Greetings everyone,
I've finally managed to get some free-time to try some load-balancing. It's relatively easy to setup, but I was more worried about the performance and response time. I also wanted to be able shut multiple Pi-Holes instances down without interruption to the users in my home.
To start, these Pi-Hole instances are built using Ubuntu Server 16.04, 1 core and 512mb of ram since the OS uses very little resources and the same goes for DNS-Queries. In total, I have 4 Pi-Hole instances, 2 on both primary and secondary ESXI servers.
I'm aware I could use HAProxy or nginx for load-balancing, been there done that, but I wanted to do things a little differently. For load-balancing, I used Kemp Virtual Load Masters.Of course, we have two so that if the primary VIP fails we can use the secondary. For the heck of it I setup Kemp 360 Central to manage these load-balancers more efficiently.
The load-balancers are also tasked with calculating the member with the best response time in addition to increasing the weight of that member. This means, only the fastest Pi-Hole will be chosen and consistently will have queries sent to it. For members with a lower weight they aren't sent much traffic, but only in the event the primary member fails.
With that being said, I still wanted to keep my NxFilter instances I have running. These are responsible for enforcing rules and analyzing the type of queries being made. The Pi-Hole instances all forward requests to the nxFilter instances. This allows me to not only make use of Pi-Holes ad blocking service, but to still maintain and enforce policies.
Oh and yes, these nxfilter instances sit behind a VIP on the load-balancers in which the Pi-Hole instances have set as their DNS servers. These are load-balanced the exact way the Pi-Hole instances are. We have 3 of these all placed on physically separate devices. If these were to fail we wouldn't be able to query anything.
So now, I've created a redundant Pi-Hole and NxFilter configuration that is easily scaled and able to withstand multiple failures without hampering the users experience. I've attached a visual representation below. If you have any better ideas or recommendations I am open to trying them out.
