HAProxy Enterprise Documentation 2.8r1

Geolocation-based load balancing

You can deliver content to users based on their geographic location.

For example, you can:

  • comply with regulations governing the location of data storage.

  • reduce latency.

  • deliver content that is tailored to users' country and native language.

HAProxy Enterprise with global server load balancing enabled returns the IP address from the closest healthy datacenter or server.

Consider the user experience for a client in France and another in North America, outlined below.

France

North America

I

A client from France asks for the IP address associated with the www.example.com domain name.

A

A client from North America asks for the IP address associated with the www.example.com domain name.

II

HAProxy Enterprise detects the location of the client through the IP address originating the request. HAProxy Enterprise then returns the healthy IP address nearest to the client, selected from the pool of available addresses.

B

HAProxy Enterprise detects the location of the client through the IP address originating the request. HAProxy Enterprise then returns the healthy IP address nearest to the client, selected from the pool of available addresses.

III

The client from France is directed to the Paris datacenter.

C

The client from North America is directed to the Chicago datacenter.

Install and enable the GSLB service

You can store GeoIP database files, typically in a specific format like MaxMind's GeoIP2 or GeoLite2. GeoIP data is information about the geographical location of IP addresses. This data is used in GSLB to determine the optimal routing of client requests based on their geographic location. These database files contain mappings between IP addresses and their corresponding geographical information, such as country, region, city, and latitude/longitude coordinates.

When a client makes a request to the GSLB system, the system can analyze the client's IP address and consult the GeoIP database to determine the client's location. Based on this information, the GSLB system can make intelligent routing decisions to direct the client's request to the most appropriate server or data center that can serve the request efficiently and optimize network performance.

Geobalancing using MaxMind

In order to use Geobalancing in your environment, you will need to download a GeoIP database via MaxMind.

  1. Create your account through the MaxMind website and download the GeoIP databases.

  2. Copy your geolocation database files to a chosen data directory through a utility such as scp or Winscp. For example, store City data at /data/GeoLite2-City.mmdb:

    $ scp GeoLite2-City.mmdb admin@172.16.24.238:/data/geoip/
  3. In your zone file, /etc/hapee-extras/hapee-gslb.conf, include an additional record of type map to use your MaxMind GeoIP2 City database to change the DNS response to contain a datacenter's IP based on the client's location. The map record type refers to a geoip-map section with the same name.

    In the example below, we map the domain www.example.com to the mymap geoip-map section, which uses the geolocation database to return different IP addresses in response to DNS queries depending on whether the client is in France or the United States.

    zone example.com
      ttl 84600
      record @ ttl 900  SOA   ns1 hostmaster 1 7200 30M 3D 900
      record @          NS    ns1.example.com.
      record ns1        A     203.0.113.1   # nameserver: HAProxy IP address
      record alias      CNAME www
      record www        map   mymap
    
    geoip-map mymap
      location-base /data/geoip/GeoLite2-City.mmdb
      location EU/FR/Paris DC1 DC2
      location NA/US/Chicago DC2 DC1
      network 198.51.100.0/24 DC1 DC2
      network 203.0.113.0/24 DC2 DC1

    The geoip-map section directives are as follows:

    geoip-map section directive

    Description

    Example

    location-base

    Absolute path to the geolocation database. You can supply several geolocation database names separated by spaces.

    location-base /data/geoip/GeoLite2-City.mmdb

    location

    The first parameter is a hierarchical path to a geographic region in the order of the continent code, a country ISO code, then more specific regions like state and city name. Refer to the MaxMind reference guide and ISO-3166 for these codes. Note that GSLB will search deeper into the hierarchy if a match is not found at the current layer. For example, you could specify country and city name, but omit the state name between them.

    The second parameter is a space-separated list of answer-list section names (e.g. DC2).

    GSLB directs client requests sent from this location to the first healthy datacenter in the list.

    location NA/US/NY DC2

    network

    As an alternative to using location, which uses geolocation data to choose the datacenter, you can also specify a client IP range. Set a subnet value in CIDR notation followed by an ordered list of datacenters (separated by spaces).

    The second parameter is a space-separated list of answer-list section names (e.g. DC2).

    GSLB directs client requests sent from this subnet to the first healthy datacenter in the list.

    network 198.51.100.0/24 DC1

  4. Create new answer-list sections.

    The answer-list for DC1 contains a list of IP addresses for the datacenter in Europe, while the DC2 answer-list contains a list of IP addresses for the datacenter in North America.

    zone example.com
      ttl 84600
      record @ ttl 900  SOA   ns1 hostmaster 1 7200 30M 3D 900
      record @          NS    ns1.example.com.
      record ns1        A     203.0.113.1   # nameserver: HAProxy IP address
      record alias      CNAME www
      record www        map   mymap
    
    geoip-map mymap
      location-base /var/run/hapee-extras/gslb/geoip/GeoIP2-City.mmdb
      location EU/FR/Paris DC1 DC2
      location NA/US/Chicago DC2 DC1
      network 198.51.100.0/24 DC1 DC2
      network 203.0.113.0/24 DC2 DC1
    
    answer-list DC1
      up_threshold 0.5
      method single-rr
      option tcpchk fall 10 rise 10
      tcp-check connect port 80
      answer-record srv1 198.51.100.1 weight 20
      answer-record srv2 198.51.100.2 weight 20
      answer-record srv3 198.51.100.3 weight 10
      answer-record srv4 2001:db8::4001 weight 20
      answer-record srv5 2001:db8::4002 weight 20
      answer-record srv6 2001:db8::4003 weight 10
    
    answer-list DC2
      up_threshold 0.5
      method single-rr
      option httpchk
      http-check connect
      http-check send uri /health.html hdr host www.example.com
      http-check expect status 200,301,302
      answer-record srv1 203.0.113.10  weight 20
      answer-record srv2 203.0.113.11  weight 20
      answer-record srv3 203.0.113.12  weight 10

    GSLB will send DNS responses based on the location of the client. It will only send either IPv4 or IPv6 addresses, depending on the type of IP addresses the client requests.

    Weights determine how often a particular IP address will be returned, with higher weights being chosen more often. The weight values apply only to the IPv4 or IPv6 pool of IP addresses. In the example, the IPV4 pool of servers and the IPv6 pool of servers have their own total weight sums.

    By specifying method single-rr, HAProxy Enterprise alternates which IP for a datacenter it sends to clients in order to distribute traffic across all servers. In that case, the odds of a server's IP being returned is server weight / sum of all server weights.

    You can set method multi-rr to return multiple IP addresses to the client. In that case, the odds of a server's IP being returned is server weight / max weight value.

    The up_threshold directive determines the percentage of servers that must be up. Otherwise, traffic is routed to a different datacenter altogether.

  5. Save your configuration, close the configuration editor, then apply your changes. Enable and start the GSLB service.

    $ sudo systemctl restart hapee-extras-gslb

Testing

When testing GSLB Geo Balancing, Dig will provide a response from a healthy server that best matches the set geographic preferences. If you have configured your GSLB system to prioritize servers located in the same country as the client, Dig will return a response from a healthy server in that country. For example, if your domain is example.com you can use dig A @127.0.0.1 -p 153 example.com to test.

; <<>> DiG 9.16.1-Ubuntu <<>> example.com @192.168.1.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1809
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;example.com.              IN      A

;; ANSWER SECTION:
example.com.        3600    IN      A       93.184.216.34

;; Query time: 50 msec
;; SERVER: 192.168.1.100#53(192.168.1.100)
;; WHEN: Mon Jul 10 17:02:00 UTC 2023
;; MSG SIZE  rcvd: 57

Next up

Logs and status