Frequently Asked Questions

Loadmaster

• How to update the license on a LoadMaster?

  The license can be updated using the following steps If the LoadMaster has access to the Internet: Access LoadMaster Web Interface Navigate to System Configuration > System Administration > Update License Select Online and enter your KEMP ID and Password Press Update License OR If the LoadMaster does not have Internet access you can perform the Offline Method

• Can I use offline licensing with a Free LoadMaster?

  Free LoadMaster is a free of charge Virtual LoadMaster appliance which offers access to the core LoadMaster capabilities. The Free LoadMaster is restricted by capacity and, as such, is ideally suited to low-volume environments such as development, QA and pre-production. Read full article

• How to backup the loadmaster via SCP?

  You can backup and restore the LoadMaster configuration settings as needed. You can take manual backups, but you can also save backups to a remote server. The complete configuration (the Virtual Service, GEO, ESP and base configuration) of the LoadMaster is saved to a single file on the server along with statistical data.

• How to backup the loadmaster via FTP?

  Generate a backup that contains the Virtual Service configuration, the local appliance information and statistics data. The backup does not contain SSL Certificate information. For ease of identification, the backup file name includes the LoadMaster's hostname. Read full article

• How to backup the loadmaster automatically?

  Generate a backup that contains the Virtual Service configuration, the local appliance information and statistics data. The backup does not contain SSL Certificate information. For ease of identification, the backup file name includes the LoadMaster's hostname. Read full article

• How to backup and restore the LoadMaster certificates?

  To backup certificates which have been uploaded to the LoadMaster, follow the steps below:

• How to backup and restore the loadmaster configuration?

  You can backup and restore the LoadMaster configuration settings as needed. You can take manual backups, but you can also save backups to a remote server. The complete configuration (the Virtual Service, GEO, ESP and base configuration) of the LoadMaster is saved to a single file on the server along with statistical data.

• What Load-Balancing scheduling methods are available on the Kemp LoadMaster?

  There are various methods of distributing traffic among a cluster or group of servers. The traffic distribution is based on a load balancing algorithm or scheduling method. The scheduling are applied on a per Virtual service basis. Here is a list of the methods:

• How to Enable SNMP on the Kemp LoadMaster

  To enable SNMP or Simple network management protocol which can be used to monitor the load master unit e.g. CPU load and statistics on the load master.

• What are the network deployment options on the Kemp LoadMaster?

  There are two deployment options, One-Arm and Two-Arm, the distinction is made on a per virtual service basis, the Loadmaster can house a combination of One-Arm and Two-Arm Virtual Services. In fact the Loadmaster can have a Virtual Service that is configured in both methods. One-Arm Deployment

• I want to use the IPS Feature, what IPS rule set is used by the Kemp LoadMaster?

  The IPS feature is only for http traffic, Kemp have a custom built engine for running SNORT rules. please visit www.snort.org for more information where you can download their latest free SNORT rule set or subscribe for the most up to date SNORT rules.

• What VLAN trunking protocol is use on the Kemp LoadMaster?

  The Kemp Loadmaster uses 802.1Q for VLAN Trunking which is the industry standard for VLAN trunking. VLAN trunking is also supported on bonded interfaces.

• How many VS's can you setup on the Kemp Hardware LoadMaster?

  You can setup up to: 256 Virtual Services and 1000 Real Servers on the LoadMaster 2200 500 Virtual Services and 1000 Real Servers with the LoadMaster 2600 1000 Virtual Services and 1000 Real Servers for the LoadMaster 3600 and 5300

• Can my LoadMaster support 4k/4096 bit SSL certificates?

  LoadMaster currently supports key sizes higher than 2048 bit, however increasing the key size reduces the SSL TPS performance non-linearly, so performance with a 4096 bit key will drop substantially (by at least a power of four) compared to a 2048 bit key. In order to achieve the same performance with larger keys, more powerful hardware will be needed.

• How can I reset my LoadMaster to factory defaults?

  A LoadMaster can be reset to factory default values by navigating to System Configuration > System Administration > System Reboot and selecting the button for ‘Reset Machine.’ Alternately, it can be done via the console or SSH navigating to: 7) Utilities -> 1) Software Upgrade -> 3) Reset to Factory Defaults Either way will reset the device to a default state. The only exceptions to this are passwords and licensing

• I would like to increase the throughput for traffic going to and from my virtual service. Does the LoadMaster support interface bonding? How would I set this up?

  The LoadMaster has the ability to bond its interfaces together to provide for additional throughput as well as redundancy. LoadMaster supports two styles of bonding: 802.3ad and Active-Backup. To configure an interface for use with bonding:

• Can I configure the LM interfaces eth0 and eth1 of the same subnet?

  No, you cannot do this. All interfaces configured on the LM must be on different subnets. Each of the LM interfaces are router interfaces and not switch ports so each interface configured must be in a different subnet to each other.

• How do I add real servers that are on a subnet that will not be directly connected to the LoadMaster?

  In order for non-local real servers to work, transparency must be disabled for that virtual service. All balanced traffic must return through the Load Master, non-transparency forces this to occur. Please note that the performance of the traffic will depend on the connection to the real servers as the traffic will be traveling back out of the local network.

• How do I in enable the hover help on the LM?

  In the LM WUI. Click on the System Configuration > Miscellaneous Options > Remote Access option. Enable the Hover Help checkbox. Once enabled, hovering over an item on the WUI will result in a short description being displayed

• How do I get my LM error messages sent to my email?

