You need to put a Load Balancer in your home network….it’s amazing!! Download the FREE Kemp Load Balancer: bit.ly/2SBlnNF Learn more about Kemp: bit.ly/3gG2zos 🧪🧪Downloads and guide: bit.ly/3zEGWx8 🔥🔥Join the NetworkChuck membership: bit.ly/3riRhek SUPPORT NETWORKCHUCK --------------------------------------------------- ➡️NetworkChuck membership: bit.ly/3riRhek ☕☕ COFFEE and MERCH: NetworkChuck.coffee Check out my new channel, bit.ly/nc_clips 🆘🆘NEED HELP?? Join the Discord Server: discord.gg/networkchuck STUDY WITH ME on Twitch: bit.ly/nc_twitch READY TO LEARN?? --------------------------------------------------- -Learn Python: bit.ly/3rzZjzz -Get your CCNA: bit.ly/nc-ccna FOLLOW ME EVERYWHERE --------------------------------------------------- Instagram: instagram.com/networkchuck/ Twitter: twitter.com/networkchuck Facebook: facebook.com/NetworkChuck/ Join the Discord server: bit.ly/nc-discord 0:00 ⏩ Intro 1:36 ⏩ What you need 2:50 ⏩ What is a Load Balancer?? 4:39 ⏩ Why put it in your network? 7:30 ⏩ STEP 1: Install the Kemp Load Balancer (esxi) 11:24 ⏩ STEP 2: Load Balancer Initial Setup 17:50 ⏩ STEP 3: Setup your Domain Name (for FREE) 19:39 ⏩ STEP 4: Cloudflare Setup 23:11 ⏩ STEP 5: SSL Certificates (Install) 30:16 ⏩ STEP 6: Port Forward 443 31:00 ⏩ STEP 7: Setup Content Switching (mAGIC!!) 39:45 ⏩ RECAP: What we did and why AFFILIATES & REFERRALS --------------------------------------------------- (GEAR I USE...STUFF I RECOMMEND) My network gear: geni.us/L6wyIUj Amazon Affiliate Store: www.amazon.com/shop/networkchuck Buy a Raspberry Pi: geni.us/aBeqAL #loadbalancer #kemp #homenetwork
Hey chuck i need your help . This a challenge for you . I have a spare router and i was wondering if it was possible to convert the router into a WiFi adapter to use it with my Kali Linux . Is there some way thought which i was put my router into monitor mode to use aircrack-ng and other commands . love from India . stay safe your a legend . i really enjoy watching all of your videos it motivates me a lot
3 ปีที่แล้ว +1
Chuck I love your enthusiasm in you vids. Your videos makes learning fun and entertaining. Keep on doing so I can learn more from you. Thanks and have a nice weekend. 👍
Because of you, I have gone out and bought a synology NAS, I have started a load balancer and started playing VM's. I could not be happier, and I bow down, and appreciate you. This is what I have been asking to learn how to do for a long time, and no one is able to break it down like you and make it fun. thanks.
Bro you hit it right on point.! You're channel is a life saver all wrapped up in a "teeny-weeny living space"... Wicked cool! Thanks my friend, you're Killin it.
You do two things that make learning from you fun: - You have no fluff. You dont waste our time. - You have energy, and seem to genuinly like the thing. Thank you.
You really have a gift for this. Not just the technical part, but the enthusiasm and ability to deliver a technical brain dump that appeals to everyone from us old greybeards to the casuals. Fantastic channel, man. Please keep it up.
I have been an F5 (competitor to Kemp) administrator for large organizations. Learning this is good stuff folks. This will teach you how many many organizations including companies like Netflix handle creating pools of resources and automatically take faulty systems out of the mix with monitors.
Thanks for making our life easier brother. This is exactly what we have been looking for. You just covered a complete manual devops lifecycle in 40 minutes. Hats off bro. I am gonna set it up in my home network and on a single machine to play around.
I'm a senior engineer and even though I work with this stuff everyday I still enjoy your videos. I think it is fun to see someone else buzzing on from coffee like I do. Love the energy.
I think he makes Networking and the things you can do with the underlying skills far more cool than what seems the traditional skills. To some it may seem like normal things. To others it’s just cool ways to use Tech, the skills, and other apps with them having a NAS at home in unconventional ways to do Cool Stuff. And that to me is just so cool. As I get excited about that and clearly too others are.
Seems like a mixing of terms, this is more a reverse proxy than a load balancer (a reverse proxy can load balance - DNS roundrobin etc). Nginx is one example and is one of if not the most common. This does have an interface out the box though.
@@thecasualheroes7397 I was also thinking he has two ssl sessions. One between the end user and cloudflare AND one between cloudflare and the server. Now I get the end to end encryption part but I can't help but notice that CF is now a MITM. Just eliminate the MITM and have the letsencrypt session created on the server itself and not allow CF to do it for you. That topology with two lock on each end of CF looks very shady.
For those who struggled like I did, if around 14:13 you rstatus comes up "disabled" go back and modify the subVS and add port 443 as the "checked port"
I'm having to write a report on a cloud-based network architecture for my internship, and discussing load balancing was a requirement. This video helped me a lot. Thanks Chuck and God Bless🙂
Hey man, I just wanted to tell you this is probably one of my favorite videos from you yet. I love that you bring so much energy and you're genuinely happy when things are working. I'll be seetting this up in my lab. This is so cool!
Load balancers are awesome. We are using a custom one for 20 Gbit/s science data transfers. Without a load balancer servers would crash during peak times, replacing any would require a downtime. For home, once you are more confident with the setup, raspberry pi as a load balancer might fit your needs too (I used to have a cluster running on my desk with one of them doing the balancing).
@@paulbckr You can get a simple one up and running with nginx (docker or native). Everything else will depend on your requirements (e.g. "smart" balancing, for which you might need more resources)
in a previous life i was in IT, it was this sort of stuff i loved to do....before you even got into setting anything up i was already amped up and ready to set this up. thank you for restoring some of the joy of IT that i had lost.
Isn't this nearly the same with the only difference that the one (load balancer (LB)) can balance the load and a reverse proxy (RP) doesn't do this on it's own (maybe with some modules enabled or so and configured)? I think in this case it's ok to call it a LB, because he uses it's functionality for his website (they have the same url but point to two different ip-addresses). Most of the people out there doesn't need a LB. They would be totally fine with a simple RP. But I have to say that what I have seen so far, the ease of configuration with this LB, would be better for most people instead of configure apache or nginx config files with vim. PS. I have seen after I wrote the stuff that other comments have the exact same point...
