hamburger
close

Blog

March 11, 2013
Category: kemp-tech, rds-2012
Tags: http-secure, hypertext-transfer-protocol, internet-protocol, ip-address, kemp, load-balancers, load-balancing, loadmaster, network-load-balancing, nlb, public-key-infrastructure, remote-desktop-services-2012, security, security-environments, ssl, tcp-port-443, transmission-control-protocol

Load Balance an RDS 2012 RDWA Farm Using a KEMP LoadMaster

This Article shows you how to Load Balance RDS 2012 Remote Desktop Web Access services (RDWA) using KEMP's LoadMaster.

I am using one Kemp VLM 100 in this example.

Configure DNS

Create an A record for the NLB Web Address.

Creating a Virtual service for RDWeb

/images/blog/kemp_rds.png

Select the TCP Port 443

Standard Options:

(/images/blog/persistence-options1.png

Give the service a Name and under scheduling method, select Weighted Least connection.

What is Weighted Least Connection:

"If the servers have different resource capacities the “weighted least connection” method is more applicable: The number of active connections combined with the various weights defined by the administrator generally provides a very balanced utilization of the servers, as it employs the advantages of both worlds. This is, in general, a very fair distribution method, as it uses the ratio of the number of connections and the weight of a server. The server in the cluster with the lowest ratio automatically receives the next request.."

persistence Options: Supper HTTP and Source IP

Timeout: 1 Hour

What is Supper HTTP Persistence:

"Super HTTP is the recommended method for achieving persistence for HTTP and HTTPS services . It  creates a unique fingerprint of the client browser and uses that fingerprint to preserve connectivity to the correct Real Server. The fingerprint is based on the combined values of the User-Agent field and, if present, the Authorization header. Connections with the same header combination will be sent back to the same Real Server."

What is Source IP Persistence:

"Source IP Address persistence uses the source IP address of the incoming request to differentiate between users. This is the simplest method of persistence, and works for all TCP protocols, including those that aren't HTTP related. Source IP Address persistence is the only persistence option that can be used in conjunction with Content Switching or Direct Server Return deployments."

SSL Properties

Import your RDS Cert (SAN Certificate).

/images/blog/kemp_rds2.png

With SSL acceleration, the SSL session is terminated at the LoadMaster.

Why use re-encryption :

  • High security environments Re-encryption means that data is never sent in cleartext.
  • Regulatory requirements HIPAA and financial regulations may require encryption at all times
  • Unsupported Application, Certain applications either require changes or may not support SSL acceleration. Re-encryption avoids changes needed on the application server

Ensure SSL Acceleration and Reencrypt is selected and add the RDWEB SSL Certificate.

ReWrite Rules: None when using the Redirector Feature

Client Certificates: No Client Certificates required

Advanced Properties

Use the default unless using the Port 80 redirector feature.

For more information on the Port 80 Redirector feature:

http://ryanmangansitblog.wordpress.com/2013/09/04/redirect-rds-2012-web-http-traffic-to-https-using-kemps-loadmaster/

Real Servers

/images/blog/real-server-checking.png

Select the HTTPS Protocol from the dropdown.

Real Server Check Parameters URL: /rdweb

Add the RDWA servers.

/images/blog/real-servers2.png

/images/blog/real-servers1.png

There you have it RDS 2012 RDWA Load Balanced using KEMP.

/images/blog/rdwebpage.png

For more information on Kemp load Balancers Please see the link: http://www.kemptechnologies.com/uk or click here to get a quote.

Previous PostNext Post

Welcome to Democratising Clouds, the evolution of Ryanmangansitblog. Explore the latest in Cloud and IT infrastructure through the insightful lens of Ryan Mangan, offering thoughts, opinions, and perspectives.

Copyright © ryanmangansitblog ltd 2016 – 2024. All rights reserved.

LINKS

HomeBlogAbout MeResourcesDisclaimerPrivacy Policy
img

Announcing Second Ed Mastering Azure Virtual Desktop

Building on the success of the first edition, its with pleasure we annonuce the second edition of Azure Virtual Desktop.

img

AI An Accelerator Of Innovation Or A Risky Proposition

In the spectrum of AI, where do we land? Is AI a behemoth ready to take over the world, or is it a catalyst for increased productivity and an accelerator for innovation? After exploring and dissecting the vast landscape that AI encompasses, I propose it is more of the latter.

img

The IT Industry's Skyward Journey: Glimpsing through the Window of Cloud Adoption

Over the past decade, cloud services have steadily ascended to prominence in the Information Technology (IT) sector, often heralded as the pinnacle of organisational aspiration. Chief Information Officers (CIOs) ...

img

Navigating The Fragmented It Landscape

As we navigate the modern software landscape, one trend becomes increasingly evident. Software has traditionally been sold as a perpetual licence, with bundled suites of tools addressing a broad range of productivity needs.

Subscribe