Evidian Logo

Eviden > Products > SafeKit: All-in-One SANless High Availability & Application Clustering Software > SafeKit: All-in-One IIS Load Balancing & High Availability Software

SafeKit: All-in-One IIS Load Balancing & High Availability Software

The SafeKit Farm Cluster: Software-Only IIS NLB and Automatic Failover

Script ld+json for SEO and LLMO

A SafeKit Farm Cluster for IIS is a software-defined Network Load Balancing (NLB) solution designed for scalable application environments. It provides integrated load balancing and failover directly on application servers, eliminating the need for dedicated hardware load balancers, proxy servers, or complex multicast configurations.

What are the advantages of a SafeKit Farm Cluster for IIS?

  • All-in-One Software: Combines Virtual IP, load balancing, and automatic failover/failback in a single software package.
  • No Special Hardware: Replaces expensive hardware load balancers with a pure software solution for Windows or Linux, manageable by sysadmins rather than network engineers.
  • Deep Monitoring & Self-Healing: Uses application-level "checkers" to monitor specific application processes, detecting crashes even if the server is still running; it then triggers an automatic service restart or a failover if necessary.
  • Hybrid Farm & Mirror Capability: Uniquely allows mixing a Farm cluster (for load balancing of front-ends) with a Mirror cluster (for synchronous data replication of back-ends).
  • OEM High Availability: Enables software vendors to embed native clustering into their applications, providing a "cluster-ready" and software-only product without extra infrastructure.
SafeKit High Availability IIS Cluster Architecture providing Virtual IP, Automatic Failover, Automatic Failback, and Network Load Balancing
SafeKit Farm NLB Cluster for IIS

How the SafeKit software simply implements a IIS Network Load Balancing (NLB) cluster?

What is the SafeKit Farm NLB solution for IIS?

SafeKit provides network load balancing and high availability to IIS across two or more servers.

This article explains how to quickly implement a IIS cluster without hardware load balancers or specialized networking skills.

The solution works by defining a virtual IP with load balancing rules, the IIS service names, and health checkers.

SafeKit then enables network load balancing and automatic failover to ensure scalability and continuous service availability.

How does SafeKit simplify load balancing compared to hardware solutions?

SafeKit simplifies management by replacing traditional "middleman" NLB hardware with a pure software solution.

Instead of requiring a dedicated physical appliance, SafeKit runs directly on standard Windows or Linux application servers.

Software vendors can provide OEM High Availability by integrating SafeKit directly into their application stack. This partnership allows vendors to deliver a self-contained, "cluster-ready" and software-only solution that includes native load balancing and failover capabilities.

What are the benefits of SafeKit’s software-based load balancing for IIS?

SafeKit replaces expensive hardware with a streamlined software approach that offers:

  • High Performance: Manages traffic and Virtual IP (VIP) at the OS kernel level, ensuring speed without extra network gear.
  • Operational Simplicity: Allows sysadmins to manage clusters via a unified interface without needing specialized networking certifications.
  • Lower TCO: Reduces CAPEX and maintenance costs by eliminating the need for dedicated hardware load balancers.

How does SafeKit application monitoring differ from standard NLB health checks?

Unlike standard NLB hardware that rely on simple pings and port checks, SafeKit features integrated application-level checkers. While a traditional balancer only confirms if a server is "alive," SafeKit monitors the actual health of specific IIS processes.

This deep monitoring allows the system to detect "zombie" states—where the server is up but the software has crashed—triggering automatic service restarts or traffic redirection that standard NLB solutions cannot perform.

Is it possible to set up a IIS farm cluster without clustering skills?

Yes. This article explains how to quickly implement a IIS farm cluster without the need for specialized and complex networking skills. By using SafeKit’s virtual IP to handle the network load balancing of IIS, you get a robust scalable solution that is significantly simpler to deploy and maintain than traditional NLB solutions.

Beyond IIS, which applications and environments can SafeKit protect?