@@Romanicus90 I understand what you’re saying, and i get that this is really a nitpick, but my problem is people who are watching this and don’t understand it all will think that load balancers do what he’s doing. But…they don’t. He just happens to be using a layer 7 load balancer that also has reverse proxy functions. There’s tons of different kinds of LBs out there and not all will do this. So, all I’m getting at is he should’ve worded things better so people don’t get confused more.
@@sebastianespinosa1182 I agree - this is a load balancer. He is using it mostly for reverse proxy but he did setup two websites behind it. Not sure if he is doing round Robin or least connections or what on it. Either way, just like a L7 firewall is still a firewall and we don't call it a IDS/IPS device, a L7 LB is still a load balancer.
There's one thing missing in this. While you have a static IP for your home (likely due to you being a business customer for your ISP), it's not likely to be true for a variety of end users. So another service like Dynamic DNS might be needed to update any IP changes for their home network. Otherwise their services might just stop working at some point.
Pretty sure if I remember correctly, it is possible to automatically update any IP changes with a certain Cloudflare tool, and would only require a simple change on Cloudflare's DNS Records. (correct me if I am wrong I may be getting confused with another one)
@@Kannaaaa I've tried this. But cloudflare blocks ddns updates via their API from freenom TLD, .tk, .ml etc. Kinda sucks honestly. So if you have a dynamic ip this won't work, you'll need another domain.
@@RoyArneOlsen I believe if you use a Firewall/Router like PfSense, they have the option to use the DynDNS service, which is how I got around not having a business internet connection when I was doing all my stuff on-prem.
I do not usually comment on videos but i need to let you know that your videos are extremly helpful because i am a noob at the best for and the way you explain is very natural and in depth which is rare for us beginners.
The problem with tutorials like this is even when they're good, like this one, they look at a few facets of the problem, while leaving lots out. A pro will see issues and risks and will know how to overcome those, or where to look. Amateurs like many who're watching your channel for insight or rather a walkthrough often won't. What is needed in this case is a Definitive Guide on remote-accessing your stuff. It should include: - options: LB, VPNs, zerotier (both public and self hosted), cloudflare tunnels, reverse proxies, combinations thereof - pros and cons, preferably in a systemized fashion (easy of use, cost, resource requirements, hardware requirements, bandwidth cap, user cap, trust issues, exposure risks, free-suddenly-becoming-not-so-free, provider going out of business etc) - potential issues people often face including cgnat, dynamic ip, blocking of since services in despotic countries, recovery if your hardware goes down - best combination of those methods for cost, easy management, security, availability (e.g. zerotier + wireguard failover).
If you needed multiple servers on your network to serve a website, to distribute load, you would then use a load balancer to distribute incoming connections to the various back end webservers. This configuration is much more a reverse proxy than a load balancer, which is a useful thing but it isn't balancing loads. Also, for multiple DNS records that point to the same IP you could use CNAME records instead of additional A records. This would be especially useful for anyone that doesn't have a static IP address so you don't have to update multiple records anytime your IP changes. (Really you should setup dynamic DNS, which CloudFlare supports, if you don't have a static IP). Lastly, you want to be careful what you expose to the internet. I would not recommend putting your NAS, ESXi, Proxmox or other services like it directly on the internet. To access things like that you're much better off setting up a VPN into your network instead.
hey, just came back to this video some time later to say thank you! because of you, i got myself a MikroTik router, used my old PC as a server with TrueNAS, and I set up a bunch of services in their own jails, same fashion as here except I just used nginx instead of the load balancer. works just as well, also only one port open!(actually two bc I also have 80 but I might get Cloudflare to take care of it) it's dope to be my own website host, i think this is the true spirit of the internet, interconnected networks, everyone! you too, for free(or at a cost of a domain if you wanna go fancy), can have your own space on the web, if you only put a bit of work into it.
So came across this video was recommended. Now I'm all excited to try this in the morning that now I have to take a sleeping pill cuz I won't be able to sleep cuz that's how excited I am to do this tomorrow. Thanks man you're amazing
This may be an advertisement, but Dang! he is spoon-feeding you through the set-up! So that even slightly techies can do this! A great ad for a great product, plus it's Free!!!
One of my Favs that people don't seem to notice or even think about when getting all the free stuff. "If you are not paying for it, you're not the customer; you're the product being sold."
Excellent video Chuck! Everything worked great. Just to help the community if they had problems in the beginning with port 443 without SSL certificate like me. Just enable SSL Acceleration in the SSL Properties for the Virtual Service created.
Thanks for this Chuck! I did something similar to this about 10 years ago using HAproxy on my pfSense VM, haven't really bothered to set it back up since moving interstate & leaving my old homelab setup behind. but my new home lab is growing & I think it's about time that I get my private cloud back online. Thanks for the kick in the pants! Something you've missed here, is that you can also add services hosted on a public VPS to your load ballancer, This lets you have cross site failover.
Yeah thought the same. I thought why would I need a loadbalancer. Then saw for what and I thought yeah that's what my NAS does now. A reverse proxy. I don't have 2 servers for the same purpose so don't need loadbalancing
most LB's will work as an RP but not many 'Reserve Proxy' headline products will also load balance. He did also show load balancing which is a super handy thing to know in enterprise/medium business environments.
@@islandersean2213 depends if you need one. Do you have multiple servers doing the same thing? If yes you need a loadbalancer. If you have multiple servers doing different things you need a reverse proxy.
Great video! Your enthusiasm and energy for the subject really helps the viewer absorb this information. My calculus professor conveyed the subject in a similar matter. Goes a long way.
Another easy to follow guide! From someone that works in the IT industry this is exactly what we all need. I'm looking to get myself a VMware capable server, do you have any recommendations? Keep making these awesome videos!
Thanks Chuck! A great video. This has prompted me to do a similar thing on my small home network using the Synology Reverse Proxy option. Just trying to figure out how to install the certificate, it's a bit tricky.
Nice video and good to know that kemp is giving kemps VM for free for testing purposes. As an advice loadbalancer isnt a reverse proxy and the most important advice DO NOT give you certificate keys to any 3party company as they can decrypt your traffic. Nice work man as usual
Thank you for this wonderful content. I really appreciate the insight and have already implemented it on my network. In some cases, (like mine) people do not have access to Fixed IP and instead rely on dynamic IPs from our ISP. A useful follow-up would be how to enable dynamic DNS from Unifi to Cloudflare.
Hey Chuck, this is a a great video, and I installed a kemp load balancer in my home lab. I had to rebuild my server and quickly found out that Kemp is no longer free. Would you consider doing a load balancing video on Haproxy or nGninx or some other perpetually free load balancing service? Cheers.
A long time ago, there was one switch (not a router) produced, with a, God damn, clever and simple function - bypassing anything on "dead" state. This is a right way for load balancing and system durability. Solid, hardware switch. These "Extreme Networks" BGP style ways are useless, easy to interfare and harm. Possibly similar forum.mikrotik.com/viewtopic.php?t=106092 But, other device. Redundancy is a flexible topic. And infinite to and for discuss.
Hey Chunk ! I just wanted to point out the importance of the topic to ensure privacy protection, so do not be tempted by the positives that they decorate for the public, because cloud servers, including cloudflare, can track all users of their platform! And many other negatives... That is why we had to find a private alternative that could not be tracked, even if it was difficult for us to protect it locally. With much thanks and appreciation 🙂👋🌹💐
I really do enjoy the content by network chuck. I can see why the pros of network engineering may be dissatisfied by his explanation of load balancer and having the video mostly describe the capabilities of a reverse proxy. I think the problem is the amount of overlap each platform addressees. One which is specifically for load and one that is to secure a network host. I don't think he deserves to be discredited for his explanation because he does define load balancing correctly. Its just the nomenclature may confuse someone who has no prior knowledge of reverse proxies to understand that that is in fact what they want to be setting up. However in a corporate setting load balancing becomes more relevant. Its tough the video is already 45 minutes long. I don't know if the general audience wants to tune into these kinds of Simantics. Really fun project. Really enjoyed.
This could all be accomplished with more features and far easier with greater scalability using PFsense and HAProxy. No limitations whatsoever as well. I also see a lot of people suggesting many other setups and opensource solutions. Are you more leaning towards actual hardware/enterprise things with your video series? Is that why you aren't covering the alternatives? Or is it a lack of experience with those other products? Just curious......
I used to work in network admin and engineering for ten-plus ish years, quit that ten years ago, now do access control/CCTV/fire (so basically networking again 'cos it's all gone IP now) and until I stumbled on this content about two weeks ago I've not been missing it. Last week I obtained an IBM x3850. I now have an IBM x3850 with ESXi 6.7 and a bunch of VMs doing things like DHCP etc Pihole VPN and stuff. This enthusiasm is very catchy. Dunno what I'm going to do with 90% of the skills I'm picking up, but I have a sneaky suspicion my current career path will answer that one as this stuff I'm working with gets even more online. Also dunno how long it is until I get that machine up to 50% loaded.
This is the issue most people will have with this setup. It will work until you get a new IP from your ISP and then have to change your CF dns record. He really should have covered ddns or argo tunnels since that's what 99% of people will need to get this working reliably.
@@brendanquinn1604 I just got it working with pfsense and dynamic ip through ddns updater in pfsense via cloudflare API. Works flawlessly, the only issue i have is the 20mbit bottleneck. But its free i guess it needs to be slow for them to earn money somehow lol Hit me up on twitter for questions, I think I wont see answers here. @germericanish
@@brendanquinn1604 is there a free ddns service? I literally have everything set up but keep getting a 522 cloudflare error and it's getting frustrating. I've changed domains, changed domain hosts and restarted the whole process but can't seem to make my domain work.
I am with you. I also did the same thing (kinda) with my Raspberry Pi and OMV / Docker / Portainer to Cloudflare Nginx Reverse Proxy to Apache Guacamole Plex etc. I have to tell you I was soooo excited. I love this stuff. I do see that KEMP is way more verbose then Nginx especially with the web load balancing. Is it possible to Install Kemp on RPI or maybe Linode?
This is pretty cool. I've gone through a Traefik boot camp and it does load balancing and scaling on its own sort of like Docker swarm. It makes me curious how these would compare.
the algorithms must be working, i'm a junior in college majoring in IT, and found your channel. This is gonna be gold when I start my exams for certs. Awesome presentation and delivery of the tech info. It kinda completes the circle the books started for learning, if that makes sense. Thanks! i'll for sure be checking out those regarding the CCNA series, I watched a few last night, those are so cool.
This isn't free. People need to understand that the data they collect on the egress and ingress of data is the price you pay. This video is a mildly clever ad. Don't give strange companies total access to all your data.
What he describes initially is a reverse proxy, but most reverse proxies have load balancing capabilities. I personally have used Nginx and Haproxy for years.
@@grahamjkeddie Yeah same, I'm already running nginx for a long time now. Thought it was about redundant WAN connections. Was thinking like, huh how would that be free ^_^
A reverse proxy and a load balancer are slightly different things. Related and incorporated with each other, but slightly different. A reverse proxy, well, proxies inbound connections. Meaning it terminates TCP, very likely SSL, and can sometimes modify HTTP content. A load balancer can select between different servers to which to forward traffic based on whatever load balancing algorithm is configured (round-robin, least connections, least bandwidth, rule-based, etc.)
It all depends on traffic. On a physical LB you can bond multiple copper or Fiber ports to get more through put. On the Virtual you are limited by what the Host can deliver. There is also hardware SSL acceleration on physical balancer which can make a difference in high traffic environments.
If you think about it all public (AWS, Google, Azure, Linode) etc. are using virtual appliances and they work extremely well. You can also LAG/bond virtual interfaces up to 16 if desired, similar to hardware. Most physical appliances have an ASIC card dedicated for SSL offload so that the LB CPU doesn't have to do the heavy lifting of the SSL work (client key exchange) ... improving SSL TPS or transactions per second. Def pros and cons for each deployment type.
Dude i am a senior ops engineer started from geek squad through college to all dataceter/sysadmin work to yahoo then to an SRE role in silicon valley. your videos are amazing. and your my fav IT youtuber for sure. would love to chat sometime.
wow man , I mean if the professors at uni teach with your passion ... keep up the good work . I am learning so much from your videos . things I have been thinking and wondering about since I was a kid . HOW THIS THING WORKS . and you are making it so easy to learn
Loved this video! One question though. Regarding the re-encrypt option in LM, are there additional steps required after enabling it? I couldnt get any of my services to work until I disabled it.
Hey Chuck! Love the video. I'm setting up these services so that I can access my NAS from outside the network and load balance my website as well. After configuring my Virtual IP Address just as you specify, it will go online for a few seconds and then disconnect and show "Down" status. I'm using Windows Server 2019 Hyper-V to handle Kemp. Would love some insight from you or anyone! Thanks.
Old post, but did you see his note later on about changing from HTTPS to possibly using PING/ICMP as an up/down test for the balancer? If it thinks it is down the rule will not work, even if the server is up.
A reverse proxy (apache, nginx, etc.) does the same thing. No actual load balancing is happening unless you need to balance the same website between two servers.
