DirectAccess Load Balancing Tips and Tricks Webinar

KEMP Technologies LoadMaster Load BalancerEnabling load balancing for DirectAccess deployments is crucial for eliminating single points of failure and ensuring the highest levels of availability for the remote access solution. In addition, enabling load balancing allows DirectAccess administrators to quickly and efficiently add capacity in the event more processing power is required.

DirectAccess includes support for load balancing using integrated Windows Network Load Balancing (NLB) and external load balancers (physical or virtual). External load balancers are the recommended choice as they provide superior throughput, more granular traffic distribution, and greater visibility. External load balancers also more scalable, with support for much larger DirectAccess server clusters, up to 32 nodes. NLB is formally limited to 8 nodes, but because it operates at layer 2 in the OSI model and relies on broadcast heartbeat messages, it is effectively limited to 4 nodes.

The KEMP Technologies LoadMaster load balancer is an excellent choice for load balancing the DirectAccess workload. To learn more about configuring the LoadMaster with DirectAccess, join me for a free live webinar on Tuesday, August 16 at 10:00AM PDT where I’ll discuss DirectAccess load balancing in detail. I will also be sharing valuable tips, tricks, and best practices for load balancing DirectAccess.

DirectAccess Load Balancing Tips and Tricks Webinar

Don’t miss out. Register today!

Additional Resources

DirectAccess Load Balancing Overview

Load Balancing DirectAccess with the KEMP Loadmaster Load Balancer

Maximize your investment in Windows 10 with DirectAccess and the KEMP LoadMaster Load Balancer

KEMP LoadMaster DirectAccess Deployment Guide

Leave a comment


  1. Is it possible to get a recording of this webinar? I’m not able to watch it live, because I’m on vacation.

    • I’m sure the webinar will be recorded and available on-demand after the event. As long as you have registered you’ll receive notification when it becomes available. Thanks!

  2. Craig

     /  September 6, 2017


    The above solutions are good for load balancing but I’m looking to improve my resiliency for a given geographical location.

    For example I have a single entry point in four countries all configured with 2 NICs to support Teredo and IPHTTPS. At present if one of those locations go offline DA traffic will pass to another entry point in a different county (assuming Windows 10 clients). I want improve my resiliency so that I no longer have a single point of failure in each country so can I simply add a second entry point in each country (located in a different geographical location, on a different subnet and behind a different firewall) and just reply on the client logic to failover to the closest in-country entry point in the event of a site failure?

    Or do i need something smarter?

    I can’t see how the Kemp device solves my problem as it is in itself a single point of failure in whichever location it is implemented.

    • You can certainly add more entry points, but the default site selection algorithm used by Windows 10 clients is not very robust. Many users report that Windows 10 clients will select suboptimal entry points, for example choosing an entry point in London when they are in the US (and there’s an available entry point in the US, of course). Now, the KEMP LoadMaster addresses two challenges with DirectAccess load balancing. First, it can provide local redundancy by enabling cluster in each location. The KEMP is a MUCH better alternative to using NLB. Second, the KEMP can be used to provide better and more intelligent global traffic distribution. That’s where it can really enhance a multisite deployment. Yes, if you implement just a single KEMP, you’ll of course have a single point of failure. However, it is easy to implement the KEMP solution in a highly available manner. They support clustering, and in the case of GEO (GSLB) you could have units in multiple geographies that can respond to DNS requests. Hope that helps!

      • Craig

         /  September 6, 2017

        I’m more interested in resiliency in the event of a site going down than load balancing so how would the Kemp solution help?

        Say I had 8 DA entry points, 2 in each country and both of those in separate locations and separate subnets. If one entry point goes down I want all traffic to stay in country. NLB isn’t going to work as it can’t span two separate subnets (AFAIK).

        So with the KEMP solution how do i avoid a single point of failure? Do I need two KEMP devices clustered? If the one of the KEMP devices isn’t in the same country as an entry point how does that effect DNS resolution/load balancing?

      • In this case the KEMP is serving only as a DNS server. It can be located anywhere, really. In fact, putting in the cloud is an excellent idea. 🙂 And yes, having the KEMP highly available is recommended (it supports clustering natively). From there, it is configured to monitor each of your entry points. You define rules that say which IP address is returned to a client when they query for the DirectAccess public hostname. With that, if your DirectAccess server in site A goes down, you tell the KEMP to return the IP address for whichever entry point you want to serve as backup.

  1. DirectAccess Deployment Guide for KEMP LoadMaster Load Balancers | Richard Hicks' DirectAccess Blog

Leave a Reply

%d bloggers like this: