Gateway Load Balancing with Parallels RAS

Load balancing is the process of distributing incoming network traffic to the server farm or server pool using a load balancer. A load balancer is hence a device that sits in front of your servers and routes the client requests to all servers equally. It is configured in a way that ensures that there is no traffic congestion for a single server.   

Load Balancer main Features 

A load balancer can 

 You can select one of the following load balancing algorithms for your load balancer as per your need: 

SSL Offloading with Load Balancer

Secure Sockets Layer (SSL) certificates are provided to websites to ensure their security. SSL traffic required encryption and decryption of traffic. Hence, incoming encrypted traffic hits a web server continuously for the decryption of data. This can overload the web server, thus leading to the need for SSL Offloading. 

SSL Offloading, as the name suggests, is the process of shifting a load of SSL encryption/decryption from the webserver to a separate machine or to different processing devices. SSL offloading can be achieved using the following two processes: 

SSL Termination: SSL termination occurs at the server end of the SSL connection, and it involves sending the data which comes first to a device for encryption. If the data is already encrypted, the device simply forwards the data without any processing done on the webserver side. SSL termination is quick and the most efficient SSL offloading process. 

SSL Bridging: Also called SSL initiation, SSL bridging occurs at the edge of a network. This process decrypts the SSL traffic first, re-encrypts it, and then sends it to the web-server. The same occurs the other way around.   

SSL Offloading takes the load away from the web server, thus allowing it to reallocate its resources to other important tasks. This in turn helps make the website speedy, and more efficient. 

AWS provides Gateway Load Balancers as a service 

Gateway Load Balancers are used to scale, deploy and manage firewalls, inspection systems, and intrusion detection systems. AWS provides these Gateway Load Balancers as a servicethus allowing you to securely exchange traffic. 

 Operating at the third layer of Open Systems Interconnection (OSI) model, a Gateway Load Balancer listens for IP packets across different ports and forwards them to a target group securely using Gateway Load Balancer endpoints. Route tables are used to send traffic to and from Gateway Load Balancer endpoints, which are deployed in the same VPC as the virtual appliances. The endpoints and the application servers are however created in different subnets, enabling you to configure the endpoint as the next hop in the route table for the subnet of the application. 

 The Gateway Load Balancer and the virtual appliance instances exchange traffic using the GENEVE protocol, and support a maximum transmission (MTU) size of 8500 bytes.

Gateway Load Balancing Overview with Parallels RAS

Gateway Load Balancing overcomes the limitations of existing redundant routers by adding load balancing and high availability functionality. Besides being able to set priorities on different gateway routers, Parallels HALB allows the distribution of connections based on workload. Operating in a High Availability configuration, Parallels Remote Application Server intelligently directs traffic among healthy gateways in order to remove single-points-of-failure, optimize utilization, and guarantee always-available applications. Parallels HALB (High Availability Load Balancing) is part of Parallels Remote Application Server (Remote Application Server). It can be installed on Microsoft and VMware hypervisors. Once activated, it sits between the users and gateways in order to guarantee connection availability.

The higher the number of gateways available, the lower the risk of connection failure. Parallels HALB also provides the possibility of running many HALB appliances simultaneously, one acting as the master and the others as slaves. Master and slave appliances share a common or virtual IP, also known as VIP.

Should the master HALB appliance fail, a slave is promoted to master and takes its place seamlessly, without affecting the end-users’ connections.

The SSL decryption process can also be configured to be performed by the HALB appliance, to relieve the load from the gateways. This new feature named SSL Offloading, can be configured during the setup process and managed from the Parallels Remote Application Server console. HALB is easy to deploy, configure, and use. With the intuitive user interface, it can be implemented within minutes. The exceptional performance of Parallels Load Balancing for terminal servers is now fully extended to gateways to guarantee incomparable business continuity.

References:

Gateway Load Balancing Protocol: Wikipedia

Introduction to Gateway Services: Load Balancing: VMware

Try Parallels RAS free now

Leave a Reply