@@singatias Yep, can confirm. Haven't even run a port scan yet, but he should definitely tighten his security... Maybe even ask for an IP change to be sure :p Edit: Maybe it was a trick all along, we've just fallen for his honey pot ;)
Firstly, great videos. Just followed your guide to putting ESXi on a raspberry pi without any issues which is great. Just wondered if anyone has had any joy with putting Kemp on a Raspberry Pi?
I've just plan to update my entire home network (Unify, new server). And now, after viewing this amazing video, I know I will have one more think to do. Thanks from France ;-) Love your video Just a question : what kind of problems I will have if I try to install in a VM managed by ProxMox ?
This video is really nice, I'm so used to the AWS LB offerings that it's nice to brush up on the core features that make these things so valuable. Great video!
Dude I wish I could just sit and have a beer with you. Just having a conversation with you would blow my damn mind lol. Best Network Engineer ever, thank you for the videos. Subscribed forever.
Didn't know I need a loadbalancer in my home network but it is indeed so awesome! Thanks for the tutorial. Do you have a nextcloud running? I'm currently struggling with that because Kemp shows my nextcloud SubVS as down all the time.
From a home network security lens though this is no more secure than forwarding ports directly to the internal devices. As I think another mentioned this is using a load balancer appliance more like a reverse proxy. Nginx could do the same (for free) without the bandwidth restriction (including TLS SNI to determine which back end host to route HTTPS traffic). A safer way to do this would be to configure something like OpenVPN to keep your home network devices off the general Internet. Then clients could use certificate+password authentication to the VPN prior to being given any access to your home network services. I know I wouldn't want my personal NAS's web interface exposed to the general Internet and all the potential Zero day exploits. That said your positivity and personality does make this and the rest of your videos fun to watch.
Using these skills i have learned from you, i am working on a mobile music studio on the go for local underground artists in my area,not only that but for content creators on the go like myself who loves linux, i have been using linux since Halloween, i have challenged myself to use it for 30 days, it only took me a day to learn a few terminal commands! Someone wanted to run a windows program on a macbook, i suggested they use VMs, they could all benefit from it!
After one year of using Kemp load balancer, the only word I could describe it is "suck". Yes it is free and yes the UI is somewhat ok. But recently I found out that it is slowing all my websites down, not mentioning the bugs that it has(I need to set multiple SubVSs for one ip!). Nginx Proxy Manager is a WAY BETTER CHOICE. So if anyone sees this comment and has the same issue, just get a docker spinning and run Nginx Proxy Manager. You get a wildcard cert as usual and the only thing you can skip is a middle cert.
I understand it was a while ago this video was made, but I just set up the Load Master as well as an Ubuntu server to run the cloudflare daemon so I could create a tunnel to the load balancer. Therefore no need to open any ports on the router and it was surprisingly easy with the cloudflared CLI. Might be a good update video to do. Thanks for all you do.
Later this week, I will be taking on this guid. I did just notice it has some time behind it. Is there anything I want to do differently than what you explained? Thank you.
Nice thanks chuck, gave me a good idea of what load balancers do, also happy about the cloud flare knowledgeable in the video, going to my IT people at my company and telling them they didn’t set the ssl correctly 😂🤣🤣
You need to put a Load Balancer in your home network….it’s amazing!!
Download the FREE Kemp Load Balancer: bit.ly/2SBlnNF
Learn more about Kemp: bit.ly/3gG2zos
🧪🧪Downloads and guide: bit.ly/3zEGWx8
🔥🔥Join the NetworkChuck membership: bit.ly/3riRhek
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: bit.ly/3riRhek
☕☕ COFFEE and MERCH: NetworkChuck.coffee
Check out my new channel, bit.ly/nc_clips
🆘🆘NEED HELP?? Join the Discord Server: discord.gg/networkchuck
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: instagram.com/networkchuck/
Twitter: twitter.com/networkchuck
Facebook: facebook.com/NetworkChuck/
Join the Discord server: bit.ly/nc-discord
0:00 ⏩ Intro
1:36 ⏩ What you need
2:50 ⏩ What is a Load Balancer??
4:39 ⏩ Why put it in your network?
7:30 ⏩ STEP 1: Install the Kemp Load Balancer (esxi)
11:24 ⏩ STEP 2: Load Balancer Initial Setup
17:50 ⏩ STEP 3: Setup your Domain Name (for FREE)
19:39 ⏩ STEP 4: Cloudflare Setup
23:11 ⏩ STEP 5: SSL Certificates (Install)
30:16 ⏩ STEP 6: Port Forward 443
31:00 ⏩ STEP 7: Setup Content Switching (mAGIC!!)
39:45 ⏩ RECAP: What we did and why
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
#loadbalancer #kemp #homenetwork
Do you hate horses?
Hey chuck i need your help . This a challenge for you . I have a spare router and i was wondering if it was possible to convert the router into a WiFi adapter to use it with my Kali Linux . Is there some way thought which i was put my router into monitor mode to use aircrack-ng and other commands . love from India . stay safe your a legend . i really enjoy watching all of your videos it motivates me a lot
Chuck I love your enthusiasm in you vids. Your videos makes learning fun and entertaining. Keep on doing so I can learn more from you.
Thanks and have a nice weekend. 👍
Hey Chuck please make a video on burp suite
if Kemp Load Balancer get hacked then i will get the access to all system.one port is open right , there will be more open port.
Because of you, I have gone out and bought a synology NAS, I have started a load balancer and started playing VM's. I could not be happier, and I bow down, and appreciate you. This is what I have been asking to learn how to do for a long time, and no one is able to break it down like you and make it fun. thanks.
Bro you hit it right on point.! You're channel is a life saver all wrapped up in a "teeny-weeny living space"... Wicked cool! Thanks my friend, you're Killin it.
You do two things that make learning from you fun:
- You have no fluff. You dont waste our time.
- You have energy, and seem to genuinly like the thing.
Thank you.
You really have a gift for this. Not just the technical part, but the enthusiasm and ability to deliver a technical brain dump that appeals to everyone from us old greybeards to the casuals. Fantastic channel, man. Please keep it up.
I have been an F5 (competitor to Kemp) administrator for large organizations. Learning this is good stuff folks. This will teach you how many many organizations including companies like Netflix handle creating pools of resources and automatically take faulty systems out of the mix with monitors.
Thanks for making our life easier brother. This is exactly what we have been looking for. You just covered a complete manual devops lifecycle in 40 minutes. Hats off bro. I am gonna set it up in my home network and on a single machine to play around.
I'm a senior engineer and even though I work with this stuff everyday I still enjoy your videos. I think it is fun to see someone else buzzing on from coffee like I do. Love the energy.
