Load Balancing - What and When

With the need for business’s to provide redundant highly available network services the demand on Load Balancing is growing. This is a look at some of the more common technologies out there from a Microsoft perspective and when to use them in your network.

Microsoft Network Load Banalcing (WNLB):

What – WNLB is a load balancing technology available in all Windows Server OS’s since Windows 2000. WNLB operates by creating either a Unicast or Multicast cluster of upto 32 servers (8 maximum is recommended) providing load balanced services over TCP or UDP ports. This happens by the WNLB Cluster providing a Virtual IP Address (VIP) for the cluster which clients connect to, the NLB then decides which host to direct the traffic to.
When – WNLB is best utilized in small implementations when only a small amount of services need to be Load Balanced. Since WNLB is included with Windows it provides a low cost entry point for high availability and load Balancing.
Limitations – WNLB is a best guess load balancing solution. It is common to see “balanced traffic” at 80/20 utlization. Since NLB only load balances by Source IP this is by design of the NLB and may be more appropriately described as a failover solution first with some load balancing capabilities. While NLB’s can be virtualized additional considerations are needed to implement in a virtual environment. NLB’s are not service aware, which means is you are load balancing port 80 and IIS stops but the host still stays up the NLB will assume the server is healthy and will continue to send traffic to the host. And Lastly NLB’s cannot be located on a host that is also using Windows Clustering Services.

Threat Management Gateway (TMG) / Unified Access Gateway (UAG) / Reverse Proxy
What – TMG/UAG are reverse proxy solutions for load balancing. Reverse Proxies Load Balance by directing client traffic to the proxy and then determining the best host to direct the traffic to behind the proxy. Because Proxies terminate external connections at the proxy and opens its own connection to the host additional security scanning can be performed at the perimeter of the network.
When – Load Balancing with Reverse Proxies is best utilized when you already have a proxy in place and need the added security scanning. Also multiple windows Web services can be added to a single Proxy compared with only 1 per NLB
Limitations – TMG/UAG deployments can only load balance Web services, tcp 80 and 443. This means it cannot load balance internal RPC traffic or smtp connections. They are also not service aware and suffer the same problems as NLB’s in the event of a service failure but not a host failure. TMG/UAG only provide Source IP and LB Created Cookie for load balancing methods

Hardware Load Balancer
What – Hardware Load Balancer usually refers to a physical device placed in your network that provides Load Balancing Services. With many vendors now supplying these devices as virtual appliances a more correct term may be Load Balancing Appliance as the balancer may be physical or virtual. In either case the purpose of these devices is to provide Load Balanced Services for multiple servers and ports with true load balancing. Many of these devices also provide advanced features such as SSL Offloading, Dynamic and Static Compression, and Service aware monitoring, and Global Server Load Balancing.
When – Load Balancing Appliances are best utilized when availability, monitoring, and performance are the main concern. LBA’s can load balance across ports and protocols and support multiple separate servers and applications. Because LBA’s are service aware fast redirection to working hosts can be achieved, and many can also redirect requests across data centers in the event of a total outage. LBA’s provide the largest options in load balancing methods and can be chosen per load balanced service. Many LBA’s provide SSL offloading which in turn lowers the CPU utilization needed on internal SSL connections.
Limitations – The only limitation with LBA’s is the initial cost and continued maintenance of the product. Many vendors offer LBA’s that are cost comparable to TMG/UAG implementations.