
How to master SSL termination in HAProxy: considerations and configurations
SSL/TLS termination is the most regularly implemented kind of SSL/TLS offload...
AWS / Azure / GCP
Integrating your load balancer with auto scaling groups in EC2 (Amazon AWS)
The Loadbalancer.org for AWS appliance will monitor auto scaling groups, update configs based on auto scaling events and add/remove servers...
Events
Exhibiting at Cloud Expo Europe 2016
We met lots of people and gave away a lot of lanyards...in fact the show organizers ran out of lanyards, so Loadbalancer.org were happy to fill the void...
Open source
How to stop TPROXY when used with HAProxy breaking clients in the real server subnet
Once HAProxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the client bypassing the load balancer...
Application Management
Load balancing Microsoft Remote Desktop Services in AWS
Using the flexibility of both AWS and our Enterprise AWS appliance, it's possible to configure a secure and robust load balanced Remote Desktop Services deployment to suit a range of requirements...
How-tos
Supporting two default gateways on your Load balancer with PBR (Policy Based Routing)
Policy Based Routing is a clever way to give us more control over which routing path connections will take. It allows us to specify custom routing tables and then add rules offering fine grained control over which routing table a connection will use...
Events
Loadbalancer.org buys new head office building in Portsmouth
We thought it was about time we bought our very own office building!..
Security
New PuTTY vulnerability "vuln-ech-overflow" identified - upgrade to 0.66 to protect your environment
Due to the way that PuTTY uses a signed integer variable to store the number of characters to be erased and there was inadequate checking for overflow, there was the potential for an attacker to corrupt important data in certain circumstances...
Events
IP EXPO Europe 2015 - Thank you to everyone who visited our stand
Thank you to everyone who visited our stand at IP Expo 2015...
Security
Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)
Anomaly score based blocking is more flexible and effective than simple first error blocking...
Open source
Transparent Load balancing with HAProxy on Amazon EC2
One of our favorite methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately, because of Amazon's infrastructure, this is not possible in EC2 so we need to use another method which means we are left with layer 4 NAT and transparent HAproxy using TProxy...
Security
Simple Denial of Service DOS attack mitigation using HAProxy
Denial of Service (DOS) attacks can be used to degrade or cripple the functionality of a site...
Security
How do I get an A+ from Qualys SSL, but keep FIPS compliance as well?
Is getting an A+ rating with the Qualys scanner starting to feel a bit like chasing a mythical unicorn? Every time you get close to catching and keeping the beast — it run's away and they change the rules again!..
Security
Shell-shocked by shell shock? I give you "CMD Caret" ^&
There seems to have been so much hype over the recent bash bug, shell shock! And there were all the people in the Microsoft world thinking YES we are so cool we are NOT affected by it!..
Loadbalancer.org product roadmap – new features, release notes and more (as always, a work in progress)
We've had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as and when customer requirements change...
Microsoft
How to enhance Microsoft IIS health checks using VBscript
By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of each real (backend) server. For IIS, this would typically be port 80...
Microsoft
Windows NLB (WNLB) and its disadvantages
WNLB causes switch flooding and does not support multiple scheduling algorithms for distributing client load...
Open source
Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol
By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client...
Security
Heartbleed 2.0? Not exactly but more OpenSSL issues have been found
Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not...
Security
Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160
To ensure complete protection all SSL certificates that have been used with a vulnerable version of OpenSSL should be regenerated using a new private key...
Application Management
Load Balancing Exchange 2013
Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation...
Application Management
Load Balancing Exchange 2010
In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport). Mandatory roles are Mailbox, Client Access and Hub Transport...
Security
Why did my Loadbalancer just fail the PCI compliance test?
Let me first say that I'm not really a fan of PCI scanners. It's not so much that I'm anti security scanners but rather that scanning for vulnerabilities based on only the version number a package returns seems rather simplistic to me...
Open source
SSL offload testing with HAProxy and Stunnel
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested...
HAProxy
3 ways to send HAProxy health check email alerts: Configuration how-to
The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert...