{"id":13340,"date":"2025-12-20T11:32:55","date_gmt":"2025-12-20T06:02:55","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13340"},"modified":"2025-12-20T11:32:57","modified_gmt":"2025-12-20T06:02:57","slug":"how-to-setup-load-balancer-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-setup-load-balancer-on-linux-server","title":{"rendered":"How to Setup Load Balancer on Linux Server &#8211; Easy Guide"},"content":{"rendered":"\n<p><strong>To set up a load balancer on a Linux server<\/strong>, choose an L4 or L7 solution (HAProxy, Nginx, or LVS), install it, define backend pools and health checks, enable SSL and logging, open firewall ports, and test failover and scaling. Below is a step-by-step guide for Ubuntu\/RHEL using Nginx, HAProxy, and Keepalived.<\/p>\n\n\n\n<p>In this guide, you\u2019ll learn how to setup load balancer on Linux server the right way\u2014covering Nginx (Layer 7), HAProxy (Layer 4\/7), and optional high availability with Keepalived. We\u2019ll walk through architecture planning, installation, configuration, SSL termination, health checks, performance tuning, and troubleshooting, using clear, beginner-friendly steps.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-a-load-balancer-and-why-it-matters\"><strong>What is a Load Balancer and Why it Matters<\/strong>?<\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"628\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Load-Balancer-on-Linux.jpg\" alt=\"What Is a Load Balancer and Why It Matters\" class=\"wp-image-13499\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Load-Balancer-on-Linux.jpg 1200w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/Load-Balancer-on-Linux-150x79.jpg 150w\" sizes=\"auto, (max-width: 1200px) 100vw, 1200px\" \/><\/figure>\n\n\n\n<p>A load balancer distributes incoming traffic across multiple backend servers to improve availability, performance, and scalability. It prevents any single server from becoming a bottleneck, provides graceful failover, and enables rolling updates\u2014essential for modern web apps, APIs, and eCommerce sites.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"l4-vs-l7-load-balancing-quick-comparison\"><strong>L4 vs L7 Load Balancing (Quick Comparison)<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Layer 4 (Transport): Routes by IP\/port using TCP\/UDP. Very fast, low overhead. Great for raw TCP, TLS passthrough, and high throughput.<\/li>\n\n\n\n<li>Layer 7 (Application): Routes by HTTP headers, URLs, cookies, or hostnames. Supports content-based rules, header rewrites, caching, and SSL termination.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"popular-open-source-options\"><strong>Popular Open-Source Options<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nginx: Excellent L7 reverse proxy for HTTP\/HTTPS, simple config, SSL termination, static file offload.<\/li>\n\n\n\n<li>HAProxy: High-performance L4\/L7 proxy, advanced health checks, stickiness, rich observability.<\/li>\n\n\n\n<li>LVS\/IPVS (with Keepalived): Kernel-level L4 load balancing for massive throughput, commonly paired with Keepalived for VRRP floating IPs.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-architecture-planning\"><strong>Prerequisites and Architecture Planning<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"system-and-network-requirements\"><strong>System and Network Requirements<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.youstable.com\/blog\/install-mongodb-on-linux\/\">Linux server<\/a> (Ubuntu 22.04+\/20.04+ or RHEL\/CentOS\/Rocky 8\/9).<\/li>\n\n\n\n<li>Public IP or private IP behind a firewall\/load balancer as needed.<\/li>\n\n\n\n<li>Two or more backend app servers (e.g., 10.0.0.11, 10.0.0.12).<\/li>\n\n\n\n<li>Root\/sudo access, package manager (apt, dnf, or yum), and a domain (e.g., example.com).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"dns-and-ssl-considerations\"><strong>DNS and SSL Considerations<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Point your domain (A\/AAAA) to the load balancer\u2019s IP.<\/li>\n\n\n\n<li>Use <a href=\"https:\/\/www.youstable.com\/blog\/what-is-lets-encrypt-on-linux-server\/\">Let\u2019s Encrypt<\/a> for SSL termination on the load balancer or pass-through to backends if apps handle TLS.<\/li>\n\n\n\n<li>Plan redirects (HTTP to HTTPS) and HSTS if required.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"security-and-firewall\"><strong>Security and Firewall<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open only necessary ports: 80 (HTTP), 443 (HTTPS), 8404\/8405 for HAProxy stats if needed.<\/li>\n\n\n\n<li>Allow internal traffic from LB to backends on app ports (e.g., 80\/8080\/9000).<\/li>\n\n\n\n<li>Harden SSH, keep packages updated, and enable logging.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"option-1-set-up-nginx-as-a-layer-7-load-balancer\"><strong>Option 1: Set Up Nginx as a Layer 7 Load Balancer<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-nginx\"><strong>Install Nginx<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian\nsudo apt update &amp;&amp; sudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-nginx-on-linux\/\">install -y nginx<\/a>\n\n# RHEL\/Rocky\/CentOS\nsudo dnf install -y epel-release\nsudo dnf install -y nginx\nsudo systemctl enable --now nginx<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"create-upstream-and-server-blocks\"><strong>Create Upstream and Server Blocks<\/strong><\/h3>\n\n\n\n<p>Define a backend pool and a frontend server block. Nginx Open Source supports passive health checks via max_fails and fail_timeout.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/nginx\/conf.d\/lb.conf\n\n# Example HTTP load balancer\nupstream app_pool {\n    server 10.0.0.11:80 max_fails=3 fail_timeout=10s;\n    server 10.0.0.12:80 max_fails=3 fail_timeout=10s;\n    # Optional: ip_hash; # for sticky sessions\n}\n\nserver {\n    listen 80;\n    server_name example.com www.example.com;\n\n    # <a href=\"https:\/\/www.youstable.com\/blog\/redirect-http-to-https\/\">Redirect HTTP<\/a> to HTTPS (if terminating TLS)\n    return 301 https:\/\/$host$request_uri;\n}\n\n# HTTPS frontend (after obtaining certs)\nserver {\n    listen 443 ssl http2;\n    server_name example.com www.example.com;\n\n    ssl_certificate     \/etc\/letsencrypt\/live\/example.com\/fullchain.pem;\n    ssl_certificate_key \/etc\/letsencrypt\/live\/example.com\/privkey.pem;\n\n    location \/ {\n        proxy_pass http:\/\/app_pool;\n        proxy_set_header Host $host;\n        proxy_set_header X-Real-IP $remote_addr;\n        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n        proxy_set_header X-Forwarded-Proto https;\n        proxy_read_timeout 60s;\n        proxy_connect_timeout 5s;\n        proxy_send_timeout 60s;\n    }\n}<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"obtain-ssl-certificates-lets-encrypt\"><strong>Obtain SSL Certificates (Let\u2019s Encrypt)<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian\nsudo apt install -y certbot python3-certbot-nginx\nsudo certbot --nginx -d example.com -d www.example.com\n\n# RHEL\/Rocky\/CentOS\nsudo dnf install -y certbot python3-certbot-nginx\nsudo certbot --nginx -d example.com -d www.example.com<\/code><\/pre>\n\n\n\n<p>Reload and test <a href=\"https:\/\/www.youstable.com\/blog\/configure-nginx-on-linux\/\">Nginx after configuration<\/a> updates.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nginx -t\nsudo systemctl reload nginx<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"nginx-notes-and-tips\"><strong>Nginx Notes and Tips<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>For active health checks, Nginx Plus or third-party modules are required.<\/li>\n\n\n\n<li>Use ip_hash for cookie-less sticky sessions, or set app-level cookies for better control.<\/li>\n\n\n\n<li>Enable gzip and caching if serving static content alongside proxying.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"option-2-set-up-haproxy-layer-4-7-for-high-performance\"><strong>Option 2: Set Up HAProxy (Layer 4\/7) for High Performance<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-haproxy\"><strong>Install HAProxy<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian\nsudo apt update &amp;&amp; sudo apt <a href=\"https:\/\/www.youstable.com\/blog\/install-haproxy-on-linux\/\">install -y haproxy<\/a>\n\n# RHEL\/Rocky\/CentOS\nsudo dnf install -y haproxy\nsudo systemctl enable --now haproxy<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"configure-frontends-backends-health-checks-and-stickiness\"><strong>Configure Frontends, Backends, Health Checks, and Stickiness<\/strong><\/h3>\n\n\n\n<p>Below is a robust <a href=\"https:\/\/www.youstable.com\/blog\/configure-haproxy-on-linux\/\">HAProxy configuration<\/a> for HTTP\/HTTPS with health checks, sticky sessions, and a stats dashboard.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/haproxy\/haproxy.cfg\n\nglobal\n  log \/dev\/log local0\n  log \/dev\/log local1 notice\n  maxconn 50000\n  user haproxy\n  group haproxy\n  daemon\n  tune.ssl.default-dh-param 2048\n\ndefaults\n  log global\n  mode http\n  option httplog\n  option dontlognull\n  timeout connect 5s\n  timeout client  60s\n  timeout server  60s\n  timeout http-request 10s\n  retries 3\n\n# HTTP frontend (redirect to HTTPS)\nfrontend fe_http\n  bind *:80\n  acl host_example hdr(host) -i example.com www.example.com\n  http-request redirect scheme https code 301 if host_example\n  default_backend be_app\n\n# HTTPS frontend with TLS termination\nfrontend fe_https\n  bind *:443 ssl crt \/etc\/ssl\/private\/example-com.pem\n  mode http\n  default_backend be_app\n\n# Backend with health checks and stickiness\nbackend be_app\n  mode http\n  balance roundrobin\n  option httpchk GET \/health\n  http-check expect rstatus 2xx\n  cookie SRV insert indirect nocache\n  server app1 10.0.0.11:80 check cookie app1\n  server app2 10.0.0.12:80 check cookie app2\n\n# Optional: Stats page\nlisten stats\n  bind :8404\n  mode http\n  stats enable\n  stats uri \/stats\n  stats refresh 5s\n  stats auth admin:StrongPassword!<\/code><\/pre>\n\n\n\n<p>Generate or import your certificate in PEM format for HAProxy (full chain + key). Then reload:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo haproxy -c -f \/etc\/haproxy\/haproxy.cfg\nsudo systemctl reload haproxy<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-logging-and-firewall-rules\"><strong>Enable Logging and Firewall Rules<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># UFW (Ubuntu)\nsudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp\nsudo ufw allow 8404\/tcp   # optional stats\nsudo ufw reload\n\n# firewalld (RHEL\/Rocky)\nsudo firewall-cmd --add-service=http --permanent\nsudo firewall-cmd --add-service=https --permanent\nsudo firewall-cmd --add-port=8404\/tcp --permanent\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"optional-high-availability-with-keepalived-vrrp-floating-ip\"><strong>Optional: High Availability with Keepalived (VRRP Floating IP)<\/strong><\/h2>\n\n\n\n<p>To avoid a single point of failure, deploy two load balancer nodes using Keepalived for an automatic failover via VRRP and a shared virtual IP (VIP).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-and-configure-keepalived-on-both-nodes\"><strong>Install and Configure Keepalived on Both Nodes<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Ubuntu\/Debian\nsudo apt install -y keepalived\n\n# RHEL\/Rocky\/CentOS\nsudo dnf install -y keepalived\n\nsudo nano \/etc\/keepalived\/keepalived.conf\n\n# Node 1 (MASTER)\nvrrp_instance VI_1 {\n  state MASTER\n  interface eth0\n  virtual_router_id 51\n  priority 200\n  advert_int 1\n  authentication {\n    auth_type PASS\n    auth_pass StrongPass123\n  }\n  virtual_ipaddress {\n    10.0.0.100\/24 dev eth0\n  }\n}\n\n# Node 2 (BACKUP) - change state to BACKUP, lower priority\nvrrp_instance VI_1 {\n  state BACKUP\n  interface eth0\n  virtual_router_id 51\n  priority 100\n  advert_int 1\n  authentication {\n    auth_type PASS\n    auth_pass StrongPass123\n  }\n  virtual_ipaddress {\n    10.0.0.100\/24 dev eth0\n  }\n}\n\nsudo systemctl enable --now keepalived<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"test-vrrp-failover\"><strong>Test VRRP Failover<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Point DNS to the VIP (10.0.0.100).<\/li>\n\n\n\n<li>Stop HAProxy\/Nginx on the MASTER or shut it down; the BACKUP should assume the VIP within seconds.<\/li>\n\n\n\n<li>Verify minimal downtime and that sessions continue unless app-level state is not shared.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"performance-tuning-and-best-practices\"><strong>Performance Tuning and Best Practices<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"key-settings-to-review\"><strong>Key Settings to Review<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Timeouts: Keep client\/server timeouts tight but realistic (e.g., 30\u201360s for HTTP).<\/li>\n\n\n\n<li>Connection Limits: Tune maxconn (HAProxy) and worker_processes\/worker_connections (Nginx) to match CPU and memory.<\/li>\n\n\n\n<li>Buffers and Compression: <a href=\"https:\/\/www.youstable.com\/blog\/enable-gzip-compression\/\">Enable gzip<\/a> for text assets; avoid compressing already compressed files.<\/li>\n\n\n\n<li>TLS: Use modern ciphers, HTTP\/2, OCSP stapling; offload TLS at the LB when appropriate.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"sticky-sessions-vs-stateless-design\"><strong>Sticky Sessions vs. Stateless Design<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Stickiness (cookies or ip_hash) helps stateful apps (session in memory), but complicates scaling and failover.<\/li>\n\n\n\n<li>Prefer stateless apps with external session stores (Redis, database) for resilient scaling.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"observability-metrics-logs-and-alerts\"><strong>Observability: Metrics, Logs, and Alerts<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enable HAProxy stats (\/stats) or Prometheus exporters; for Nginx, use stub_status or third-party exporters.<\/li>\n\n\n\n<li>Ship logs to a central system (Elastic, Loki, or a managed service) and set SLO-based alerts (errors, latency, health check failures).<\/li>\n\n\n\n<li>Load test with tools like k6, wrk, or JMeter before going live.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"nginx-vs-haproxy-vs-lvs-which-should-you-choose\"><strong>Nginx vs HAProxy vs LVS: Which Should You Choose?<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Nginx (L7): Best for web apps, caching, header rewrites, and simple HTTP routing. Easy SSL termination.<\/li>\n\n\n\n<li>HAProxy (L4\/L7): Best for advanced health checks, high concurrency, stickiness, and observability. Excellent general-purpose choice.<\/li>\n\n\n\n<li>LVS\/IPVS (L4): Best for ultra-high throughput and low latency at scale; often combined with Keepalived, but requires deeper network expertise.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-checklist\"><strong>Troubleshooting Checklist<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-issues-and-fixes\"><strong>Common Issues and Fixes<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>502\/504 Errors: Check backend health endpoints, upstream server ports, and timeouts.<\/li>\n\n\n\n<li>SSL Handshake Failures: Validate cert\/key paths, permissions, and full chain presence.<\/li>\n\n\n\n<li>Sticky Sessions Not Working: Ensure cookie settings align with domain and HTTPS; confirm ip_hash or cookie policies.<\/li>\n\n\n\n<li>High Latency: Review DNS\/TLS, enable keep-alive, scale backends, and tune buffers\/timeouts.<\/li>\n\n\n\n<li>Failover Not Triggering: Validate Keepalived priorities, interface names, and VRRP multicast permissions on the network.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"when-to-choose-managed-load-balancing\"><strong>When to Choose Managed Load Balancing<\/strong><\/h2>\n\n\n\n<p>If you prefer to offload configuration, scaling, monitoring, and 24\/7 response, consider a managed solution. At YouStable, our engineers can provision optimized VPS or Dedicated Servers with HAProxy\/Nginx pre-tuned, set up VRRP for high availability, and monitor your stack so your apps stay fast and resilient.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-by-step-quick-start-summary\"><strong>Step-by-Step Quick Start Summary<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Pick your load balancer: Nginx (L7) or HAProxy (L4\/L7).<\/li>\n\n\n\n<li>Install the package, open firewall ports, and enable the service.<\/li>\n\n\n\n<li>Define backend servers, health checks, and routing rules.<\/li>\n\n\n\n<li><a href=\"https:\/\/www.youstable.com\/blog\/how-to-enable-ssl-in-cpanel\/\">Enable SSL<\/a> termination or passthrough; test with curl and browser.