by Looking for an alternative (free) Connection Broker solution I stumbled across Crossroads.
It is a little application that will run on pretty much any current Linux/OSX build, and will load balance specific IP’s, ports.
Just because I wanted something quick and easy to test this on, I downloaded Ubuntu Desktop 6.0.6 LTS to try it out on.
Download Crossroads here. I chose the 1.48 build, as it is the latest stable (at the time of this writing).
So, download it, to your Linux system, and unpack it, and install it.
I downloaded/copied it to /tmp, and installed it as follows:
Unpacking the archive
root@ubuntu:/tmp# gunzip crossroads-stable.tar.gz
root@ubuntu:/tmp# tar –xvf crossroads-stable.tar
root@ubuntu:/tmp# cd crossroads-1.48
Compiling/Installing Crossroads
(make sure you have a C compiler like gcc installed)
root@ubuntu:/tmp/crossroads-1.48# make install
root@ubuntu:/tmp/crossroads-1.48# touch /etc/crossroads.conf
Basic Configuring of Crossroads
edit /etc/crossroads.conf (with the below configuration)
service rdp {
port 3389;
revivinginterval 15;
backend one {
server 10.1.1.100:3389;
maxconnections 1;
setserverheader "X-Real-IP: %r";
trafficlog /tmp/backend.1.log;
}
backend two {
server 10.1.1.101:3389;
maxconnections 1;
setserverheader "X-Real-IP: %r";
trafficlog /tmp/backend.2.log;
}
}
I set the “maxconnections” to 1, because if I have XP/Vista desktops on the backend, I don’t want someone attempting to connect to one that already has an active connection.
Starting Crossroads
/usr/local/bin/crossroads start
Checking the status of Crossroads
/usr/local/bin/crossroads status
Stopping Crossroads
/usr/local/bin/crossroads stop
Keep in mind, this is just a rudimentary implementation of Crossroads in a Connection Broker capacity.
The Crossroads documentation gives more parameters and information to have it start automatically at different run levels, allowed from/denied from, etc.
Additionally, the default Makedef.def is setup for a maximum of 20 connections. So, before you compile it, adjust the number accordingly.
The config file (/etc/crossroads.conf) also has many additional settings, that can customize the connections, including things such as allowed/denied addresses, etc.
The Web Interface
There is also a web gui that will display connections/etc.
To start it up, run /usr/local/bin/crossroads-mgr start PORT
So if you run /usr/local/bin/crossroads-mgr start 80, you should see something like this:
Now, in a production environment, I’d recommend creating a hardened Linux VM, and really tweaking /etc/crossroads.conf to get the best performance and security.
This could be a really viable solution in a small environment where costs play a significant factor.
As can be seen it really isn’t hard to do, doesn’t take long, and (by reading the docs) can be locked down enough to be a cheap (free) solution.
This would be something great to see made into an appliance….
We are using Crossroad to balancing VNC connections to XP VM’s, and to reset the VM to a known state after the user disconnects.
VM’s are a mix of vmware, virtualbox, and qemu.
@ajd4096
Any chance you could provide some documentation/configuration on how you have it deployed?
Like all of the “blanks” that are in the configuration above?
I would really like to help a school roll this out, but I don’t want to put it in place if it isn’t “ready for prime time”, and by what you are saying, it certainly could be if the right configuration is performed.
Thanks,
smooter
I don’t have it in production.
As I understand it, the project is no longer being developed.