Deploying Proxy in NLB Cluster
HTTPS decryption and web content filtering is quite CPU and RAM intensive activities. Sometimes having one instance of Web Filtering Proxy will not be enough to handle traffic of a large user base. In order to scale out the application we can build the cluster of Web Filtering Proxies.
There are a lot of different ways to build a cluster of proxies, in this tutorial we will do that using Microsoft Network Load Balancing (NLB) approach. For deployments in Microsoft Azure the Azure Load Balancing approach may be more appropriate.
We will start the tutorial assuming the following steps were already completed.
| Task | Description |
|---|---|
| Domain | We have deployed an Active Directory domain named nlb.lan. This domain has a domain controller named dc1.nlb.lan with static IP address set to 192.168.4.100. |
| Node 111 | We have deployed a Windows Server 2016 on the proxy111.nlb.lan node with static IP address 192.168.4.111. This is the first node of our future NLB cluster. This node must be joined to our domain. |
| Node 112 | We have deployed a Windows Server 2016 on the proxy112.nlb.lan node with static IP address 192.168.4.112. This is the second node of our future NLB cluster. This node must be joined to our domain. |
| Cluster Info | We will build an NLB cluster with the fully qualified name of proxy.nlb.lan and IP address 192.168.4.110. |
| Proxy Clients | Our proxy clients (browsers) will be directed to use cluster fully qualified domain name proxy.nlb.lan in the browser proxy settings, allowing us to add and remove cluster nodes as needed without any re-configuration of the browsers. |