<\/li>\n\n\n\n<li>Optional: Add Keepalived for a floating VIP and failover.<\/li>\n\n\n\n<li>Monitor metrics\/logs, then load test and tune.<\/li>\n<\/ul>\n\n\n\n<p>With the steps above, you can confidently deploy a robust, secure load balancer on Linux. If you want a team to handle the design, HA configuration, and ongoing monitoring, YouStable can architect and manage it end to end\u2014so you can focus on your application, not the plumbing.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-load-balancer-on-linux-server\"><strong>FAQs: Load Balancer on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765797477499\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-a-reverse-proxy-the-same-as-a-load-balancer\"><strong>Is a reverse proxy the same as a load balancer?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>A reverse proxy forwards client requests to one or more backend servers. A load balancer is a type of reverse proxy that distributes traffic across multiple servers and includes health checks, failover, and balancing algorithms. Many tools (Nginx, HAProxy) act as both.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765797484494\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"which-is-better-for-linux-load-balancing-nginx-or-haproxy\"><strong>Which is better for Linux load balancing: Nginx or HAProxy?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Nginx excels at Layer 7 HTTP features and static content, while HAProxy shines at high-performance L4\/L7 proxying, advanced health checks, and observability. For most web apps, HAProxy offers more granular control; Nginx is excellent if you also need web serving and rewrites.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765797490922\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-enable-sticky-sessions-for-my-application\"><strong>How do I enable sticky sessions for my application?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>In Nginx, use ip_hash or cookies managed by the application. In HAProxy, use cookie-based persistence in the backend (cookie insert) or source hashing. For reliability, prefer stateless sessions with a shared store (Redis) and avoid stickiness when possible.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765797499972\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"can-i-load-balance-tcp-and-udp-traffic-on-linux\"><strong>Can I load balance TCP and UDP traffic on Linux?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. HAProxy supports TCP (and limited UDP via the QUIC\/HTTP3 stack), and LVS\/IPVS provides high-performance L4 balancing for TCP\/UDP. Nginx stream module can proxy TCP\/UDP as well. Choose based on protocol needs and performance goals.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765797507973\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"do-i-need-two-load-balancers-for-high-availability\"><strong>Do I need two load balancers for high availability?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>For production, yes. Use two LBs with Keepalived (VRRP) or a cloud-managed <a href=\"https:\/\/www.youstable.com\/blog\/install-load-balancer-on-linux\/\">load balancer<\/a> to avoid single-point failures. A floating virtual IP or anycast\/DNS-based methods can provide failover with minimal downtime.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To set up a load balancer on a Linux server, choose an L4 or L7 solution (HAProxy, Nginx, or LVS), [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15570,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-13340","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Setup-Load-Balancer-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=13340"}],"version-history":[{"count":4,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13340\/revisions"}],"predecessor-version":[{"id":15571,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13340\/revisions\/15571"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15570"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=13340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=13340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=13340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}