Building IIS Web Farm with Load Balancing using Nginx

This article describes how to create a web farm with load balancing on Internet Information Services (IIS) 8.0 and higher. Load balancing between Web servers in the farm will be implemented not by the standard extension for IIS Application Request Routing (ARR), but using an open source HTTP/reverse proxy Nginx.

Nginx is a simple, fast and reliable HTTP server. Nginx is used primarily for static websites and as a a front proxy before high load dynamic sites. Nginx is designed for the purpose of rapid processing of requests and able to serve static requests, perform proxy caching and simple load balancing functions.

Tip. The main disadvantages of Application Request Routing is that it can’t monitor HTTP responses from several sites and requires additional Windows license.

Building IIS Web Farm

In our example, the IIS Web farm consists of two IIS servers based on Windows Server 2012 R2 and front-end Linux server with Nginx. If it is necessary, you can easily scale this scheme by adding any number of additional IIS servers. Nginx can hide behind itself a hundred of web servers (backend) and distributed queries on a wide set of rules between them. Disconnecting any of the IIS server will not affect the system availability.

nginx iis

First of all, it is necessary to install IIS role on both Windows servers. You can do this from the Server Manager console or by using PowerShell:

import-module servermanager
Install-WindowsFeature -Name Web-Server, Web-Mgmt-Tools

server roles web server

We need a separate Windows file server on which are located two network folders:

  • The first will store IIS configuration – srv1iis_config
  • the second – sitefiles – srv1iis_site

iis site

Give the Everyone group Full Control permissions on the both network shares.

iis config permissions

Next we need to install the extension ARR Helper on both servers. This extension is necessary in order to record the correct IP addresses of visitors to the IIS headers, otherwise they will always be given an Nginx address. This extension is a part of the IIS Application Request Routing package (ARR) 3.0 and can be manually copied from the directory %ProgramFiles%IISApplication Request Routingrequestrouterhelper_x64.msi.

Once the IIS installed, you need to copy the contents of a folder c:inetpubwwwroot to a network folder srv1iis_site. After that, go to the IIS management console, select the DefaultWebSite, go to the Basic Settings and specify the network path to the site folder.

edit site

Now select the server and navigate to the Shared Configuration section and click on Export Configuration.

iis shared configuration

Specify the full network path to network folder with IIS configuration and then specify a password for the encryption keys.

iis export configuration

Then select «Enable shared configuration» and enter path to the folder with IIS configuration. Click Apply and enter the password.

iis shared location

Next you need to specify the user on whose behalf the application pools are started, and who has access to our network folders. To do this, go to the Authentication section, and change the anonymous authentication. You can select an application pool identity or you can select a domain user.

anonymous credential

Now try to open your site, if successfully you can continue.

Proceed to your second server. Do not forget to install ARRhelper, and connect the shared configuration in the same way as you did with the first server.

We finished setting the configuration of IIS, now we proceed to configure of Nginx. Install Nginx using command:

sudo apt-get install nginx

After installing, edit config file /etc/nginx/sites-enabled/default

In our case, configuration is as follows:

#your web server address

    upstream web_servers {




 #listen port

    server {

        listen 80;

        location / {


                # headers setting

                proxy_set_header X-proxy;

                proxy_set_header Host $host;

                proxy_set_header X-Real-IP $remote_addr;

                proxy_set_header X-Forwarded-For $remote_addr;

                proxy_set_header X-Forwarded-Proto $scheme;

                # Errors, on which nginx try to go to the next server

                proxy_next_upstream     error timeout invalid_header http_500 http_404;

                proxy_set_header X-Client-IP $remote_addr;



Restart Nginx:

sudo /etc/init.d/nginx restart

Thats all, you can try to register in the DNS for your website address of your Nginx and visit the site. You will see that the requests come on different server (in this case, the default round robin balancing used).

I enjoy technology and developing websites. Since 2012 I'm running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Cyril Kardashevsky

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.