{"id":250,"date":"2009-11-11T17:27:00","date_gmt":"2009-11-11T17:27:00","guid":{"rendered":"http:\/\/blog.trungson.com\/?p=250"},"modified":"2009-11-11T17:27:00","modified_gmt":"2009-11-11T17:27:00","slug":"haproxy-vs-lvs-layer-7-vs-layer-4-load-balancing","status":"publish","type":"post","link":"http:\/\/blog.trungson.com\/?p=250","title":{"rendered":"haproxy vs. LVS (layer 7 vs layer 4 load balancing)"},"content":{"rendered":"

We just deployed our first haproxy load balancer and still running several LVS-TUN load balancers. Even when advertised as a fast and lightweight, it’s comparing with other layer-7 LB, not with layer-4 LB like LVS. <\/p>\n

Load Average \/ CPU Usage<\/h4>\n

haproxy still requires much more resource. On the same really basic server (Pentium 3\/4 or something really slow), LVS load average is always or near zero, even with many incoming requests. haproxy’s load average is about 0.3 to 0.5<\/p>\n

Features<\/h4>\n

But the good thing about haproxy is that it has more features and flexible in term of configuration. LVS-TUN is best when the ISP allows packets to have LB’s IP (spoofed packets). But if you don’t have that option, haproxy is the next best thing. Assuming you don’t need HTTP header inspection feature of haproxy, which LVS does not have because it’s layer 4.<\/p>\n

Bandwidth Utilization<\/h4>\n

LVS-TUN only takes the incoming portion of the requests so bandwidth requirement would be half of the full process (haproxy and same for LVS-NAT).<\/p>\n

SSL<\/h4>\n

LVS-TUN does it effortlessly because it does not deal with the content of the packets at all. haproxy can deal with SSL with 2 options: <\/p>\n