I think he makes Networking and the things you can do with the underlying skills far more cool than what seems the traditional skills. To some it may seem like normal things. To others it’s just cool ways to use Tech, the skills, and other apps with them having a NAS at home in unconventional ways to do Cool Stuff. And that to me is just so cool. As I get excited about that and clearly too others are.
Seems like a mixing of terms, this is more a reverse proxy than a load balancer (a reverse proxy can load balance - DNS roundrobin etc). Nginx is one example and is one of if not the most common. This does have an interface out the box though.
@@thecasualheroes7397 He's still load balancing. Specifically the NAS setup since he added two real servers to the NAS service.
@@GodAtum how do I find the video you are referring to?
@@GodAtum thankd
He did a lot more reverse pro ting than load balancing but still a great video and Kemp’s product is named as such
@@thecasualheroes7397 I was also thinking he has two ssl sessions. One between the end user and cloudflare AND one between cloudflare and the server. Now I get the end to end encryption part but I can't help but notice that CF is now a MITM. Just eliminate the MITM and have the letsencrypt session created on the server itself and not allow CF to do it for you. That topology with two lock on each end of CF looks very shady.
This man drinks so much coffee. 😂
Never enough!
No....
@@NetworkChuck yehhhhhhhhhhhhhhhhhhhhh networkchuck #drinkcoffee4life
It's never enough ❤️
There is never enough coffee. I go through 5lbs of beans a month for my coffee.
For those who struggled like I did, if around 14:13 you rstatus comes up "disabled" go back and modify the subVS and add port 443 as the "checked port"
Not sure why this isnt covered in the video. This worked for me as well with Status: Down
I'm having to write a report on a cloud-based network architecture for my internship, and discussing load balancing was a requirement. This video helped me a lot. Thanks Chuck and God Bless🙂
Hey man, I just wanted to tell you this is probably one of my favorite videos from you yet. I love that you bring so much energy and you're genuinely happy when things are working. I'll be seetting this up in my lab. This is so cool!
cannot agree more
Honestly, i learn a lot of things from this guy. Can't thank you enough chuck.
yaa that freaking true
Me: Doesn't have a load balancer.
Also me before I even watch the video: I guess I need a load balancer now
Right now!
I mean Right Now!
You need to load balance your timestream and add it yesterday!
@@ProtegeBlackMamba and because every damned title has RIGHT NOW or NEED or whatever I'm blocking this dude. Stop telling me what to do.
"There ain't no such thing as a free lunch."
So, is this a trojan horse?
Load balancers are awesome. We are using a custom one for 20 Gbit/s science data transfers. Without a load balancer servers would crash during peak times, replacing any would require a downtime. For home, once you are more confident with the setup, raspberry pi as a load balancer might fit your needs too (I used to have a cluster running on my desk with one of them doing the balancing).
how do you get the load balancer running on raspberry pi?
@@paulbckr You can get a simple one up and running with nginx (docker or native). Everything else will depend on your requirements (e.g. "smart" balancing, for which you might need more resources)
in a previous life i was in IT, it was this sort of stuff i loved to do....before you even got into setting anything up i was already amped up and ready to set this up. thank you for restoring some of the joy of IT that i had lost.
“As a network engineer” you should know the difference between a load balancer and a reverse proxy :P
Do you recommend using this load balancer?
@@JoeyDee86 thanks for info, getting server for my startup business, want to make sure it's secure
Isn't this nearly the same with the only difference that the one (load balancer (LB)) can balance the load and a reverse proxy (RP) doesn't do this on it's own (maybe with some modules enabled or so and configured)?
I think in this case it's ok to call it a LB, because he uses it's functionality for his website (they have the same url but point to two different ip-addresses). Most of the people out there doesn't need a LB. They would be totally fine with a simple RP. But I have to say that what I have seen so far, the ease of configuration with this LB, would be better for most people instead of configure apache or nginx config files with vim.
PS. I have seen after I wrote the stuff that other comments have the exact same point...
@@Romanicus90 I understand what you’re saying, and i get that this is really a nitpick, but my problem is people who are watching this and don’t understand it all will think that load balancers do what he’s doing. But…they don’t. He just happens to be using a layer 7 load balancer that also has reverse proxy functions. There’s tons of different kinds of LBs out there and not all will do this. So, all I’m getting at is he should’ve worded things better so people don’t get confused more.
@@sebastianespinosa1182 I agree - this is a load balancer. He is using it mostly for reverse proxy but he did setup two websites behind it. Not sure if he is doing round Robin or least connections or what on it. Either way, just like a L7 firewall is still a firewall and we don't call it a IDS/IPS device, a L7 LB is still a load balancer.
There's one thing missing in this. While you have a static IP for your home (likely due to you being a business customer for your ISP), it's not likely to be true for a variety of end users. So another service like Dynamic DNS might be needed to update any IP changes for their home network. Otherwise their services might just stop working at some point.
I would love to see a solution for dynamic IP.
Pretty sure if I remember correctly, it is possible to automatically update any IP changes with a certain Cloudflare tool, and would only require a simple change on Cloudflare's DNS Records. (correct me if I am wrong I may be getting confused with another one)
@@Kannaaaa I've tried this. But cloudflare blocks ddns updates via their API from freenom TLD, .tk, .ml etc. Kinda sucks honestly. So if you have a dynamic ip this won't work, you'll need another domain.
@@RoyArneOlsen I believe if you use a Firewall/Router like PfSense, they have the option to use the DynDNS service, which is how I got around not having a business internet connection when I was doing all my stuff on-prem.
th-cam.com/video/rI-XxnyWFnM/w-d-xo.html One of his other videos address using DDNS with Cloudflare. Not sure if they can intertwine
that is what nginx, apache, envoy could do without having a physical load balancer. but it is very interesting.
Do nginx or apache pay for affiliation? I don't think so
@@joe_ferreira yes, absolutely, and without throughput limitation.
I like traefik due to the Docker labels
@@ph4nt0mcz130 but in this case we are talking about TCP and UDP stream, IDK if traefik could be L4 LB
Ok, valid point.
I do not usually comment on videos but i need to let you know that your videos are extremly helpful because i am a noob at the best for and the way you explain is very natural and in depth which is rare for us beginners.
The problem with tutorials like this is even when they're good, like this one, they look at a few facets of the problem, while leaving lots out.
A pro will see issues and risks and will know how to overcome those, or where to look.
Amateurs like many who're watching your channel for insight or rather a walkthrough often won't.
What is needed in this case is a Definitive Guide on remote-accessing your stuff.
