KEMP Technologies Frequently Asked Questions

I want to use the IPS Feature, what IPS rule set is used by the KEMP LoadMaster?

The IPS feature is only for http traffic, KEMP have a custom built engine for running SNORT rules. please visit www.snort.org for more information where you can download their latest free SNORT rule set or subscribe for the most up to date SNORT rules.

What VLAN trunking protocol is use on the KEMP LoadMaster?

The KEMP Loadmaster uses 802.1Q for VLAN Trunking which is the industry standard for VLAN trunking. VLAN trunking is also supported on bonded interfaces.

What Load-Balancing scheduling methods are available on the KEMP LoadMaster?

There are various methods of distributing traffic among a cluster or group of servers. The traffic distribution is based on a load balancing algorithm or scheduling method. The scheduling are applied on a per Virtual service basis. Here is a list of the methods:

  • Round robin
  • Weighted round robin
  • Least connection
  • Weighted least connection
  • Resource based (Adaptive)
  • Fixed weighting
  • Weighted response time
  • Source IP hash

What is the HyperText Transfer Protocol (HTTP)

The Hypertext Transfer Protocol, or HTTP, is the most widely used Application layer protocol in the world today. It forms the basis of the World Wide Web. Its main objective is to provide a method for the retrieval of Hypertext Markup Language (HTML) and other application from any Web sites.

HTTP was first developed in the early 1990s and has been through three main versions:

  • HTTP/0.9: A simplistic first implementation of the protocol that only supported the option to get a Web page, rarely used today.
  • HTTP/1.0: Ratified by the IETF as RFC 1945 in 1996. Keepalive Disabled by default. This version added many data fields, known as headers to the specification. This allowed for other information passing between the client and server, alongside the request and consequent page.
  • HTTP/1.1: Defined in RFC 2068 by the IETF, version 1.1 implemented a number of improvements over and above the 1.0 specification. One of the main improvements of 1.1 over 1.0 was the implementation of techniques such as persistent TCP connections, pipelining,better proxy and cache control to improve performance within HTTP-based applications.

What are the network deployment options on the KEMP LoadMaster?

There are two deployment options, One-Arm and Two-Arm, the distinction is made on a per virtual service basis, the Loadmaster can house a combination of One-Arm and Two-Arm Virtual Services. In fact the Loadmaster can have a Virtual Service that is configured in both methods.

One-Arm Deployment

  • The load balancer has one physical network card connected to one subnet
  • A Single Ethernet port is used for both inbound and outbound traffic on KEMP Load Balancer.
  • Two-Arm Deployment Virtual Services and Real Servers are on different subnets.
  • The load balancer has two network interfaces connected to two subnets - this may be achieved by using two physical network cards or by creating VLANs on a single network interface
  • Virtual Services and Real Servers are on different subnets.

What are the Advantages and disadvantages of Direct Server Return (DSR)?

Advantages:

  • Direct Server Return is ideal for high-bandwidth requirements such as content delivery networks, video games and multimedia.
  • DSR keeps existing IP addresses of the Real Servers

Disadvantages:

  • Works at L4 only
  • Source IP persistence only, No Layer 7 Persistence
  • Requires configuration on Real Servers
  • No Layer 7 Functionality such as SSL offloading, caching, compression, IPS and Content Switching.

Does the KEMP LoadMaster come with support?

Every new KEMP LoadMaster purchase requires the additional minimum purchase of 1 Year Standard Support Subscription. This Subscription level includes 5x10 support, software updates as well as security notifications and patches. Enterprise and Enterprise Plus Subscription options are also available which provide additional functionality, services and 24x7 Support. For full details on all available LoadMaster Subscription options, see https://kemptechnologies.com/subscription/loadmaster-licensing/.

What is the meaning of the following message in my KEMP LoadMaster logs (Mar 21 11:24:03 kmplb01 -- MARK --)?

These messages are generated by the Syslog Daemon every 20 minutes of inactivity within the KEMP LoadMaster to highlight that the logging daemon is still running on the Loadmaster.

Mar 21 11:24:03 kmplb01 -- MARK -- Mar 21 11:44:04 kmplb01 -- MARK -- Mar 21 12:04:04 kmplb01 -- MARK -- Mar 21 12:24:04 kmplb01 -- MARK --

Is there a way to add two or more ports in one Virtual Service?

You can certainly add extra ports for a given Layer 7 Virtual Service on your LoadMaster. This option is not available for Layer 4 Virtual Services.

  1. Select the Virtual Services option
  2. Click on the View/Modify Services option
  3. Click the Modify button
  4. In the Standard Options section add the required port numbers follow by a coma or space e.g. 6001,6002, in the Extra Ports field
  5. Apply the new ports by clicking the Set Extra Ports button

You should now have a ‘+n’ next to your Virtual IP Address under Virtual Services where n refers to the number of added ports.

Meaning of ‘Loading linux..Not enough Memory to load the specified kernel boot:’ error message

The error message below is cause by not having enough memory assigned to your Virtual Loadmaster.

Access your HyperV or VMWare Virtual machine settings and allocate a minimum 512MB.

-----------------------------------------------------------------------------------------------------
Now booting the system.
boot:
Loading linux..Not enough Memory to load the specified kernel.
boot:
Loading linux..Not enough Memory to load the specified kernel.
boot:
Loading linux..Not enough Memory to load the specified kernel.
boot:
Loading linux..Not enough Memory to load the specified kernel.
----------------------------------------------------------------------------------------------------

How do I run a tcpdump on the KEMP LoadMaster Command line?

You can either use SSH or the Console to access your LoadMaster command line.

Tcpdump can be accessed from the configuration Menu via:

7) Utilities -> 9) Diagnostics -> 9) Diagnostic Shell

At the % prompt type tcpdump, as so:

% tcpdump

How do I display via KEMP command line all HTTP packets coming from Source x.x.x.x to Destination x.x.x.x IP address?

From the configuration Menu:

  1. Access the Command Line
  2. 7) Utilities -> 9) Diagnostics -> 9) Diagnostic Shell
  3. %tcpdump src x.x.x.x and dst x.x.x.x and port http

What are the supported Hypervisor Platforms for a KEMP Virtual LoadMaster?

KEMP Virtual Load Balancers can be installed on Microsoft Hyper-V and VMware.

  • Microsoft Hyper-V requires 1GB disk space and at least 1GB memory
  • The minimum requirement for a VMware Environment - ESX, ESXi, and VSphere is 512MB of disk space and at least 1GB memory.
  • VMware Workstation and Player require 512MB disk space and at least 1GB memory.

How to Enable SNMP on the KEMP LoadMaster

To enable Simple Network Management Protocol (SNMP) which can be used to monitor the Loadmaster e.g. Virtual Service Statistics.

  1. Select System Configuration – Logging Options – SNMP Options
  2. Select enable SNMP
  3. To add SNMP client name input the IP or hostname of the SNMP server
  4. Next add the community string, normally Public implies Read-Only and Private implies Read-Write.
  5. The contact name is related to the username of the contact person who has the management information e.g. “KEMP Support”
  6. The location is related to the device location for example “Ireland”
  7. Enable SNMP traps: When enabled this will display the options for Sink1 and Sink2, Sink 1 is related to SNMP v1 and Sink 2 is related to SNMPv2. These options allow the user to specify a list of hosts to which a SNMPv1 or v2 trap will be sent when a trap is created.

How do I know what processes are running on my KEMP LoadMaster?

To capture all the running processes running on the Loadmaster a PS command can be run. A PS will display the PPID’s of the processes running on the load master.

  1. Go to System Configuration – Logging Options – Log Files.
  2. Select Debug Options and select Perform a PS and select PS button.
  3. A new page will be displayed with the data from the PS.

Add port 80 redirect.

You can enable a port 80 redirect for a HTTPS virtual service.

  1. Select Virtual Services – View Modify Service.
  2. Select the HTTPS service for port 443 and select modify.
  3. Under the virtual service select Advanced Properties and select Add HTTP Redirector under Add a Port 80 Redirector VS

This will create a redirect Virtual Service on port 80 that will redirect the traffic received on it to the HTTPS 443 virtual services running on the Loadmaster.

Enable L7 transparency

How to enable L7 transparency so real servers can sees all the client IP addresses in their logs.

To enable L7 transparency

  1. Select Virtual Service and go to View/Modify Service
  2. Select Modify on Virtual services and go to standard options
  3. Select enable on L7 transparency

For L7 transparency to work, Clients IP addresses needs to be on a different IP subnet compared to the real servers.

Change the real servers default gateway to the IP address of the loadmasters or if set up in HA pair the Shared IP address of the Loadmaster.

  • When these changes are made real servers will see the client IP addresses.

Automated backup

To perform automated backup. Firstly set up a FTP server and create a user account for on the FTP server.

Steps to access automated backup feature

  1. Select Systems Configuration – Systems Administration – Backup/Restore
  2. Click Enable Automated Backups
  3. Select the time to perform the backup which can be Daily or on a set day of the week.
  4. Input FTP username and password
  5. Remote IP address which is the IP address of their FTP server
  6. Remote Pathname specify the remote path on the FTP server - Optional

The backup will be performed at the selected time.

Update firmware.

Firstly find out what is the currently version of firmware that is loaded on your loadmaster select home on your loadmaster. Under loadmaster version this will show the current version of firmware that is installed e.g. 6.0-34. Next forward this information with details on the loadmaster serial number and model version to emeasupport@kemptechnologies.com and the support team will confirm the latest version of firmware for your model.

Prior to updating the Loadmaster firmware, please ensure the configuration and SSL certs have been backed up.

  1. Select System Configuration – Systems Administration – Update Software.
  2. Select choose File and select the update file for the latest firmware version.
  3. Select Update machine. The update will take a few minutes.
  4. Next select Rebooting Now.
  5. The LM will update to latest version of the load master

After reboot to confirm the loadmaster has been upgraded to the latest firmware select Home on the loadmaster and confirm the firmware has been update to the select version.

  • NOTE: It is recommended to delete your browser cache after upgrading.

Enable Extra Ports

Some customers need to add extra ports under their virtual services for example for MS Exchange MAPI services. With this feature the virtual service will listen to these extra ports under this virtual service ensuring persistency across all ports.

  1. Go to Virtual Services – View/Modify Services
  2. Click on the VS which you what to add extra ports click on modify
  3. Under Standard Options –> Extra Ports, add the extra ports separated by spaces.