This Article shows you how to Load Balance RDS 2012 Remote Desktop Web Access services (RDWA) using KEMP’s LoadMaster.
I am using one Kemp VLM 100 in this example.
Create an A record for the NLB Web Address.
Creating a Virtual service for RDWeb
Select the TCP Port 443
Give the service a Name and under scheduling method, select Weighted Least connection.
What is Weighted Least Connection:
“If the servers have different resource capacities the “weighted least connection” method is more
applicable: The number of active connections combined with the various weights defined by the
administrator generally provides a very balanced utilization of the servers, as it employs the advantages
of both worlds.
This is, in general, a very fair distribution method, as it uses the ratio of the number of connections and
the weight of a server. The server in the cluster with the lowest ratio automatically receives the next
persistence Options: Supper HTTP and Source IP
Timeout: 1 Hour
What is Supper HTTP Persistence:
“Super HTTP is the recommended method for achieving persistence for HTTP and HTTPS services
. It creates a unique fingerprint of the client browser and uses
that fingerprint to preserve connectivity to the correct Real Server. The fingerprint is based on
the combined values of the User-Agent field and, if present, the Authorization header.
Connections with the same header combination will be sent back to the same Real Server.”
What is Source IP Persistence:
“Source IP Address persistence uses the source IP address of the incoming request to
differentiate between users. This is the simplest method of persistence, and works for all TCP
protocols, including those that aren’t HTTP related.
Source IP Address persistence is the only persistence option that can be used in conjunction with
Content Switching or Direct Server Return deployments.”
Import your RDS Cert (SAN Certificate).
With SSL acceleration, the SSL session is terminated at the LoadMaster.
Why use re-encryption :
- High security environments Re-encryption means that data is never sent in cleartext.
- Regulatory requirements HIPAA and financial regulations may require encryption at all times
- Unsupported Application, Certain applications either require changes or may not support SSL acceleration. Re-encryption avoids changes needed on the application server
Ensure SSL Acceleration and Reencrypt is selected and add the RDWEB SSL Certificate.
ReWrite Rules: None when using the Redirector Feature
Client Certificates: No Client Certificates required
Use the default unless using the Port 80 redirector feature.
For more information on the Port 80 Redirector feature:
Select the HTTPS Protocol from the dropdown.
Real Server Check Parameters URL: /rdweb
Add the RDWA servers.
There you have it RDS 2012 RDWA Load Balanced using KEMP.