Load balancing UDP on EC2

I had been tasked with finding a way to load balance UDP on AWS. Normally we would use ipvsadm in at layer 4 DR but because of the limitations in ec2 this is not possible so another method was needed.
So this is a short guide on how to get a simple UDP load balancer running. We will be using pen, it is described as a simple tcp load balancer and has been around for a while.

Even though it is described as a TCP loadbalancer the Zen loadbalancer project has written a patch which will allow pen to load balance UDP which you can download from  http://sourceforge.net/projects/zenloadbalancer/files/zenlb_pen_c.patch/

Once you have downloaded the source code, patch and uncompressed them in the same folder you will need to apply the patch by simply running.

root@penudp:~/pen-0.18.0# patch pen.c zenlb_pen_c.patch

From here it is just the normal build.

make install

And that’s it so now if we run pen we see it now has UDP support.

root@penudp:~/pen-0.18.0# pen
pen [-C addr:port] [-X] [-b sec] [-S N] [-c N] [-e host[:port]] 
[-t sec] [-x N] [-w dir] [-HPWadfhrs] 
[-o option] 
[-E certfile] [-K keyfile] 
[-G cacertfile] [-A cacertdir] 
[-Z] [-R] [-L protocol] 
[host:]port h1[:p1[:maxc1[:hard1[:weight1[:prio1]]]]] [h2[:p2[:maxc2[:hard2[:weight2[:prio2]]]]]] ...
-B host:port abuse server for naughty clients
-C port control port
-T sec tracking time in seconds (0 = forever) [0]
-H add X-Forwarded-For header in http requests
-U use udp protocol support

Now to test this I have just brought up a couple of DNS servers running bind.
These have the address and So we start pen by running:

root@penudp:/# pen -r -U 53

This will start pen listening on port 53 and balance the servers and in round robin mode.

We can then check its running with:

root@penudp:/# netstat -tnulp | grep pen
udp 0 0* 29661/pen

To test it is working I have enabled logging on the DNS servers and will use dig and specify the pen server as the name server.

root@penudp:/# dig @ bbc.com
root@penudp:/# dig @ microsoft.com

Then looking at the bind logs we can see that the connections are being correctly made to each server.

ben@bindd1:~$ tail -n 1 /var/log/syslog
Aug 22 12:42:57 bindd1 named[1372]: client query: bbc.com IN A +E (
root@bind2:/home/ben# tail -n 1 /var/log/syslog
Aug 22 12:43:07 bind2 named[6827]: client query: microsoft.com IN A +E (

You Can Learn More About the LoadBalancer.org’s Product Line By Going to www.LoadBalancerSolutions.com/LoadBalancer-org

The original article/video can be found at Load balancing UDP on EC2

About the Author: Shannon Lewis

Leave a Reply Cancel reply