From 26c315d481978d099ecb39ad02055962aa7fe940 Mon Sep 17 00:00:00 2001
From: Shawn McKinney <smckinney@symas.com>
Date: Fri, 28 May 2021 14:51:04 -0500
Subject: [PATCH] ITS#9443 add lloadd admin guide

---
 doc/guide/admin/Makefile                   |   2 +
 doc/guide/admin/intro.sdf                  |  13 ++
 doc/guide/admin/load-balancer-scenario.png | Bin 0 -> 16119 bytes
 doc/guide/admin/loadbalancer.sdf           | 169 +++++++++++++++++++++
 doc/guide/admin/master.sdf                 |   3 +
 5 files changed, 187 insertions(+)
 create mode 100644 doc/guide/admin/load-balancer-scenario.png
 create mode 100644 doc/guide/admin/loadbalancer.sdf

diff --git a/doc/guide/admin/Makefile b/doc/guide/admin/Makefile
index ef04ca9dcf..4edb4f1c13 100644
--- a/doc/guide/admin/Makefile
+++ b/doc/guide/admin/Makefile
@@ -37,6 +37,7 @@ sdf-src: \
 	guide.sdf \
 	install.sdf \
 	intro.sdf \
+	loadbalancer.sdf \
 	maintenance.sdf \
 	master.sdf \
 	monitoringslapd.sdf \
@@ -69,6 +70,7 @@ sdf-img: \
 	intro_tree.png \
 	ldap-sync-refreshandpersist.png \
 	ldap-sync-refreshonly.png \
+	load-balancer-scenario.png \
 	n-way-multi-provider.png \
 	push-based-complete.png \
 	push-based-standalone.png \
diff --git a/doc/guide/admin/intro.sdf b/doc/guide/admin/intro.sdf
index bbab488c09..b14c8633e3 100644
--- a/doc/guide/admin/intro.sdf
+++ b/doc/guide/admin/intro.sdf
@@ -450,3 +450,16 @@ reasonable defaults, making your job much easier. Configuration can
 also be performed dynamically using LDAP itself, which greatly
 improves manageability.
 
+H2: What is lloadd and what can it do?
+
+{{lloadd}}(8) is a daemon that provides an LDAPv3 load balancer service.
+It is responsible for distributing requests across a set of {{slapd}}
+instances.
+
+See the {{SECT:Load Balancing with lloadd}} chapter for information
+about how to configure and run {{lloadd}}(8).
+
+Alternatively, the load balancer can run as a module embedded inside of
+{{slapd}}.  This is also described in the {{SECT:Load Balancing with lloadd}} chapter.
+
+
diff --git a/doc/guide/admin/load-balancer-scenario.png b/doc/guide/admin/load-balancer-scenario.png
new file mode 100644
index 0000000000000000000000000000000000000000..8774352a43581a3e2e840097e08fdb7d80948a27
GIT binary patch
literal 16119
zcmeIZWpEr#vo0t`i!El!l58<EGn2*4%o;H>v&C$o#mp>Q%-|8TEM~^J<M)1X&)JPV
zcjLPe`(q<cM@LUjXH|CfQ(4tnnNLS4D@vgt5g<W8K%mG-i>pFFKn8)&%Mjqe$A{Ie
zPVi5Jx0)6})!2i~$;Hva+RmH|;N@gaX6|Wi0RiE;q8>kv5-5xyexYWJ_?o7~Gh}4~
