Archive for the ‘haproxy’ Category

EC2 load balancer appliance rocks, and its FREE… for now anyway.

Wednesday, August 25th, 2010

OK, so let me begin by saying that I am both excited and slightly scared by our latest product. I’m excited because after playing around with it in the Amazon cloud, I’ve become slightly addicted to launching multiple instances in different parts of the world and load balancing the traffic seemlessly. I’m slightly scared because this could change our whole business model from hardware load balancer vendor to online SAAS (Software As A Service) provider.

So why does the new Loadbalancer.org EC2 VA rock?

(more…)

Posted in AWS, cloud, haproxy | No Comments »

Load balancing Windows Terminal Server – HAProxy and RDP Cookies or Microsoft Connection Broker

Tuesday, October 27th, 2009

When you have users depending on Windows Terminal Services for their main desktop, it’s a good idea to have more than one Terminal Server. RDP, however, is not an easy protocol to load balance; sessions are long-lived and need to be persistent to a particular server, and users may connect from different source addresses during one session.

The current development version of HAProxy has made an important step forward in making this possible. Thanks to work by Exceliance, it now supports RDP Cookies, offering a solution to the persistence problem.

(more…)

Posted in High Availability, Linux, Load Balancing, haproxy | 5 Comments »

Transparent proxy of SSL traffic using Pound to HAProxy backend patch and howto

Monday, July 20th, 2009

OK so I’ve previously blogged about how to get TPROXY and HAProxy working nicely together. But what if you want to terminate SSL traffic on the load balancer in order to use HaProxy to insert cookies in the standard HTTP stream to the backend servers?

Many thanks to Krisztián Ivancsó  for working on the TPROXY patch for Pound for us, we can finally do this!

(more…)

Posted in High Availability, Linux, Load Balancing, Pound, SSL, haproxy | 7 Comments »

Configure HAProxy with TPROXY kernel for full transparent proxy

Wednesday, February 11th, 2009

Standard Kernel builds don’t support TPROXY ( 2.6.28 does now!).
For example if you use HaProxy as the load balancer then all of the backend servers see the traffic coming from the IP address of the load balancer. TPROXY allows you to make sure the backend servers see the true client IP address in the logs.

Ps. An easier alternative is inserting the clients ip in the x-forwarded-for header (option forwardfor).

For TPROXY to work you need three things:

1) TPROXY compiled into the linux kernel
2) TPROXY / Socket compiled into netfilter / iptables (due in v1.4.3?)
3) HaProxy compiled with the USE_LINUX_TPROXY option

The TPROXY patch for Linux Kernel 2.6.25.11 is here:
http://www.balabit.com/downloads/files/tproxy/tproxy-kernel-2.6.25-20080519-165031-1211208631.tar.bz2

The following is a guide how to install on Centos 5.1:
(more…)

Posted in Linux, Load Balancing, haproxy | 25 Comments »