It should include:
- options: LB, VPNs, zerotier (both public and self hosted), cloudflare tunnels, reverse proxies, combinations thereof
- pros and cons, preferably in a systemized fashion (easy of use, cost, resource requirements, hardware requirements, bandwidth cap, user cap, trust issues, exposure risks, free-suddenly-becoming-not-so-free, provider going out of business etc)
- potential issues people often face including cgnat, dynamic ip, blocking of since services in despotic countries, recovery if your hardware goes down
- best combination of those methods for cost, easy management, security, availability (e.g. zerotier + wireguard failover).
This guy really knows how to explain himself and things well, keep up the good work you're awesome!!
Hey Chuck! I got my CCNA and a job offer in the same day because of it! Lol
Dang ok that's insane
Congrats!! What’s your IT background?
@@tommy11sixorozco9 thank you! Started helpdesk in January, so only 5 months
I just have to say congrats to that.
@@dustinclark6078 nice! what is your job now?
If you needed multiple servers on your network to serve a website, to distribute load, you would then use a load balancer to distribute incoming connections to the various back end webservers. This configuration is much more a reverse proxy than a load balancer, which is a useful thing but it isn't balancing loads.
Also, for multiple DNS records that point to the same IP you could use CNAME records instead of additional A records. This would be especially useful for anyone that doesn't have a static IP address so you don't have to update multiple records anytime your IP changes. (Really you should setup dynamic DNS, which CloudFlare supports, if you don't have a static IP).
Lastly, you want to be careful what you expose to the internet. I would not recommend putting your NAS, ESXi, Proxmox or other services like it directly on the internet. To access things like that you're much better off setting up a VPN into your network instead.
hey, just came back to this video some time later to say thank you! because of you, i got myself a MikroTik router, used my old PC as a server with TrueNAS, and I set up a bunch of services in their own jails, same fashion as here except I just used nginx instead of the load balancer. works just as well, also only one port open!(actually two bc I also have 80 but I might get Cloudflare to take care of it) it's dope to be my own website host, i think this is the true spirit of the internet, interconnected networks, everyone! you too, for free(or at a cost of a domain if you wanna go fancy), can have your own space on the web, if you only put a bit of work into it.
So came across this video was recommended. Now I'm all excited to try this in the morning that now I have to take a sleeping pill cuz I won't be able to sleep cuz that's how excited I am to do this tomorrow. Thanks man you're amazing
Thanks alot for timestamps helps me alot to get where i was before
I've been watching a lot of your videos lately and I must say I'm learning a lot. You make it so easy! Shout out to you from the Caribbean!
This may be an advertisement, but Dang! he is spoon-feeding you through the set-up! So that even slightly techies can do this! A great ad for a great product, plus it's Free!!!
It's free because it's corporate sanctioned spyware
@@iamlogik8382 source?
@@Romanicus90 uh, if someone sends you a physical box for 0 dollars, that's a spyware.
One of my Favs that people don't seem to notice or even think about when getting all the free stuff. "If you are not paying for it, you're not the customer; you're the product being sold."
Excellent video Chuck! Everything worked great. Just to help the community if they had problems in the beginning with port 443 without SSL certificate like me. Just enable SSL Acceleration in the SSL Properties for the Virtual Service created.
Thanks for this Chuck!
I did something similar to this about 10 years ago using HAproxy on my pfSense VM, haven't really bothered to set it back up since moving interstate & leaving my old homelab setup behind.
but my new home lab is growing & I think it's about time that I get my private cloud back online.
Thanks for the kick in the pants!
Something you've missed here, is that you can also add services hosted on a public VPS to your load ballancer, This lets you have cross site failover.
Greetings, I think there is a missed representation of "load balancer" I believe that it would be best to references it as a "reverse proxy server"
He load balances the website lol
Yeah thought the same. I thought why would I need a loadbalancer. Then saw for what and I thought yeah that's what my NAS does now. A reverse proxy. I don't have 2 servers for the same purpose so don't need loadbalancing
most LB's will work as an RP but not many 'Reserve Proxy' headline products will also load balance. He did also show load balancing which is a super handy thing to know in enterprise/medium business environments.
Do you recommend getting load balancer ?
@@islandersean2213 depends if you need one. Do you have multiple servers doing the same thing? If yes you need a loadbalancer. If you have multiple servers doing different things you need a reverse proxy.
I was confident that I didn't need a load balancer at home till I pressed play, thank you for the awesome content!
You actually don't need a load balancer at home, you need a reverse proxy, which is actually what this video was about lol
@@ValhallenExile He probably don't need a load balancer but this video showed load balancing on his website, two servers, equal weight(1000).
Great video! Your enthusiasm and energy for the subject really helps the viewer absorb this information. My calculus professor conveyed the subject in a similar matter. Goes a long way.
Gotta admit, was a little lost in the first 5 mins. Glad I went til the end. Lovely! Always learn something new with you!
Another easy to follow guide! From someone that works in the IT industry this is exactly what we all need. I'm looking to get myself a VMware capable server, do you have any recommendations? Keep making these awesome videos!
when i saw the notification i started smiling :D
Thanks Chuck! A great video. This has prompted me to do a similar thing on my small home network using the Synology Reverse Proxy option. Just trying to figure out how to install the certificate, it's a bit tricky.
Nice video and good to know that kemp is giving kemps VM for free for testing purposes. As an advice loadbalancer isnt a reverse proxy and the most important advice DO NOT give you certificate keys to any 3party company as they can decrypt your traffic. Nice work man as usual
I never thought i could watch the whole video in one go without skipping. but I did, It was really helpful
Just followed your tutorial but installed on hyper-v......Chuck you have some of the best content out there, keep up the great work and enthusiasm.
Thank you for this wonderful content. I really appreciate the insight and have already implemented it on my network. In some cases, (like mine) people do not have access to Fixed IP and instead rely on dynamic IPs from our ISP. A useful follow-up would be how to enable dynamic DNS from Unifi to Cloudflare.
Yes! I would also like to know how to use this with dynamic DNS.
Hi, i would also like to know how to use with dynamic dns ?
th-cam.com/video/rI-XxnyWFnM/w-d-xo.html
Hey Chuck, this is a a great video, and I installed a kemp load balancer in my home lab. I had to rebuild my server and quickly found out that Kemp is no longer free. Would you consider doing a load balancing video on Haproxy or nGninx or some other perpetually free load balancing service? Cheers.
kemp is still free, i just installed it
If Chuck has to go for a blood test the only thing coming out of his veins is coffee ☕
A long time ago, there was one switch (not a router) produced, with a, God damn, clever and simple function - bypassing anything on "dead" state. This is a right way for load balancing and system durability. Solid, hardware switch. These "Extreme Networks" BGP style ways are useless, easy to interfare and harm.
