tags:

views:

2231

answers:

6
+4  Q: 

How to gain SSL load balancing!!!

I have to deploy my ASP.NET application into two seperated IIS servers. My application works over HTTPS/TLS. My ASP code has to handle client SSL certificate and it means I can't use simple forward load balancers, because I will never get such certificate from nginx or Apache Load Balancer.

As I understand there is no common (open-source or free) solution for load balancing in Microsoft world and especially for SSL.

I heard about simple DNS balancing, where my domain name would be bound to several ISS servers, and every new client (session) would get IP of one server,and such way I would get simple balancing and SSL support.

Now, I am just at the begging of deployment and it is really interesting to know your opinion of such balancing, or may be to get some recommendations.

Thanks!

A: 

DNS based load balancing should take you a long way. Click here for an article on the subject. For an overview of load balancing in the IIS/ASP world, go here.

Windows Network Load balancing may be a solution for you, here you'll find lots of information about it.

Ludvig A Norin  2008-09-25 09:53:57
A: 

We use Cisco Local Directors, and they seem to handle it fine.

I haven't played with pure software solutions for load balancing, but balance might work fine. I've only used it for purely 1:1 port forwarding.

The advantage of using a balance/LD approach over DNS balancing is that you can easily then use it to take servers out of the pool (for upgrades, deployments, debugging, etc).

Matthew Watson  2008-09-25 09:56:00
A: 

As for me, I can't find another solutions for HTTPS beside DNS balancing. I just have no choice.

???

Alexander Pavlenko  2008-09-25 10:02:38
A: 

Depending on how much money is in your budget there are plenty of solutions out there.

You can use Windows Network Load Balancing on Windows Server for no extra cost. It is reasonably simple to setup and won't get in the way of the client certificate.

 2008-09-25 10:34:23
+3  A: 

Windows NLB is definitely your solution - it sits in the network stack on each of your IIS servers and distributes TCP requests among the member servers. NLB works with SSL traffic, since it distributes via TCP Ports, not the contents of the traffic.

You will need to install the same SSL certs on each server, but other then that, the configuration is trivial.

Christopher_G_Lewis  2008-09-26 14:31:04
A: 

I've successfully been using keepalived on Linux. It's a simple tool that administers http://linuxvirtualserver.org load balancer in a way that you could have fail over load balancing machines and multiple servers.

HeMan  2008-10-18 13:08:50
We have been using it on multiple sites, for example travelocity.co.uk. Our setup was that we had many external ip adresses and mapped them to different ports on the inside. This worked very well.
HeMan  2009-06-25 19:51:03

related questions

IE6 security login (debugging via VirtualPC)
Asp.net Reinstalling a DLL into the GAC
Failed to load resources from resource file.
What does an IISReset do?
How do I secure a folder used to let users upload files?
VBScript/IIS - How do I automatically set ASP.NET version for a particular website
IIS 6/COM+ hangs
Web server farms with IIS ? Basic Infos
.NET 3.5 Service Pack 1 causes 404 pages on ASP.NET Web App
What Url rewriter do you use for ASP.Net?
Publishing to IIS - Best Practices
ASP.NET Proxy Application
PHP on IIS
How do I stop IIS7 dropping my cookies?
HTTPS in IIS 5.1
Best tool for performance testing ASP.NET
Alternative Hostname for an IIS web site for internal access only
SQL Server 2008 FileStream on a Web Server
Solutions for working with multiple branches in ASP.Net
Dual vs. Quadcore on a Webserver
PHP Error - Uploading a file
Visual Studio 2008 debugger already attached work-around
Linux shell equivalent on IIS
Bandwith throttling in IIS 6 by IP Address
Checklist for IIS 6/ASP.NET Windows Authentication?