Page 1 of 1

Using Multiple SafeSquid-SWG Instance in Load Balancing

Posted: Tue Apr 14, 2020 8:58 am
by aashish97
Hello All,

Setting up Load balancing with Two SafeSquid instance:

A) DNS Round Robin Approach
In the below email i have put up two Explanation pattern, please use any one of them to understand the Round Robin concept and implement it on your end.

--------------------
Explanation
--------------------
Configuring DNS Round Robin in Windows DNS for Load Balancing
You also don’t want the headache of setting up Network Load Balancing (maybe you are on VMWare, where it doesn’t work well anyhow). Load balancing boxes are expensive, so let’s leverage a neat little trick to help us out.
You can setup DNS to actually do what is called Round Robin. It is supported on Windows 2000/2003/2008+ DNS.
Round robin is a local balancing mechanism used by DNS servers to share and distribute network resource loads. To configure DNS round robin, do the following:
• On the DNS server, edit the server properties and enable the Enable round robin option on the Advanced tab (this setting is enabled by default).
• Configure two (or more) servers, each with a different IP address (IP addresses is of SafeSquid Server).
• On the DNS server, create A records that map the same DNS name to each of the different server IP addresses. This allows the DNS server to respond to clients by sending them to any one of the machines while leaving the appearance that a single machine is responding to all clients.
Note: Round robin is a static method for load balancing. If one of the servers in the round robin configuration fails, DNS still sends requests to that failed server.

---------------------------------------------------------
Detailed and one in use Explanation
---------------------------------------------------------
In this approach, you need to first "Enable Round Robin" Server Options in Microsoft DNS Server. and by doing so you can then create a static DNS Entry named as proxy.domain.local to PROXY_IP_1 & proxy.domain.local to PROXY_IP_2
Configuring 2 IP address for the same name.
after doing so when the user does a DNS Request for proxy.domain.local he will receive either of the IP address and on the next DNS Request he will receive the other IP in DNS Response.
this way different users will received different IP for the same Domain Name and thus the traffic will be shifted to the respective SafeSquid Instance
The picture below explains the a quick example of DNS Round Robin
in the below image,
there are 2 entries for Domain Name "test" with different IP, and Round Robin in enabled.
how when we do a nslookup for the first time, there are 2 IP address returned in the priority order.
the client will use the first IP provided in response
the next time when the user again requests IP address for "test"[a new nslookup command will be called a new DNS Request] then the priority order will change as shown in the image.
[Note: A Good Answer as to which IP will be used by the client if multiple IP addresses are provided
LINK: https://serverfault.com/questions/10287 ... le-answers]
multipleIPindnsconfig.jpeg
multipleIPindnsconfig.jpeg (249.57 KiB) Viewed 1193 times