Failover Clustering and Load Balancing
Cerberus FTP Server does not natively support clustering. However, using Active Directory or LDAP authentication, and a hardware or software load balancer (such as Microsoft NLB), you can achieve simple load balancing and failover with Active Directory or LDAP authenticated accounts.
To achieve Active Directory or LDAP-based load balancing, each Cerberus FTP Server machine is configured to point to the same AD or LDAP database, and requests can be load balanced to any of the available servers in that fashion. Many of our customers use such an arrangement for achieving simple failover and load balancing support.
Cerberus FTP Server Professional and Enterprise editions can now be configured to automatically synchronize all user accounts and settings to one or more other Cerberus servers. This new capability allows native Cerberus accounts, as well as customizations to Active Directory and LDAP authentication, to be easily synchronized across several Cerberus instances. Combining the new synchronization manager with shared storage between the Cerberus FTP Server machines allows for multiple active backup and failover servers.
We’ve tested Cerberus with Microsoft Network Load Balancer (NLB), and we have a setup tutorial for NLB available.
High Availability Options
You can also use the synchronization manager in the Professional and Enterprise editions to sync a single primary server instance to one or more secondary server instances. In this configuration, you would make all changes on the primary server, and let the synchronization manager duplicate the settings on the primary server to your secondary active servers.
Load Balancing Exceptions
HTTP/S web client traffic cannot be load balanced using a simple connection balancer. The HTTP/S session database is local to each Cerberus machine, and any load balancer will have to ensure that all of the connections coming from a single IP are routed to the same Cerberus machine.
Another issue that could cause problems is public file sharing. The synchronization manager on the primary server currently runs at an administrator-defined interval to ensure all settings are synced to any secondary active servers. However, load balanced traffic could result in a user connection sharing a file from one of the secondary servers. This shared file entry will not be propagated to the other machines, and will eventually get overwritten the next time the primary server syncs settings. There is no workaround for this limitation at this time.