Load Balancing Terminal Services: All you wanted to know but were afraid to ask (Part 2)

If you missed the previous article in this series please read Load Balancing Terminal Services: All you wanted to know but were afraid to ask (Part 1). 

Microsoft Network Load Balancing (NLB) with Session Directory

Now that you know what NLB means and how it works, it is time to add another Microsoft tool to the picture: Session Directory. First of all, Session Directory is only available on Windows 2003 Server Enterprise Edition and up (so you must pay the extra bucks to get it). And what is it? I am not going to explain it in detail (if you want that explanation, read it here) but will give you a good overview of it. It is basically a service that maintains a database with information regarding your users and on which TS they are working, updated at the time a new connection is made to any TS. This means if your connection drops and you try to reconnect, the load balancing solution will check this database and find where you were and will then reconnect you back to the right server.

PROs

  • Reconnection works!

CONs

  • Requires Windows 2003 Enterprise ($$$$).
  • Not Resource Based.
  • Unpredictable behaviour (as in this example NLB is part of the whole deal; note NLB is NOT required. You can have Session Directory with other load balancers – more in the following sections).
  • Limited to 32 servers (NLB limitation).
  • All servers must be on the same subnet (NLB limitation).
  • Some people find it a PITA to implement (NLB feedback).
  • May not work with non-Windows clients. The issue here is simple: Session Directory uses some sort of token to pass information back to the load balancer and/or RDP client; therefore if your load balancer and/or RDP client does not know what to do with this token, reconnection will not work. That is the case with some Linux clients for example. Even the Microsoft official RDP client for Mac OS X does not support Session Directory (they may have changed that…)!

Third Party tools

By third party tools I mean software based solutions developed by third party companies. We will discuss the hardware route in a separate section. Before we proceed and even mention any software solution from a third party, I must clarify that I am not involved in any way with any of the companies and/or products I may mention. Plus I must say that as of today I did not find one single solution that addresses all the load balancing options/requirements/issues (like reconnection, resource based, etc). Some are pretty close but not all the way there at the time of writing this article.

Before mentioning any names let’s take a look at the PROs and CONs of these tools:

PROs

  • Extra features like SSL encryption from client to the load balancing device running the software.
  • Resource Based.
  • Reconnection works in some cases.

CONs

  • Extra $$$ in some cases (as some tools may be free).
  • Extra hardware may be required (some tools recommend you to install them on a separate machine).
  • May not support all platforms. Depending on the feature the tool has (SSL for example), it may require its own client; in this case before buying any tool make sure the software vendor does support all the target platforms at your company.
  • May require additional software to be installed at the client side. As explained above, to support some extra feature a client component may be required. Here it is not only a matter of having support for all platforms you need, but also how you will deploy this new software to all the machines that will need it. Some vendors have more polished approaches for this (for example, customizable MSIs you can deploy using Group Policies). Make sure you understand exactly all the options the vendor offers in this case.

Some of the tools I know (not that I tried all of them) are:

  • 2X LoadBalancer (http://www.2x.com). Resource based, reconnection support (only for clients that are NOT behind any firewall/NAT), SSL. To use some features, a client is required (available for Windows only). Fully functional demo version available on their website.
  • Clusteresis RDP Load Balancer (http://www.clusteresis.com). Resource based, reconnection support (apparent from anywhere), publishing applications capabilities and Single Sign-on (so users do NOT need to type their usernames/passwords again!). Requires a client component. The software is completely free.
  • Tunnel2 Secure Terminal Server Gateway (http://www.lmis.de/productDescription.do)Reconnection support, SSL. Requires a client component. Demo version available on their website.

Hardware Options

As you can imagine many companies (Cisco, F5, etc) realized the importance of server based computing and some started releasing specialized hardware to provide RDP Load Balancing services. These are usually a small, stand alone unit running some sort of proprietary OS (like some firewalls – SonicWall and Cisco PIX for example) and with all sorts of capabilities (some may have SSL VPN support built-in for example).

PROs

  • Extra features like SSL VPN, RDP on SSL and even more.
  • Reconnection works in some cases.
  • May be resource based. Make sure you contact the hardware vendor and ask them if their product is aware of the terminal services LOAD and not simply if the TS is up or down.
  • Usually one box can load balance hundreds of terminal servers without extra cost.

CONs

  • In some cases HUGE Extra $$$. Some of these hardware appliances run for thousands of dollars
  • Another piece of hardware to manage.
  • May not be that simple to configure/support. The more proprietary the box is (OS running on it is a good example), the harder to support the box may be. You may not even have someone at your company with the required knowledge to setup/support it. This ends up increasing the overall solution cost.
  • May not support all platforms. If the solution is completely client-less then you are ok. But if a client is required make sure you understand in which format this client is available (some I have seen are an ActiveX component for example what means Windows only) and for which platforms.
  • May require a client component as some of these boxes add all kinds of bells and whistles.
  • May require Session Directory -> $$$$$. Some of these boxes rely on session directory for their reconnection capabilities. This means extra money as you now need Windows 2003 Server Enterprise Edition on all your terminal servers. Make sure you ask the vendor if reconnection is supported from anywhere, any client and more important, if something like session directory is required in this case.

Some of the hardware options I am aware of are (some I have tried myself; others I have not tried; therefore I do NOT endorse/recommend any particular product):

Conclusion

As you can see there are many options available. Some are right there, out-of-the-box, and in some cases may do the trick extremely well. The key thing when thinking about load balancing is to understand the business requirements and how critical the whole solution is. Some places can live with a DNS Round Robin for their two terminal servers and do not mind the fact users may get redirected to a dead server; support will just say ‘Try at least twice and you will be ok’. 🙂

For other companies, the idea of having a single point of failure (this will happen if you have one hardware load balancer only for example) is simply unacceptable! In the end, your business requirements and the depth of your pocket will determine the best way to go.

As I always say, read, read and read again about all this stuff and try as many products as you can before deciding the best way to go. And if possible, get a decent TS consultant like me to help you out. I am always available and at very affordable rates. 🙂

Seriously, if you guys have any questions about this article feel free to contact me at anytime. My contact info is on the MSTerminalServices.org website. Cheers!

If you missed the previous article in this series please read Load Balancing Terminal Services: All you wanted to know but were afraid to ask (Part 1).

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top