About the author

Malcolm Turnbull

Malcolm is the founder of Loadbalancer.org a family run company that has generated 13 years strong organic growth using Open Source technology sold as packaged hardware & software solutions. He has a tendency to talk way too much and play devils advocate in any conversation.

26th January 2017

in Load Balancing

Do you remember when you could get fired – for not buying F5?

You might not be old enough to remember the highly effective marketing campaign from IBM, that implied buying from anyone else would get you fired... However, I just read Kemp Technologies mildly amusing press release about replacing F5, and it got me thinking - Is it time that F5 starts to run a similar campaign?

Continue reading...
5th February 2016

in Loadbalancer.org

Loadbalancer.org buys new head office building in Portsmouth

Loadbalancer.org is 13 years old, and we thought it was about time we bought our very own office building!

Continue reading...
17th September 2015

in Load Balancing

How should you compare load balancers?

If you are searching on Google for load balancer comparisons - like I just did... you will come across some blatant sales pitches from various vendors. I myself have been guilty of writing a blog entry or two in the past that may have exaggerated the benefits of Loadbalancer.org over Kemp Technologies :-). For the record I think they are a great company and our only serious competitor at this end of the market place. Anyway back to the point, How do you compare load balancer vendors and products?

Continue reading...
19th August 2015

in High Availability

Why do I need two load balancers?

This question was asked a lot more frequently 10 years ago. In fact we were asked it so often that we used it as the title on the home page for that very reason. It amazed me that people would go to all the effort of configuring a cluster of multiple application servers but only use ONE load balancer! That's just plain stupid.

Continue reading...
19th June 2015

in Business

Times they are a Changin’

Bob Dylan’s lyrics in Times they are a-changin’ are quite poignant in our market: for you, as well as for us! We have been very busy behind the scenes over the last few months surveying the load balancer market from many different perspectives. Our commitment to our customers remains a top priority and the feedback we have received determines how we go forward.

Continue reading...
18th May 2015

in Denial Of Service

Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 – CVE-2015-1635)

Microsoft quietly patched a fairly nasty little bug (MS15-034) in IIS last month: A simple HTTP request with an invalid range header field value to either kill IIS, reveal data or remotely execute code! We haven't seen one of these in a while and obviously you are safe if you have automatic security patching turned on. However, with our renewed focus on web application security, I thought this would be a good example to show how easy virtual patching is with the industry standard tools used in the Loadbalancer.org appliance.

Continue reading...
6th March 2015

in Denial Of Service

Simple Denial of Service DOS attack mitigation using HAProxy

Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I've described how you would implement the techniques using the Loadbalancer.org appliance but they are easily transferable to any HAProxy based cluster.

Continue reading...
1st December 2014

in Business

Black Friday black out protection with HAProxy

The media industry had lots of fun at the expense of e-commerce outlets on Black Friday mercilessly reporting on site crashes and outages . My wife yelled that I needed to 'fix the Internet' when Argos.co.uk would not respond immediately to her demands on Friday evening. However on closer inspection i.e. reading the page Agros was handling the situation in a very fair and simple way. The holding page displayed apologised because the site was very busy, and within about 2 minutes it let her into the web site to start shopping (nice little Javascript re-direct built into the sorry we are busy page). If you need to implement this kind of functionality for your e-commerce site then it is pretty simple to do with the Loadbalancer.org appliance:

Continue reading...
29th September 2014

in High Availability

Loadbalancer.org product roadmap (as always a work in progress)

Understandably we get quite a few requests for a product road map. We've had a chat about this internally and thought that it would be nice to have a permanent post on the blog that we change on the fly as and when customer requirements change. Putting this on the blog enables our customers to express their arguments for and against new features etc. This entry should also give you a better idea of our priorities and how we develop the product:

Continue reading...
15th August 2013

in HAProxy

Open Source Windows service for reporting server load back to HAProxy (load balancer feedback agent).