Possibly similar forum.mikrotik.com/viewtopic.php?t=106092
But, other device.
Redundancy is a flexible topic. And infinite to and for discuss.
His kinds' blood type - Coffee positive
Hey Chunk ! I just wanted to point out the importance of the topic to ensure privacy protection, so do not be tempted by the positives that they decorate for the public, because cloud servers, including cloudflare, can track all users of their platform! And many other negatives... That is why we had to find a private alternative that could not be tracked, even if it was difficult for us to protect it locally.
With much thanks and appreciation 🙂👋🌹💐
what's a good alternative to Cloudflare?
@@tchesnokovn a DIY CDN !
I really do enjoy the content by network chuck. I can see why the pros of network engineering may be dissatisfied by his explanation of load balancer and having the video mostly describe the capabilities of a reverse proxy. I think the problem is the amount of overlap each platform addressees. One which is specifically for load and one that is to secure a network host. I don't think he deserves to be discredited for his explanation because he does define load balancing correctly. Its just the nomenclature may confuse someone who has no prior knowledge of reverse proxies to understand that that is in fact what they want to be setting up.
However in a corporate setting load balancing becomes more relevant. Its tough the video is already 45 minutes long. I don't know if the general audience wants to tune into these kinds of Simantics.
Really fun project. Really enjoyed.
This could all be accomplished with more features and far easier with greater scalability using PFsense and HAProxy. No limitations whatsoever as well. I also see a lot of people suggesting many other setups and opensource solutions. Are you more leaning towards actual hardware/enterprise things with your video series? Is that why you aren't covering the alternatives? Or is it a lack of experience with those other products? Just curious......
Me: Only has a plex server at home at the moment
Also me: I guess I need a Loadbalancer now.
Thanks Chuck, one of the best video you made. Loving it, I'll definitely do this in my home environment.
I used to work in network admin and engineering for ten-plus ish years, quit that ten years ago, now do access control/CCTV/fire (so basically networking again 'cos it's all gone IP now) and until I stumbled on this content about two weeks ago I've not been missing it.
Last week I obtained an IBM x3850. I now have an IBM x3850 with ESXi 6.7 and a bunch of VMs doing things like DHCP etc Pihole VPN and stuff.
This enthusiasm is very catchy.
Dunno what I'm going to do with 90% of the skills I'm picking up, but I have a sneaky suspicion my current career path will answer that one as this stuff I'm working with gets even more online.
Also dunno how long it is until I get that machine up to 50% loaded.
@18:44 12 months free, 1 year $9.95 🤣 One of my favorite videos thank you!
The camera angle is changing like my mood.
Couldn't agree more. It's like watching an MTV show from the 80s. Gives me a headache.
Hi, great video
one question.
how can i handle that with dyndns ? i have no fixed IP
Thank you
cloudflare has a ddns service via the api... but it does not work with freenom domains
@@BusinessgadgetsNet The cloudflare ddns updater is domain agnostic. What makes you say it doesn't work for freenom domains?
This is the issue most people will have with this setup. It will work until you get a new IP from your ISP and then have to change your CF dns record. He really should have covered ddns or argo tunnels since that's what 99% of people will need to get this working reliably.
@@brendanquinn1604 I just got it working with pfsense and dynamic ip through ddns updater in pfsense via cloudflare API. Works flawlessly, the only issue i have is the 20mbit bottleneck. But its free i guess it needs to be slow for them to earn money somehow lol
Hit me up on twitter for questions, I think I wont see answers here. @germericanish
@@brendanquinn1604 is there a free ddns service? I literally have everything set up but keep getting a 522 cloudflare error and it's getting frustrating. I've changed domains, changed domain hosts and restarted the whole process but can't seem to make my domain work.
I am with you. I also did the same thing (kinda) with my Raspberry Pi and OMV / Docker / Portainer to Cloudflare Nginx Reverse Proxy to Apache Guacamole Plex etc. I have to tell you I was soooo excited. I love this stuff. I do see that KEMP is way more verbose then Nginx especially with the web load balancing. Is it possible to Install Kemp on RPI or maybe Linode?
This has really reignited my flare for learning / improving my IT skills in my current desktop support role. 🤩🤩
This is pretty cool. I've gone through a Traefik boot camp and it does load balancing and scaling on its own sort of like Docker swarm. It makes me curious how these would compare.
You are amazing man, thanks for these lessons. Keep them coming!
Hey NetworkChuck, We home users mostly have dynamic IP which changes often or when the router is restarted. You havent told how to handle dynamic ip.
th-cam.com/video/rI-XxnyWFnM/w-d-xo.html
Enterprise grade would be rather something like HAProxy when it comes to software load balancers/reverse proxies.
Thank you Chuck. Besides the knowledgable information provided you offer it in a humorous light hearted way. You clearly enjoy this and love to do it.
the algorithms must be working, i'm a junior in college majoring in IT, and found your channel. This is gonna be gold when I start my exams for certs. Awesome presentation and delivery of the tech info. It kinda completes the circle the books started for learning, if that makes sense. Thanks! i'll for sure be checking out those regarding the CCNA series, I watched a few last night, those are so cool.
This isn't free. People need to understand that the data they collect on the egress and ingress of data is the price you pay. This video is a mildly clever ad. Don't give strange companies total access to all your data.
Thank you for your Great Videos 😁👍
@Kushal yes 😂
I literally had an interview last week and it was all questions about load balancing
How did the interview go? What job position was it for?
@@AJ-gg6db it was for a Network Engineer position. I have a follow up interview so I suppose it went well.
Listened to this at 7 am while repairing my linux laptop, haven't processed almost anything, will have to rewatch later lol
the way he explains.. i am sure no one feels bored...... 👍
Hey chuck! Im a big fan! For fathers day, i got my dad 2 bags of your coffee :)
Nice
Isn't this just like a Reverse Proxy?
What he describes initially is a reverse proxy, but most reverse proxies have load balancing capabilities. I personally have used Nginx and Haproxy for years.
45 seconds into the video and that's what I was thinking.
@@grahamjkeddie Yeah same, I'm already running nginx for a long time now. Thought it was about redundant WAN connections. Was thinking like, huh how would that be free ^_^
Yeah I don’t understand, he’s all hyped up about load balancing but he just uses it as a reverse proxy lol
A reverse proxy and a load balancer are slightly different things. Related and incorporated with each other, but slightly different. A reverse proxy, well, proxies inbound connections. Meaning it terminates TCP, very likely SSL, and can sometimes modify HTTP content. A load balancer can select between different servers to which to forward traffic based on whatever load balancing algorithm is configured (round-robin, least connections, least bandwidth, rule-based, etc.)