zpT>0JU~*4v6rKplo&OSCEmmGIIXL$LSwUe#4h9t_3Gc^4MaXiPtn>1bh$q6h(?Wm>
zHg1;I(*Ci-Br0Fq+|$P=TEv0Y#ldH~CwN!|suSObJBY5w5(aEw7v~8C1QMJzxJg<H
z^1P;w_Ke16jwa@ep7u`Qwn9Mg3wb&jo7$QK$V|*FtsMj?E;@TD$gIr-C^R_~m=&DF
z%&n}Yy<N<|dMm1#dfS@vm{AA`BJq3jf)&`C1B}T$?d=>~c|8Rv{?W?|KL2}}iGu8(
zA^=+f3M~a?GBHONb24^Dc1C6f2~TTxRtiBRGJY2`3tm-m$$zN;{}Z6F0sx$NnV390
zJQzLL7#&?KnOJyuc$k=3nOIpFz$F-5y&M3>o(vAIlz&zHPaWdsuBI;5P5^612eQ99
zjZGZg00I;gU^&^pl>deQe`$Ac{TB#eIGFxQm{=H@nf`NefVIVcQT(suKZ^gY%&Tne
zX>O+_Zf$Sw;0kVn00kR2$3M#cL#q9sq%53V|49F8;+3&CwlvqYHUn7wN45VDNSj+*
zT7jSB|58QC#o8Q<!QZC^ODLHBBFXeGD8W6$^uN01FFya@Z~uLhe+%RPhU>rK`nM4H
zw+jEab^SM7{}uxOR^k7)uK$0*h4dfJow)<pqw@f}ZUfy#=U}%F##K~C4FSCQBA7)&
zK#)Pmh>NIsuAJq1c&aV_j@bN>X*Neko(Yiz5d=Y@dTIo(qFirSr72NcpxI69eU^_>
z+x<QGbFlXrZ2bT%Haet)C`NIq=veWj+4Ix;5*C(dBE**zv+ilvyi6W8*FR0#z1=_q
z9|m+7k$-RJCFA9R4JJdF96&0DTn{1<wsDGr+X+c<n?8|-9LQeMV5qC?KXECbZCemv
zLSp0#6fJ;oibOyNCTn7}Fd}2d9D##7zU%N8wi6HSCn0tGakwEcVBaY5JU372$C=H+
zOFgtFCsQ9z^(j;v3yT3VL<F~N-dI7p4jtQk<pjQ>vin<V`wV-Re{V}=(?Ut>>iWia
z3Mn`95}=mWVb$bxEsNczfr3iXysE)@yc@S~Juh*IfA2kE9pVxKJ*+=8I|if(dT0m@
zRt6r1G0}zlOGIh0xEd;9+8+P)$fxl{@+-vUW#`g~i9`3z(O@X}li$mJm73{kpjX!@
zpZ&4qx*ZeC&|fB6U)A^DK6;Wa(Nd5h1kdnGQc;HsA?jSXPM?)1<YeFrn25WiR6i*H
zI=Zd5TV}+eUpmU-dqB%KsNLLlYICfpy7i;`TeA-B`8LXL!0xw_|NU|irDVeShIPE{
z>~~Rz9<NL;>LGTItDPM>aTstnW%b$perd65A4$w}I0Fo)<zJA|oe)p%U!OcYXm_t6
z1(N|J`11m{i&F$$C-b_a#$=VsxJ#pv&>AfrcNV@L_~<hRG!i_`VWGnmR(`KGM4K;@
z`Zk?^(dd3+VZKn_RCju+1&0z%Lq`|Bw|AMi{<Pj{J386iXdIG@LP)FCRNkknce*eX
z-@J6u)yP{P5HLAIL<nA1Ac&@8Lsp9znL9APUWSaen}n6vym=4!gVwRNbqSeE%XFbR
zb&JU<DU&ns*botoKT(C5HWSn@Q_P<98_k$DE_S9?X<*67q`jRB%S0hZ489zkbn(Oc
z2LuX3TwmKbar=JzwxFu<XUM@LCI7-`wS~62pijoEcotZhUgF*dk!$<tq`7oBd!CV#
z12?1(<o~Bp!I6D}PMzdJq%DqI++2>RwTz#cpDQaTd%C&;M^6@yVxoO<X0}~m<=s1n
z%jXNBb8E^+tZ!c)NIM*v52Y32E@3^W(Qz&B!y-=nvP!Lg{IEzL{fMw+$6LF2yjWK9
zbm#ZdQRICOkSZw?(^~S6?Tid0Ll`KG5|%1$ryzqK1P>8?yuY>v^Upy<T=?%e!}xpn
zr#Jt1mqTlY&(~>dX9^o!58eZ${#GUb`S`MF{3}{)b84&q#s4CTW^2V(;;&h(<esg9
zI@EhyX-=2wAD$anKhv(b<_;IN94t!_6P95yc7HSo=(dla{G6@{?s@Aq2ktvHX}Pao
zO5oAL5ArGldW&JExS_ot!lRMQZ_^pWmK(Q!;VwSd*pjnhSxhJo1x(=KvBDrBW#K@T
zVGYHF(A9=o<|WzwHG3Vatb5>i7KfEsc!9cR(UY$gQ+M(2d@t&iWGXA6w@^+?#kT|a
z55lVruxHJ{8AZNo|F_F+D>}{Z`hLycO7k-<4iapc_iw8)IE4xsbs)brAQU^DN=sV^
z_`&W)6j5XGAO(B|mg*C8x(;4K;C_${v^hJiIVYyWZx|KUna2MBtzB-{xmW9iqkKK_
zz6)MhxEGTAXN3DHt3rJ(qXkY@w+`F^2V3m#E`+WTs&wHUyC63MYS)C^zNMZ$@qa<w
z*)43-s=o0~MgGy9#PWA?@KaWY-5sU_^-RNWZ=)0Hf_fC;gCM@84bat=_Zyde?dGyX
z&GDpII=ftTWVTIXef8Kx!9n)Do$Y~-SjGIp^aVjwvqXEJDxFCaPPgo<3g6qy;Ho2?