In general when you are load balancing a cluster you can evenly spread the connections through the cluster and you get pretty consistent and even load balancing. However with some applications such as RDS (Microsoft Terminal Servers), you can get very high load from just a  few users doing heavy work. The solution to this is to use some kind of server load feedback agent. We've had one of these for a while in our product but now with a lot of help from Simon Horman we've managed to integrate the functionality into the main branch of HAproxy. We thought it would be a good idea to open source our previous work on Ldirectord/LVS, make it compatible with HAProxy, and release our Windows service code as GPL.

Continue reading...
17th May 2013

in Disaster recovery

Some small changes to default settings make achieving high availability easier…..

Loadbalancer.org has always been about high-availability, that is the fundamental reason for our products existence. Performance has always been a nice side effect while maintainability of your application cluster is generally a key sub-set of the primary high-availability objective. However it's time for a confession, the default settings for the Loadbalancer.org appliances in a cluster configuration up until v7.5 have been set by default  for both ease of use and certainty of a valid configuration. The default recommendation for setting up or disaster recovery on the high-availability of the cluster (Heartbeat) has been to force a full sync and therefore inflict a small amount of down time in a maintenance window. Whilst we've always had documentation showing how to handle cluster maintenance and configuration with zero downtime it was definitely time for a change.

Continue reading...
4th May 2013

in HAProxy

What do you mean my pipe is saturated?

Some of the most common questions we get at Loadbalancer.org are performance related. It is quite difficult to give a straight answer to these questions as the real answer is the slightly unsatisfactory, " Um... well it depends on your application...". The following graph showing HAProxy performance for different object sizes gives you a much better idea of the problem:


As you can quickly see from this graph, the number of connections/s, bandwidth and object size are all closely correlated. Depending on your application and usage pattern you will get vastly different throughput results from your load balanced cluster.

Continue reading...
23rd April 2013

in Linux

Look why can’t you just tell me how many people are connected to the load balancer?

I must confess, at certain times it has looked like open warfare would break out between the support team and development team at Loadbalancer.org over the last few months. One reason being that a major change in v7.5 is that all connection information is now displayed as a graph (rather than a static number). The support team was convinced that customers just wanted a number, a single number , a golden number... The development team was convinced that such a number was illogical irrelevant and meaningless.... It will be very interesting to see what the customers think!

Continue reading...
23rd February 2013

in Microsoft Exchange

Exchange 2013 – Microsoft finally have an email solution designed for high availability and load balancing

OK, So maybe my blog title is a little harsh. The Microsoft Exchange products have been pretty scaleable since Exchange 2007. Exchange 2010 had some vast improvements and you could tell that the Microsoft engineers had put a lot of effort into trying to ease the painful mess that was load balancing an Exchange 2007 cluster. They even started recommending hardware load balancers and certifying vendors for Exchange 2010 compatibility. But with Exchange 2013 they appear to have started from scratch and written it properly! They actually sat down and said "What do we need to have a scaleable Exchange email cluster?". Funnily enough they came up with the same answer that Loadbalancer.org has been banging on about for last 10 years. In order to have a scaleable cluster, each node in the cluster must be able to handle any user session at any time; i.e. no messing around with persistence, sticky plasters, and hack jobs. Well done Microsoft! But please can you put the same infrastructure architects on your LYNC team? Seriously, who puts 3 DMZs in an enterprise product? I had to put Rob (who made sure Loadbalancer.org gained Microsoft Lync certification) on suicide watch ... comic-sketch_3 "Our DMZ is so secure we cant even get into it!"

Continue reading...
9th March 2012


For any poor sod who needs to deal with the PCI Data Security Standard (PCI DSS)

Any engineer dealing with PCI DSS compliance issues probably looses a little bit of the joy in life :-). Now don't get me wrong, The PCI DSS has a laudable aim and is written quite well and mostly sensibly but like the bible is open to a vast amount of interpretation... So lets start with the fundemental issue: Q. Is my load balancer secure? A. If you have  Firewalled port 22 (SSH) and 9080/9443 (Loadbalancer.org admin ports) then YES IT IS SECURE -  job done, go home.

Continue reading...
Live chat
› Operator: Theo › Theo: Can I help you?
Click here to chat |