Question: When would you recommend a physical load balancer over a virtual one?
It all depends on traffic. On a physical LB you can bond multiple copper or Fiber ports to get more through put. On the Virtual you are limited by what the Host can deliver. There is also hardware SSL acceleration on physical balancer which can make a difference in high traffic environments.
If you think about it all public (AWS, Google, Azure, Linode) etc. are using virtual appliances and they work extremely well. You can also LAG/bond virtual interfaces up to 16 if desired, similar to hardware. Most physical appliances have an ASIC card dedicated for SSL offload so that the LB CPU doesn't have to do the heavy lifting of the SSL work (client key exchange) ... improving SSL TPS or transactions per second. Def pros and cons for each deployment type.
Dude i am a senior ops engineer started from geek squad through college to all dataceter/sysadmin work to yahoo then to an SRE role in silicon valley. your videos are amazing. and your my fav IT youtuber for sure. would love to chat sometime.
Chuck, Loi, and Bombal are like the infinity stones of TH-cam
Thanks for the knowledge man!
someone needs to balance this man's coffee intake 😆
@Administrator Coffee by itself is not related to diabetes. Its all the sugar you find in your non coffee called starbucks.
next topic: learn cloud front right now
wow man ,
I mean if the professors at uni teach with your passion ...
keep up the good work . I am learning so much from your videos . things I have been thinking and wondering about since I was a kid . HOW THIS THING WORKS . and you are making it so easy to learn
Loved this video! One question though. Regarding the re-encrypt option in LM, are there additional steps required after enabling it? I couldnt get any of my services to work until I disabled it.
Hey Chuck! Love the video. I'm setting up these services so that I can access my NAS from outside the network and load balance my website as well. After configuring my Virtual IP Address just as you specify, it will go online for a few seconds and then disconnect and show "Down" status. I'm using Windows Server 2019 Hyper-V to handle Kemp. Would love some insight from you or anyone! Thanks.
Old post, but did you see his note later on about changing from HTTPS to possibly using PING/ICMP as an up/down test for the balancer? If it thinks it is down the rule will not work, even if the server is up.
Fun but with a 20mpbs speed cap it looses a lot of interest when you have gig link
HAProxy can be used to achieve the same as a free open source alternative, utalising ACL rules for content redirection.
A reverse proxy (apache, nginx, etc.) does the same thing. No actual load balancing is happening unless you need to balance the same website between two servers.
Freenom down - otherwise awesome video -
F
Yeah
you explain things very well, easily and straight to the point
With Freenom gone is there still a way to set this up completely free? Love you videos!
You leaked your IP @ 22:21 :( but I assume you already knew that since I can't ping it.
He might have ICMP blocked on his firewall.
@@majik11111 yeah ur right, there is actually a response when you try to reach it with https and I'm able to reach his login page for his NAS
@@singatias Yep, can confirm. Haven't even run a port scan yet, but he should definitely tighten his security... Maybe even ask for an IP change to be sure :p
Edit: Maybe it was a trick all along, we've just fallen for his honey pot ;)
"You may want to look at the retail version which is awesome"
$1,377/year
yeahhhhhh free is good lol
Firstly, great videos. Just followed your guide to putting ESXi on a raspberry pi without any issues which is great. Just wondered if anyone has had any joy with putting Kemp on a Raspberry Pi?
I've just plan to update my entire home network (Unify, new server). And now, after viewing this amazing video, I know I will have one more think to do. Thanks from France ;-) Love your video
Just a question : what kind of problems I will have if I try to install in a VM managed by ProxMox ?
This video is really nice, I'm so used to the AWS LB offerings that it's nice to brush up on the core features that make these things so valuable. Great video!
you're pretty much my favorite IT tutorial guy
bro, this is an amazing tutorial
Dude I wish I could just sit and have a beer with you. Just having a conversation with you would blow my damn mind lol. Best Network Engineer ever, thank you for the videos. Subscribed forever.
Didn't know I need a loadbalancer in my home network but it is indeed so awesome! Thanks for the tutorial. Do you have a nextcloud running? I'm currently struggling with that because Kemp shows my nextcloud SubVS as down all the time.
From a home network security lens though this is no more secure than forwarding ports directly to the internal devices. As I think another mentioned this is using a load balancer appliance more like a reverse proxy. Nginx could do the same (for free) without the bandwidth restriction (including TLS SNI to determine which back end host to route HTTPS traffic).
A safer way to do this would be to configure something like OpenVPN to keep your home network devices off the general Internet. Then clients could use certificate+password authentication to the VPN prior to being given any access to your home network services. I know I wouldn't want my personal NAS's web interface exposed to the general Internet and all the potential Zero day exploits.
That said your positivity and personality does make this and the rest of your videos fun to watch.
Long process but your thorough sprint through covered it perfectly! Great explanations along the way, thanks for all your knowledge!
Using these skills i have learned from you, i am working on a mobile music studio on the go for local underground artists in my area,not only that but for content creators on the go like myself who loves linux, i have been using linux since Halloween, i have challenged myself to use it for 30 days, it only took me a day to learn a few terminal commands! Someone wanted to run a windows program on a macbook, i suggested they use VMs, they could all benefit from it!
Thank you for this video! I just used this with a domain I own and can now access a few internal resources. Fantastic.
After one year of using Kemp load balancer, the only word I could describe it is "suck". Yes it is free and yes the UI is somewhat ok. But recently I found out that it is slowing all my websites down, not mentioning the bugs that it has(I need to set multiple SubVSs for one ip!).
Nginx Proxy Manager is a WAY BETTER CHOICE. So if anyone sees this comment and has the same issue, just get a docker spinning and run Nginx Proxy Manager. You get a wildcard cert as usual and the only thing you can skip is a middle cert.
I understand it was a while ago this video was made, but I just set up the Load Master as well as an Ubuntu server to run the cloudflare daemon so I could create a tunnel to the load balancer. Therefore no need to open any ports on the router and it was surprisingly easy with the cloudflared CLI. Might be a good update video to do. Thanks for all you do.
Load balancer = balance traffic between servers
Reverse proxy = direct traffic to the correct port
I go broke having to have all this totally cool stuff Love your content keep up the great work! YOU ARE A GOAT
Later this week, I will be taking on this guid. I did just notice it has some time behind it. Is there anything I want to do differently than what you explained?
Thank you.
Nice thanks chuck, gave me a good idea of what load balancers do, also happy about the cloud flare knowledgeable in the video, going to my IT people at my company and telling them they didn’t set the ssl correctly 😂🤣🤣