Build Your Skills: Achieve balance among multiple proxy servers

Looks at how to configure multiple proxy servers burdened with too many user requests

Microsoft Proxy Server is a useful product with low overhead. But on very large networks, it’s not uncommon to overload Proxy Server with user requests. Fortunately, you can configure multiple Proxy Servers to handle a large workload. In this Daily Drill Down, we'll show you how.
This article appears courtesy of TechRepublic's TechProGuild, the subscription Web resource for IT administration and support professionals. Among other great benefits, TechProGuild offers in-depth technical articles, e-books, and weekly chats moderated by industry experts on hot topics, such as the latest OS developments and career advancement. Sign up now for a FREE 30-day trial of our TechProGuild service.
How does load balancing work?
Load balancing uses the power of multiple computers simultaneously to tackle a workload that would overwhelm a single computer. Generally speaking, Proxy Server is capable of load balancing the Web Proxy service. Load balancing of the WinSock Proxy and the Socks Proxy services must be performed at the DNS (Domain Name System) or the WINS (Windows Internet Naming Service) level. Strategies for load balancing WinSock and Socks Proxy services include placing a Proxy Server within each subnet to service that particular subnet. Another technique involves using CNAME records in the DNS to switch client requests between Proxy Servers in a round-robin style.

Load balancing works with the Web Proxy service because it's the only proxy service to use the cache. All implementations of load balancing within Proxy Server depend on using the cache files of multiple servers. There are two techniques for doing so: distributed caching and chaining.

Distributed caching
Distributed caching allows active and passive caching to be distributed simultaneously among multiple Proxy Servers. Needless to say, this provides faster client access and some degree of fault tolerance. Distributed caching treats the caches of each Proxy Server within an array as if it were one large cache. It enables you to achieve a larger overall cache size, thus allowing faster client response.

Chaining is another technique for load balancing. Chaining is similar to a DNS server. Client requests are sent to a Proxy Server. If that Proxy Server doesn’t have the requested information within its cache, the request is passed up the chain until a Proxy Server does contain the requested information or until the request must be sent to the Internet. You can chain individual Proxy Servers or arrays of Proxy Servers.

Proxy Server arrays
An array of Proxy Servers includes several Proxy Servers that are treated as if they were one server. You can even administer an array of Proxy Servers like a single server. Setting up an array is also the method that is used to enable distributed caching.

When accessing an array, a client determines which Proxy Server will service its request by sending a mathematical hash. This hash is a number derived from a formula that takes into account such items as the number of Proxy Servers, the URL requested, and the anticipated workload. By using this hash, the Proxy Server array will know which Proxy Server is best suited to handle the job.

Creating an array
Before you create an array, there are a couple of things to keep in mind. First, never administer more than one member of an array at any given time. Doing so causes serious synchronization problems. Second, you must make sure that all potential array members are configured in the same way.

To create an array, open Microsoft Management Console first and navigate to Console Root | Internet Information Server | your server | Web Proxy. Right-click Web Proxy and select Properties from the shortcut menu. When the Web Proxy Service Properties dialog box appears, select the Service tab and click Array. You’ll see the Array dialog box, shown in Figure A.

Figure A
The Array dialog box lets you add and remove Proxy Servers.

Next, click Join Array to display the Join Array dialog box. Here, you can specify the name of another computer in the array. Since this is the first computer to become part of the array, simply enter the name of any Proxy Server you plan to include and click OK. You’ll then be prompted for the name of the new array. Assign a name to the array, and then click OK in each open dialog box to commit the changes and return to Microsoft Management Console.

Now, stop and restart all the proxy services. You can go back to the Array dialog box to confirm that the server is a member of the array. You can also use this dialog box if you need to remove a computer from the array.

Managing an array through REMOTMSP
You can manage any computer within an array by using a command-line utility called REMOTMSP. To view a summary of REMOTMSP’s various commands, type remotmsp -h at the command line, as shown in Figure B. If REMOTMSP doesn’t run, try switching to the MSP folder. The REMOTMSP utility enables you to perform such tasks as displaying the status of an array, synchronizing an array, and setting the workload level of a computer within the array.

Figure B
The REMOTMSP utility enables you to perform several tasks.

For example, to display the status of a Proxy Server array, you could type the following command:
REMOTMSP STATUS –MEMBER:yourcomputername –V

Then, you could synchronize two computers by typing this command:
REMOTMSP SYNC –MEMBER:theothercomputer’sname –V

Finally, you could change your computer’s load factor with this command:

What’s really going on?
So far, we’ve shown you how to create and manage a Proxy Server array, but you may be wondering what’s happening behind the scenes. In a nutshell, each member of an array maintains a copy of an array membership table. The array membership table is a list of array members and their online/offline status. When a client computer sends its hash to a Proxy Server, the client consults the array membership table to learn which Proxy Servers are available. Each member of the array also stores replicated copies of information from the other array members. This information includes such items as domain filters, LAT tables, and user permissions—to name just a few.

Common array issues
If you’ve had trouble setting up an array, there are several common problem areas that you may want to check. First, as we said earlier, you should administer only one member of an array at a time. Administering more than one array can cause serious synchronization problems.

Another common problem involves permissions. Remember that when you’re joining an array, you’re interacting with Windows NT and Proxy Server at a very high level. Therefore, you must have administrative privileges on every machine within the array.

You should also avoid using local user accounts to administer array members. User account information is replicated among account members, and a local account won't be valid on any machine other than the one you’re using. We recommend creating a domain account with the sole purpose of administering Proxy Server.

Finally, not having enough clients or downstream Proxy Servers can result in slow performance. If performance seems excessively slow, try removing some Proxy Servers from the array.

Brien M. Posey is an MCSE who works as a freelance technical writer and as a network engineer for the Department of Defense.

If you'd like to share your opinion, please post a comment at the bottom of this page.

Editor's Picks