I've not used built in MWG load balancing, however we do use WCCP on one of our clusters. This is a transparrent mechnisam that nativly supportes load balancing and works very well for us. would this be an option? Alternativly on other parts of our estate we use HAProxy as a front end to spread load to a cluster of servers. This could be run under a VM and you can use things like Linux LVM to make it highly avalible.
please note that Proxy HA or Transparent Router mode are not exactly active/active. What happens is the following:
ONE of the nodes in the cluster will become the "director". This node will be associated to the virtual IP address (e.g. on previous network devices the MAC address of the virtual IP will point to the physical NIC of the director node). This node will receive ALL traffic, but before the traffic is shifted from the NIC to the MWG process the data is shared across ALL known nodes in the cluster.
So only one node will accept traffic, and will then try to equally share the load through all known MWG nodes in the local subnet. However all nodes will process the traffic.
In your case I would probably try to go with transparent router mode. This would probably limit the efforts you have to take on your existing network devices, since MWG will automatically take care of the packets it wants to intercept etc.
I tried to set up a linux haproxy roundrobin with 5 McAfee Web gateways which are running in Proxy mode.
- If i write down haproxy IP:PORT in proxy settings of browser it works, (explicit proxy)
- If i remove IP:PORT in proxy settings of browser, it didnt work. (with PBR via HP switch)
May i ask how did you set up haproxy and web gateways to work active/active balancing ?