How-tos
Wizardry from our load balancer experts
Open source
How to stop TPROXY when used with HAProxy breaking clients in the real server subnet
Once HAProxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the client bypassing the load balancer...
Application Management
Load balancing Microsoft Remote Desktop Services in AWS
Using the flexibility of both AWS and our Enterprise AWS appliance, it's possible to configure a secure and robust load balanced Remote Desktop Services deployment to suit a range of requirements...
How-tos
Supporting two default gateways on your Load balancer with PBR (Policy Based Routing)
Policy Based Routing is a clever way to give us more control over which routing path connections will take. It allows us to specify custom routing tables and then add rules offering fine grained control over which routing table a connection will use...
Security
Blocking invalid range headers using ModSecurity and/or HAProxy (MS15-034 - CVE-2015-1635)
Anomaly score based blocking is more flexible and effective than simple first error blocking...
Open source
Transparent Load balancing with HAProxy on Amazon EC2
One of our favorite methods of load balancing is using Layer 4 DR because it is transparent and fast. Unfortunately, because of Amazon's infrastructure, this is not possible in EC2 so we need to use another method which means we are left with layer 4 NAT and transparent HAproxy using TProxy...
Security
How do I get an A+ from Qualys SSL, but keep FIPS compliance as well?
Is getting an A+ rating with the Qualys scanner starting to feel a bit like chasing a mythical unicorn? Every time you get close to catching and keeping the beast — it run's away and they change the rules again!..
Open source
Stunnel X-Forward-For (XFF) with HAProxy and the PROXY Protocol
By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client...
Security
Loadbalancer.org releases patch for the OpenSSL heartbleed vulnerability CVE-2014-0160
To ensure complete protection all SSL certificates that have been used with a vulnerable version of OpenSSL should be regenerated using a new private key...
Application Management
Load Balancing Exchange 2013
Exchange 2013 is Microsoft's latest enterprise level messaging and collaboration server. It has been designed for simplicity of scale, hardware utilization, and failure isolation...
Application Management
Load Balancing Exchange 2010
In Exchange 2010, system functionality is split into five server roles (Mailbox, Client Access (CAS), Unified Messaging, Hub Transport (HT) and Edge Transport). Mandatory roles are Mailbox, Client Access and Hub Transport...
Open source
SSL offload testing with HAProxy and Stunnel
There are a lot of SSL offload throughput statistics available for appliances across the internet but rarely do they detail the way they were tested...
HAProxy
3 Ways To Send HAProxy Health Check Email Alerts
The ideal way to monitor the health of the real servers is to to have a dedicated monitoring system in place such as Nagios. However this isn’t always an option, so for some they require the loadbalancer to send an alert...
HAProxy
HAProxy load balancer feedback agent — We've Open Sourced both our Windows and Linux versions for you!
In general when you are load balancing a cluster you can evenly spread the connections through the cluster. However, with some applications, you might get very high load from just a few users doing heavy work, which can compromise performance...
Performance
Look, why can't you just tell me how many people are connected to the load balancer?
I must confess, at certain times it has looked like open warfare would break out between the support team and development team at Loadbalancer.org over the last few months...
HAProxy
HAProxy email alerts guide
As of haproxy-1.6-dev1 it is now possible to send email alerts directly from HAProxy thanks to the excellent work done for us by Simon Horman...
HAProxy
Setting up HAProxy with Transparent Mode on Centos 6.x
Transparent mode with HAProxy allows you to see the IP Address of the clients computer while still having a high availability service using HAProxy...
Application Management
Load Balancing Exchange 2010 CAS Array with HAProxy (Quick Guide)
This Blog is for anyone wanting to load balance the Exchange 2010 CAS role using only open source software...
High Availability
Simple bare metal restore of your load balancer with a USB stick
Does it seem like some appliance vendors go out of their way to make hardware recovery and licencing as difficult as possible?..
Security
Secure Your Web Servers: SSL Termination and BEAST
The BEAST attack is a practical attack based on a protocol vulnerability and mainly affects the client side...
Print
Load balancing Microsoft Print Server
Microsoft Print Server provides a great way to share printers throughout your organisation, but when the print server falls over, the phone quickly starts to ring...
How-tos
NTLM authenticating proxy check script
This script was designed primarily to be tied into Ldirectord but feel free to adapt it to your needs, and if you do make changes dont be a stranger post your adaptations below!..
Application Management
Apache and X-Forwarded-For Header (XFF)
There’s been a lot of debate here in the office about how best to capture both your Loadbalancer’s IP and the Source IP of the user in your access_log in Apache 2.4. This is the tried and tested method we've come up with...
How-tos
IIS and X-Forwarded-For Header (XFF)
Although it's not technically a standard, the X-Forwarded-For (XFF) header is incredibly useful if you have any kind of proxy in front of your web servers...
Performance
G-Zip Compression and Load Balancing
A couple of customers asked if our appliances would do G-Zip compression. In the past we hadn't given it much thought until someone offered us a card to test it!..