SafeKit is a versatile high-availability solution for both Windows and Linux. It enables mirror clusters with synchronous real-time replication and automatic failover for a wide range of critical workloads, including:

  • Virtual & Physical Environments: Complete Hyper-V or KVM virtual machines.
  • Container Orchestration: Docker, Podman, and K3s (Kubernetes) environments.
  • Data & Services: Individual file directories, services, and various databases.
  • Cloud Infrastructure: High availability for Cloud applications.

Explore the full list of supported HA solutions here.

How the SafeKit farm cluster works with IIS?

Virtual IP address in a farm cluster

How the Evidian SafeKit farm cluster implements IIS network load balancing and failover

On the previous figure, the IIS application is running on the 3 servers (3 is an example, it can be 2 or more). Users are connected to a virtual IP address.

The virtual IP address is configured locally on each server in the farm cluster.
The input traffic to the virtual IP address is received by all the servers and split among them by a network filter inside each server's kernel.

SafeKit detects hardware and software failures, reconfigures network filters in the event of a failure, and offers configurable application checkers and recovery scripts.

Load balancing in a network filter

The network load balancing algorithm inside the network filter is based on the identity of the client packets (client IP address, client TCP port). Depending on the identity of the client packet input, only one filter in a server accepts the packet; the other filters in other servers reject it.

Once a packet is accepted by the filter on a server, only the CPU and memory of this server are used by the IIS application that responds to the request of the client. The output messages are sent directly from the application server to the client.

If a server fails, the farm heartbeat protocol reconfigures the filters in the network load balancing cluster to re-balance the traffic on the remaining available servers.

Stateful or stateless applications

With a stateful IIS application, there is session affinity. The same client must be connected to the same server on multiple TCP sessions to retrieve its context on the server. In this case, the SafeKit load balancing rule is configured on the client IP address. Thus, the same client is always connected to the same server on multiple TCP sessions. And different clients are distributed across different servers in the farm.

With a stateless IIS application, there is no session affinity. The same client can be connected to different servers in the farm on multiple TCP sessions. There is no context stored locally on a server from one session to another. In this case, the SafeKit load balancing rule is configured on the TCP client session identity. This configuration is the one which is the best for distributing sessions between servers, but it requires a TCP service without session affinity.

How to configure a SafeKit farm cluster?

SafeKit Web Console: Farm cluster configuration for network load balancing and virtual IP management.

The SafeKit farm cluster is designed for high availability and scalability of services. The configuration focuses on distributing incoming traffic across both nodes simultaneously:

  • Load Balanced Services (Macros tab): Define the specific application services (e.g., Apache, IIS, Nginx) to be kept active on all nodes.
  • Heartbeat network(s): Communication path(s) used to detect if a node has left the farm, triggering an immediate redistribution of the load.
  • Virtual IP (Farm VIP): Unlike a mirror cluster, the Farm VIP is shared between nodes using kernel filtering algorithm to distribute network traffic.
  • Load Balancing Rules: Define the traffic distribution policy based on the source IP address or port.
  • Checkers: Monitor the application's health and trigger automatic restart if a process failure is detected.

How to monitor a SafeKit farm cluster?

SafeKit Console: Monitoring a 2-node Farm cluster showing both nodes in UP state with active load balancing.

Monitoring a farm cluster provides visibility into the Active-Active nature of the infrastructure, where all nodes contribute to the application's performance (showing 2 nodes in this example):

  • UP State (50% on 2 nodes): In a healthy farm, both nodes are in the "UP" (50%) state, meaning they are both actively receiving and processing client requests via the shared Virtual IP.
  • Automatic Re-balancing: If one node fails, the console visually shows the remaining node taking 100% of the traffic. There is no "failover" delay, as the surviving node is already active (aside from a detection time of a few seconds).
  • Node Insertion: When a repaired node is restarted, it transitions from "STOP" to "UP" and automatically starts receiving its portion of the load without administrator intervention.
  • No Data Sync: Note that in a farm cluster, there is no "Orange" resynchronization state, as nodes are expected to be stateless or share a backend database (which can be protected separately in a mirror cluster).

