Load balancing boosts network

Serving more than 300,000 customers from 17 regional operating centers via its direct sales force, Byram Healthcare enjoys strong relationships with referring home health agencies, managed care organizations and healthcare professionals. So, when its team of sales representatives and other customer-facing personnel complained about the lack of responsiveness of Byram’s Web, instant-messaging and e-mail applications, Anthony Acquanita, senior systems administrator, realized that running essential applications and network services on single dedicated servers had reached its limits.

Anthony Acquanita Sr., left, systems administrator for Byram Healthcare, and CIO Richard Entrup chose a load-balancing solution to solve server availability issues.

“There were a couple of moments that kept repeating themselves when we first identified the need for load balancing,” says Acquanita. “We had Web proxy applications, Jabber IM, LDAP authentication and e-mail all running on individual servers, and come Monday morning, they would become unavailable with 100% average utilization on the dedicated servers. Any server that went down would result in a flood of calls to the help desk. That, plus the fact that we could not make changes or upgrades without the user community noticing, led me to push for the introduction of load balancing.”

Headquartered in Milford, Conn., Byram is a provider of disposable medical supplies and services to patients in the home. Led by CIO Richard Entrup, Byram evaluated moving primary and slave services like e-mail, DNS and LDAP to round-robin load balancing using virtual IP addresses. Byram’s IT staff, however, could not afford the time and resources to build a load-balancing system using open source software.

Acquanita considered some of the “obvious choices,” such as traffic-management systems that perform load balancing in hardware. “This was the first time out for load balancing at Byram, so asking us to spring for more than $10,000 for one device–let alone two for failover–was simply out of the question,” he says. “I was familiar with various software load-balancing tools, but we needed something prepackaged. We wanted to focus on configuration and testing for operations, not on building systems from the ground up.”

That is when Acquanita ran across Coyote Point Systems. The company’s Equalizer Series of server load-balancing appliances support the same de facto load-balancing standards as comparable systems, but Coyote Point’s systems are priced comparable to the servers that Byram typically buys, according to Acquanita.

The deployment was not an emergency, simply a typical IT deployment of familiar, standards-based systems, much like adding new servers to the network. Over the course of two months, Byram consolidated four Dell servers that were formerly used to perform multiple services behind a pair of Coyote Point Equalizer Series E350 appliances. Interoperability was seamless with Byram’s Dell switches and Cisco routers, requiring just a few IP address and route changes to “virtualize” servers behind the load-balancing appliances. Applications and network services worked without modification.

“Instead of buying four more servers, we used our server budget to buy two load balancers, which basically performed our server consolidation for us,” explains Entrup. “Our servers can now perform tasks they couldn’t handle before. And we can test new software and take servers down without affecting the quality of experience for the patients, doctors and home healthcare providers, referral organization, insurance companies and other business partners that interact with us through our Web site.”

Server load balancing is particularly useful for applications such as Sendmail that look up DNS entries across multiple DNS servers. If a DNS server becomes unavailable, Sendmail rarely rolls over to secondary servers, explains Acquanita. This means that the DNS service has to be available on one IP address, which is how load balancing works.

Load balancing has its limitations, however. For example, LDAP, which incorporates some redundancy capabilities in software, will not replicate the LDAP database across multiple servers in a pool of load-balanced servers. Also, if the LDAP database becomes corrupted, the load balancer remains unaware of the flaw and will still make the LDAP service available to the network.

The load-balancing deployment did not show up directly on Byram’s bottom line; however, the improvement in the availability of key applications “definitely attracted favorable attention,” recalls Acquanita.

The heart of the solution is enabled by the logic of load balancing, which maintains a number of servers behind the load balancers using a virtual IP network. This led to the only complexity Byram encountered in the load-balancing deployment in that the servers behind the load balancers require a separate subnet.

“The introduction of load balancing did not impact our network operations or the setup of TCP or UDP services, but it did require some trickery in terms of some minor re-architecting to, for example, get our Veritas backup system re-integrated with our servers,” says Acquanita. “However, the benefits far outweigh the inconvenience. The Coyote Point load balancers are priced similar to servers and negate additional costs over time.”

The load balancers also provide an additional layer of DMZ security behind Byram’s existing firewalls. “The load balancer is essentially an application firewall, because as long as you don’t bridge the network behind the load balancer, you’re segregating the servers so that only specific ports and services are available for access by the outside world,” Acquanita says.

Today, Byram’s network performance and reliability are improved, server CPU and I/O bottlenecks have been eliminated, system administration is simplified, and Byram’s 10 virtual clusters are protected by an additional layer of security. In the near future, Byram will add a new cluster, still well within the capacity of the Coyote Point load balancers. “We’re still adding more services to the servers, haven’t had to buy more servers, and can use load balancing to build a pool of additional capacity for years to come if we feel like it.”

In addition, says Acquanita. “From LDAP and RADIUS to DNS and Web proxies, there are very few applications and services you can’t put behind the load balancer. And, because of the appliance’s session persistence, for a particular intensive application session, we can point users to a Web server and keep them connected for the entire duration of their transactions.”