UDP Load Balancing using PEN Rumi, January 5, 2017 First setup PEN load balancer using this document. After that, keep digging below 🙂 And that’s it, so now if we run pen we see it now has UDP support. root@penudp:~/pen-0.18.0# pen usage: pen [-C addr:port] [-X] [-b sec] [-S N] [-c N] [-e host[:port]] [-t sec] [-x N] [-w dir] [-HPWadfhrs] [-o option] [-E certfile] [-K keyfile] [-G cacertfile] [-A cacertdir] [-Z] [-R] [-L protocol] [host:]port h1[:p1[:maxc1[:hard1[:weight1[:prio1]]]]] [h2[:p2[:maxc2[:hard2[:weight2[:prio2]]]]]] ... -B host:port abuse server for naughty clients -C port control port -T sec tracking time in seconds (0 = forever) [0] -H add X-Forwarded-For header in http requests -U use udp protocol support Now to test this I have just brought up a couple of DNS servers running bind. These have the address 192.168.74.221 and 192.168.74.222. So we start pen by running: root@penudp:/# pen -r -U 53 192.168.74.221:53 192.168.74.222 This will start pen listening on port 53 and balance the servers 192.168.74.221 and 192.168.74.222 in round robin mode. We can then check its running with: root@penudp:/# netstat -tnulp | grep pen udp 0 0 0.0.0.0:53 0.0.0.0:* 29661/pen To test it is working I have enabled logging on the DNS servers and will use dig and specify the pen server as the name server. root@penudp:/# dig @127.0.0.1 bbc.com root@penudp:/# dig @127.0.0.1 microsoft.com Then looking at the bind logs we can see that the connections are being correctly made to each server. ben@bindd1:~$ tail -n 1 /var/log/syslog Aug 22 12:42:57 bindd1 named[1372]: client 192.168.65.219#44048: query: bbc.com IN A +E (192.168.74.221) root@bind2:/home/ben# tail -n 1 /var/log/syslog Aug 22 12:43:07 bind2 named[6827]: client 192.168.65.219#57100: query: microsoft.com IN A +E (192.168.74.222) Administrations Configurations (Linux) LoadBalancerPen