  This option sends all error messages of the LM to your email address. Here are the following steps:

• How can my LoadMaster help mitigate the impact of a DDoS?

  While LoadMaster is not a security device, it is a hardened Linux appliance and can be applied to help mitigate certain kinds of DDoS attack as part of a well formed DiD strategy.

• My company hosts a website that uses HTTPS. I would like to lessen the burden on the servers by having the LoadMaster decrypt the traffic before it is sent to my server pool, is this possible?

  When dealing with encrypted traffic, the LoadMaster has three ways handling such requests. With this configuration, you will need to import your domain's public certificate and key onto the LoadMaster. This will allow us to decrypt the incoming SSL traffic at the LoadMaster and then pass the traffic to the server unencrypted. In order to support this, the servers must expect and allow secured content to be transmitted over HTTP.

• What are the supported Hypervisor Platforms for a Kemp Virtual LoadMaster?

  The latest list of supported hypervisors for Virtual LoadMaster is available on our support site. Virtual LoadMaster is also available in the Marketplace on the Azure and AWS clouds.

• Templates for the LoadMaster

  Templates are available to add services to the Loadmaster for example services like MAPI, SMTP, and HTTP/HTTPS. To add templates first go to the Kemp documentation site at the following link https://www.kemptechnologies.com/documentation under templates download the templates that you require. The templates will have a .tmpl extension when downloaded. To add the templates to the Loadmaster.

• Does the Kemp LoadMaster come with support?

  Every new Kemp LoadMaster purchase requires the additional minimum purchase of 1 Year Standard Support Subscription. This Subscription level includes 5x10 support, software updates as well as security notifications and patches. Enterprise and Enterprise Plus Subscription options are also available which provide additional functionality, services and 24x7 Support.

• How do I know the current status of my LoadMaster’s support contract?

  The best method to determine when the support contract ends on a specific LoadMaster unit is to e-mail our Sales Department at sales@kemptechnologies.com using the format listed below. Subject: Support Contract Query Body: Contact Name: Company Name: Serial Number of LoadMaster(s):

• What is the High Availability Protocol used on the Kemp LoadMaster?

  The High Availability Protocol used on the Kemp Loadmaster is CARP. CARP works in the same way as Cisco’s VRRP. It uses multicast address 224.0.0.18. In order for CARP to work between a pair of Loadmasters, both Loadmasters need to be on the same broadcast domain.

• I initially purchased a single LoadMaster, but now I am interested in purchasing a second unit to arrange them in a high availability pair. Is this possible and what would be the easiest way to accomplish this?

  Upgrading to a high availability pair may be easier than you would think. It is recommended that you first create a backup of your LoadMaster configuration and potentially create a certificate backup if you had imported any certificates to your LoadMaster. Once you have received licensing for your second LoadMaster, navigate to the WUI of your single LoadMaster. Please note that as this procedure requires reboots.

• What do the colored boxes at the top my HA LoadMaster's WUI represent?

  The real time status of a HA pair can be obtained by examining the two colored indicators on the header of your WUI display. The first square is the HA1 appliance and the second square is the indicator for the HA2 appliance. When correctly configured the two indicators should be colored green. This should be true for all WUI's (HA Shared IP, HA1, and HA2).

• LoadMaster_Host_Name

  These messages are generated by the Syslog Daemon every 20 minutes of inactivity within the KEMP LoadMaster to highlight that the logging daemon is still running on the LoadMaster, for example:

• What is the meaning of the following message in my Kemp LoadMaster logs (Mar 21 11:24:03 kmplb01 -- MARK --)?

  These messages are generated by the Syslog Daemon every 20 minutes of inactivity within the Kemp LoadMaster to highlight that the logging daemon is still running on the Loadmaster. Mar 21 11:24:03 kmplb01 -- MARK -- Mar 21 11:44:04 kmplb01 -- MARK -- Mar 21 12:04:04 kmplb01 -- MARK -- Mar 21 12:24:04 kmplb01 -- MARK --

• How do I know what processes are using CPU on my Kemp LoadMaster?

  To capture all the running processes running on the load masters a PS command can be run. A PS will display the PPID’s of the processes running on the load master. Go to System Configuration – Logging Options – Log Files. Select Debug Options and select Perform a PS and select PS button. A new page will be displayed with the data from the PS.

• Does my LoadMaster support the latest firmware?

  Check the list below, If the unit is 32-bit you can only upgrade as far as LTS If the unit is not on the list below, please check our End of life cycle

• If I upgrade the firmware on my LoadMaster but encounter problems, will I be able to revert to the previous state?

  Yes, the LoadMaster will save your most previous version of firmware. You can revert to the previous version by navigating to your WUI:

• How do I receive the latest firmware for my LoadMaster?

  For all currently supported customers, please contact support with the subject "Firmware Request". In the body of the email please include the serial number of the unit(s) you would like to upgrade, as well as the version of firmware your LoadMaster is currently running. It is advisable to check System Configuration > System Administration > Update Software to ensure that "Choose file" is selectable.

• When I attempt to upgrade the firmware on my LoadMaster, I receive the message " Update not permitted." How do I remedy this?

  For all currently supported customers, please contact support with the subject "License Request". In the body of the email please include the serial number of the unit(s) you would like to upgrade, as well as their current associated use (Single, HA-1, HA-2).