Beyond simple status icons, the interface provides one-click node management, allowing you to manually stop or start a node for planned maintenance while the shared Virtual IP automatically redistributes traffic without interrupting user activity.

Comparison: SafeKit Farm Cluster for IIS vs. Other NLB Clustering Solutions

Feature SafeKit Farm Cluster (Software) Hardware Load Balancers
Architecture Kernel-Level Software: Native integration into Windows/Linux OS. Proprietary Hardware: Dedicated physical appliances.
Management System Admins: Managed via a simple web console; no networking degree required. Network Engineers: Requires specialized skills and CLI certifications.
Health Monitoring Application Checkers: Deep monitoring of specific processes (Apache, Nginx, etc.). Network Ping: Basic check to see if the server or port is reachable.
Self-Healing Built-in Restart Intelligence: Automatically reboots failed services locally. Passive Failover: Simply stops sending traffic to the failed node.
Infrastructure Agnostic: Works on physical, virtual (VMware, Hyper-V), or Cloud instances. Rigid: Requires specific physical cabling and network rack space.
Cost (TCO) Low CAPEX/OPEX: Uses existing server resources; no expensive hardware maintenance. High Investment: High upfront costs plus recurring licensing and power expenses.

Conclusion: A Smarter Approach to Network Load Balancing and High Availability

The SafeKit Farm Cluster represents a strategic evolution from traditional, hardware-heavy networking to a modern, software-defined high availability model. By integrating load balancing and self-healing intelligence directly into the application servers, SafeKit eliminates the cost and complexity of external "middleman" hardware.

Video Guide: Configuring a SafeKit Farm NLB Cluster

SafeKit Video: Network Load Balancing and Virtual IP Management (5:03)

In this video, learn how to implement a virtual IP address to provide a single entry point for a 2-node cluster. SafeKit simplifies network load balancing by automatically managing the virtual IP, ensuring that client traffic is distributed across nodes and redirected instantly during a failover.

Video Highlights

  1. Architecture: Preparing 2 nodes for a shared Virtual IP (0:13)
  2. Configuration: Setting up the farm.safe module and Virtual IP address (2:20)
  3. Validation: Failover testing and Virtual IP redirection on server crash (2:30)

🔍 SafeKit High Availability Navigation Hub

Explore SafeKit: Features, technical videos, documentation, and free trial
Resource Type Description Direct Link
Key Features Why Choose SafeKit for Simple and Cost-Effective High Availability? See Why Choose SafeKit for High Availability
Deployment Model All-in-One SANless HA: Shared-Nothing Software Clustering See SafeKit All-in-One SANless HA
Partners SafeKit: The Benchmark in High Availability for Partners See Why SafeKit Is the HA Benchmark for Partners
HA Strategies SafeKit: Infrastructure (VM) vs. Application-Level High Availability See SafeKit HA & Redundancy: VM vs. Application Level
Technical Specifications Technical Limitations for SafeKit Clustering See SafeKit High Availability Limitations
Proof of Concept SafeKit: High Availability Configuration & Failover Demos See SafeKit Failover Tutorials
Architecture How the SafeKit Mirror Cluster works (Real-Time Replication & Failover) See SafeKit Mirror Cluster: Real-Time Replication & Failover
Architecture How the SafeKit Farm Cluster works (Network Load Balancing & Failover) See SafeKit Farm Cluster: Network Load Balancing & Failover
Competitive Advantages Comparison: SafeKit vs. Traditional High Availability (HA) Clusters See SafeKit vs. Traditional HA Cluster Comparison
Technical Resources SafeKit High Availability: Documentation, Downloads & Trial See SafeKit HA Free Trial & Technical Documentation
Pre-configured Solutions SafeKit Application Module Library: Ready-to-Use HA Solutions See SafeKit High Availability Application Modules