This is pen, a load balancer for "simple" tcp based protocols such as
http or smtp. It allows several servers to appear as one to the
outside and automatically detects servers that are down and distributes
clients among the available servers. This gives high availability and
140204 Moved defines for ACE_IPV4 et al outside #ifdef HAVE_SSL clause.
Otherwise pen won't compile without ssl.
140204 GeoIP access lists.
140120 Added "special exception" clause for linking with OpenSSL.
131127 Penlog ipv6 compatible.
131126 Modernized automake configuration.
Penctl ipv6 compatible.
131123 Updated autoconf to 2.69.
131122 Updated SSL code. Protocol ssl2 removed. Default changed to tls1.
131120 Added UDP patch from Zen.
The load balancing algorithm keeps track of clients and will try to
send them back to the server they visited the last time. The client
table has a number of slots (default 2048, settable through command-line
arguments). When the table is full, the least recently used one will
be thrown out to make room for the new one.
This is superior to a simple round-robin algorithm, which sends a client
that connects repeatedly to different servers. Doing so breaks
applications that maintain state between connections in the server,
including most modern web applications.
When pen detects that a server is unavailable, it scans for another
starting with the server after the most recently used one. That way
we get load balancing and "fair" failover for free.
Correctly configured, pen can ensure that a server farm is always
available, even when individual servers are brought down for maintenance
or reconfiguration. The final single point of failure, pen itself,
can be eliminated by running pen on several servers, using vrrp to
decide which is active.
Description of redundancy using vrrpd on Linux
The Ultimate Cheapskate Cluster
There is a mailing list: email@example.com. Send mail to
with the message body:
Mailing list archive
A side-effect of the load-balancing is that several logfiles are produced,
and all accesses seem to come from the load balancer. The program
penlogd solves this problem by merging pen's log file with the ones
produced by the web servers. See penlogd(1) and penlog(1) for details.
Pen emits statistics when it receives a USR1 signal, but the output
can be hard to interpret. The cgi script webstats
can be used in conjunction with the -w option to pen to get statistics
in HTML format instead.
New: Take a look here to see what
the latest Pen status is here at siag.nu. This is not "live" data, but
generated from this cron job every 10 minutes:
2,12,22,32,42,52 * * * * kill -USR1 `cat /var/run/pen.pid`
Note that there are usually few active connections. This is because of the
way the web works: the client connects, the server sends data, the
client disconnects. The whole transaction is over in seconds.
This load balancer is known to work on FreeBSD, Linux, HP-UX and Solaris.
Unixes should work as well, possibly requiring trivial changes.
Success stories or problem reports are welcome.
It runs on Windows, too.
And on MacOS X.
Actually, the easiest way to install Pen nowadays is to get it from one of the
distributions that package it. On e.g. Debian or Ubuntu the entire process is:
apt-get install pen
If you still want to install from source because you need features not built
into the packages, here's how. Type:
By default the programs are installed in /usr/local/bin. This can
be changed like this example:
to install into /usr/bin instead.
Contributed start scripts
Hercules Load Balancer Virtual Appliance, a VMware virtual machine based on Pen
Penbw, Pen backend
watcher, monitors and blacklists backends automatically in case
of a failure
Pre-compiled packages for Solaris
A redundant load-balancing firewall system, using FreeBSD
Red Hat RPMs courtesy of Dag Wieers
Zen load balancer, a load balancer appliance based on Pen.
Freshmeat project page
Load balancing UDP on EC2
[an error occurred while processing this directive]
Ulric Eriksson - May 2008 - firstname.lastname@example.org