Aaron West

Comparisons

How many network ports do you need on a hardware load balancer?

The only real reason for separate network ports is physical redundancy. Because the other primary reason (security segregation) can be easily implemented using VLANs...

Aaron West

• 6 mins

Comparisons

Does your F5 migration need a Jenga consultant?

Look, let’s make this very clear, we love F5, we think they are awesome, the best ADC in the market. But sometimes they make you want to cry!..

Aaron West

• 3 mins

Performance

Why won't NFSv3 just die already?

I ran into a problem recently where a customer was working to load balance NFS to their scale-out NAS product, they were saying that it mounted fine but “showmount -e” just wouldn’t work properly from their Linux client...

Aaron West

• 4 mins

GSLB

Choosing the best option to host across multiple locations or data centers

Organizations are moving away from the traditional data center model, and favoring a hybrid approach to hosting their systems and applications, that involves multiple sites, providers and even cloud environments...

Aaron West

• 8 mins

WAF

How to train your Web Application Firewall (WAF)

Let's look at the best way to use the WAF with as little pain as possible!..

Aaron West

• 11 mins

Security

Healthcare IT should listen to Amazon's Werner Vogels: “Dance Like Nobody’s Watching. Encrypt Like Everyone Is”

Find out why Werner Vogels' comments ring especially true for healthcare data...

Aaron West

• 5 mins

AWS / Azure / GCP

AWS Reservations, Savings Plans, and Spot Instances

I often hear that AWS seems expensive, in most cases, this is because people are not fully aware of the best cost-saving practices. Amazon offers many tools to help keep costs down and is always working to improve on these. One such recent improvement is the new "AWS Savings Plans"...

Aaron West

• 6 mins

Open source

Anatomy of a partnership: Working and learning with Smoothwall

We were delighted last week to host Smoothwall for a day with our team. Fuelled by coffee and Krispy Kreme doughnuts, our discussions helped us learn from one another so that we can work together even more effectively...

Aaron West

• 3 mins

Performance

Load balancing your load balancers for a crazy amount of SSL TPS

The plan is to use an inexpensive pair of load balancers - using Layer 4 DR mode for maximum throughput and transparency - to load balance some more mid to high-end load balancers. This enables us to handle the SSL offload at a much more affordable price than simply buying a big box...

Aaron West

• 4 mins

Direct Server Return

Direct Server Return (DSR) is simply awesome - here’s why...

Direct Server Return (DSR) is my favorite way to load balance application servers because it’s simple, transparent, and super fast...

Aaron West

• 5 mins

GSLB

I've finally found a decent reason to use Global Server Load Balancing (GSLB)!

Yes, it's the end of an era... after many years arguing that GSLB has no place on a proper load balancer, I've finally found a solid reason to add one to our product. Yes, you read that right! I've officially surrendered and given you a new GSLB to play with...!..

Aaron West

• 14 mins

High Availability

Enterprise load balancer for Nutanix by Loadbalancer.org

Nutanix offers a hyper-converged infrastructure (HCI) platform that integrates virtualization, computing, networking, storage, and security resources into a single system...

Aaron West

• 4 mins

Direct Server Return

Yahoo’s L3 Direct Server Return (DSR), an alternative to LVS-TUN, explored.

L3 DSR is an alternative technique to achieve direct server return at Layer 3. Instead of using an IPIP tunnel like LVS-TUN it changes the destination IP address like LVS-NAT when sending the traffic to the real server...

Aaron West

• 6 mins

Direct Server Return

Layer 4 Direct Routing (LVS-DR) and Layer 4 TUN (LVS-TUN) in AWS

LVS-DR and LVS-TUN are both forms of Direct Server Return where the load balancer only has to deal with one half of the connection...

Aaron West

• 6 mins

How-tos

Client Certificate Authentication with HAProxy

Using client certificates for security is a pretty cool idea! You can protect an entire application or even just a specific Uniform Resource Identifier (URI) to only those that provide a valid client certificate...

Aaron West

• 9 mins

Security

How to stop web form spam — use a simple honey pot trap in ModSecurity...

How frustrating do you find it when hackers or robots fill in your website forms with "Buy Viagra Now!" type spam?..

Aaron West

• 4 mins

What exactly is a reverse proxy? Reverse proxy v forward proxy

Technically, the only mode on a load balancer that is a real Reverse Proxy is Layer 7 mode. Whereas all Layer 4 load balancing modes such as NAT, DR and TUN are nothing like a reverse proxy. The clients are effectively talking directly (transparently) to the backend servers...

Aaron West

• 3 mins

How-tos

Loadbalancer.org Enterprise VA with oVirt(RHEV) 4.1

The appliance works quite nicely in a oVirt environment and should work just as well with a full Red Hat’s Enterprise Virtualization environment (RHEV)!..

Aaron West

• 3 mins

How-tos

Loadbalancer.org with Let's Encrypt - quick and dirty!

Let’s Encrypt offers us a free way to get SSL certificates with the aim of being less complex than other current solutions...

Aaron West

• 7 mins

GSLB

GSLB — Why Global Server Load Balancers don’t always suck? (Polaris-GSLB) Part 2

In part one we were introduced to Polaris-GSLB which is a cool little open source GSLB solution. In part two of this Blog I’m going to show you how to build Polaris-GSLB on CentOS 7...

Aaron West

• 3 mins

GSLB

GSLB – Why Global Server Load Balancers don't always suck? (Polaris-GSLB)

Here at Loadbalancer.org we’re not known for being huge fans of GSLB solutions as some of our customers may already know...

Aaron West

• 4 mins

Healthcare

I didn't realise NTP was so important for medical imaging systems like PACS and VNA

We can write custom health checks specific to your environment checking availability of servers as well as other backend systems such as REST servers, databases and storage...

Aaron West

• 3 mins

Open source

How to stop TPROXY when used with HAProxy breaking clients in the real server subnet

Once HAProxy is running transparently, it will allow the real server to see the client IP so the real server will reply directly back to the client bypassing the load balancer...

Aaron West

• 3 mins

How-tos

Supporting two default gateways on your Load balancer with PBR (Policy Based Routing)

Policy Based Routing is a clever way to give us more control over which routing path connections will take. It allows us to specify custom routing tables and then add rules offering fine grained control over which routing table a connection will use...

Aaron West

• 4 mins