ITPRO - Kemp Technologies LoadMaster 3600
All KEMP LoadMaster products include 1st year hardware maintenance and support services.
Download .pdf version of this articleBy Dave Mitchell, itpro.co.uk
May 18, 2011
Kemp LoadMasters are affordable application delivery controllers for SMBs. Dave Mitchell takes an exclusive look at the new 3600 server load balancing appliance and sees whether its features are as good as its price.
The majority of application delivery controllers (DLCs), or server load balancers, are priced way beyond the means of SMBs but Kemp Technologies is one of a growing number of vendors that aim to make this technology far more affordable. In this exclusive review we look at its latest LoadMaster 3600 which represents the higher end of a family of four general purpose appliances and with a price tag of PLEASE CALL, looks particularly good value.
ITPRO Value awardThe 3600 provides server load balancing, Layer 4/7 content switching, SSL acceleration for up to 5,000 transactions per second (TPS) and supports 1,000 physical and 1,000 virtual servers out of the box. It supports a number of deployment methods where a single-arm mode uses one network port with all physical and virtual servers on the same network subnet.
We opted for the two-arm mode which keeps physical and virtual servers separated on different subnets. The appliance has eight Gigabit Ethernet ports and for high availability you can use two appliances for failover purposes.
Initial installation is simple as you have three methods of access. The CLI (command line interface) can be accessed with a serial port connection, you can plug in a local monitor and keyboard or simply point a browser at the appliance’s default IP address.
The 3600 adheres to the standard concepts for server load balancing as you create farms using multiple physical servers and assign these to virtual servers. For testing we used a VMware ESX Server 4 system to present multiple ‘real’ servers running web, FTP and mail services. Creating virtual servers was simple as we provided an IP address, port number and protocol and then assigned physical servers to them using their real IP addresses.
Kemp has seven load balancing schemes with the default round robin mode intercepting incoming requests and distributing them to each server in strict rotation. Weighted round robin mode allows priorities to be assigned to each server in the farm thus ensuring the better specified servers are kept the busiest.
Traffic distribution can be based on real servers with the least number of connections. Weightings can also be applied to further control which servers in the farm are used most. Weighted response time is a new scheduling method where the weights for each server are automatically adjusted based on their response times.
An agent can also be used to allow load balancing to adapt to server performance. The agent presents a numerical value between 1 and 100, which defines how busy the server is, to a LoadMaster query. The only drawback is that each real server must be running IIS, rather than an alternative such as Apache or even if it's not being used as a web server, as the LoadMaster expects a web page containing the value.
Kemp should look at adding load balancing features for VM-based server farms. In our sister title PC Pro we exclusively reviewed Coyote Point’s Equalizer E250GX and were impressed with its VLB (virtualisation load balancing) feature which uses parameters such as VM availability and utilisation data to load balance.
For connection persistence the 3600 can use Layer 4 inspection which uses source and destination addresses to ensure traffic from a particular client is always sent to the same physical server. Kemp offers a good range of L7 connection persistence methods which includes cookies, session IDs and URLs along with rules for inspecting HTTP content.
Kemp provides a good range of L4 and L7 persistence controls to ensure users are handled by the same real server during their session.
For SSL acceleration the 3600 uses a Cavium Nitrox hardware accelerator card. Normally, the appliance decrypts SSL traffic and sends it to the internal servers in the clear to improve performance but another new feature allows traffic to be re-encrypted by the appliance before passing it on.
To test the appliance we created a virtual web server with three real servers assigned to it with round robin weighting applied. Using a client system on the external side we pointed a web browser at the virtual IP address and were rewarded with the standard web site we had configured on the real servers.
We load tested the virtual web server using Paessler’s Webserver Stress Tool and configured it to simulate 2,000 users each clicking on a web page every five seconds. With the load ramped up we could see from the LoadMaster’s statistics page that all requests were being evenly distributed across the real servers and during this test Paessler detected no errors.
We also created a virtual FTP server using our three real servers each with an identical download folder containing 6GB of test data. We logged on to the virtual server from three different clients using the FileZilla utility and while downloading the test folder saw that each had been sent to a different real server.
Using the Kerio Connect mail software we also created a virtual server for web mail. Our clients were able to connect normally to the virtual server where they were presented with the standard secure login page and were none the wiser that they were being load balanced.
Other useful features include the option to cache static web content in RAM for faster responses and the ability to apply GZIP compression to HTTP objects. Basic intrusion prevention is also available as the appliance uses SNORT rules to check incoming web traffic and block anything malicious from reaching the real servers.
The 3600 can cache and compress web content and uses SNORT rules to provide intrusion prevention measures.
For the price, the LoadMaster 3600 is a well specified application delivery controller that beats Barracuda’s Load Balancer 640 hands down on value. It’s easy enough to deploy and offers an impressive selection of features for controlling load balancing and connection persistence.