zhmvYC>wCZ}WLbWVU`iSso#ud&&=-#c1GE$xG1=&q4Nb%TU|43GZ<uj}j&{!;t&W<j
zZCk-1?B}YcTIev_GZI@y89Z2=4xz)Oj>9<qY!bq2B49IPkk`NwmvoQyOU(nDpgv|J
zzM%|a_~GG{hn>25Vsh{wmouS9sqbJ&50h^X`zggDb}|GAY3cZeS=80aqiiT8x9|mX
za7$>wJ$eZ=v$VJt_TnikD>KCt$hthW!v^K2Ha~O)Dw{kwj7)~15H2)WVQdVD`W_wm
zYAW}!cjoH-1Nfhml;nY^s3@Wf7nZu>P!dL5>THxri^0SsNEVjF#Ded^RT_26YPSjf
z1$jW@=8Ealgk(%7?qkD){h-a-0mYl^1s^IZo4la)8tPK})o=}E2n-C*<m4q{;z{p_
zkYCxHSNQDHmoa}|CF}{zWC8-YRk0t!q41NEK542aRRFP6)FqM?Bc={0zki2HF-R~d
z6Ejo`oxRuu4WYnEEBu1D@)vqv((1BcW9%gj&?DLpf>5kX^=-{|2?^>Nll9kcj&2qf
z+)5j#1mEGm+=)}8`f&R=x6q78oQiXBz~(YFy?bey*%uxIk4IM~1s-BIbMTk&aqli$
zAGVMR_}d%^S(m?pFVC|!i;VXMgxrCEMt)g2)Z5BQ-cZ5lSzU;}u*Fb>gjGNSe%^g{
z#E57B4Q$~qI!YDvT#)(*gtM+G%6(4<v_LRaE<qRLRsV3ufm<=ewt`(H&eGzR8;>%!
z-f<o-Y&x+pxiSPdcy=kY#f0=ljYaJdWP8-H@|x%qHu{u^@?qh`?JaOA5+OuDa6@&r
z+b49@BIdTFOzPQ=(-t5fJDQ$sf+8o4&`3?K0|ghts8}|bm1smxJJtk5Q`7YMLg!j&
z?fK?!uW9{5&at(#TS6lKcucmozHUZ4JKxZBsi!;ZJ4IPZ*BbGO)1!$Suk4%u8JE%5
zx`?)qkJTb*D&T31mpn-%BtZ1?j;&9@MMvkGypf4`sB_oq8EIBBrV5XpR`SgVWeUAm
z_)i)$%i&B`w$)x3ZIPf5x0BPJ#Y(yHfcN&F-7e-bTF&)s112n0KPs;Mk-E_Aura{h
zAVz;l#Z2+|3~Mx2*z_7IfR~zq_x{PMds?71ozvOG;x-avRH0=<47+T8xWT+rtInv*
z_Iypq*Sp(4VsN|XN5kAhHFy#S*bM|-1QrF?lER%Q&(E>m9$~$NE?4Eho;FHJ#geRd
z&l3T^ON6cY-mp5#$6BB7{Q9K{_HT%j0`TtEa4mMoBeKgnFTFCLUl|@>5w|qjIdo7P
zwJ%m1_9?`?JDTT-b^Uuns;WHL)5n>@{)C~1DU|JI$9g(|e39z?lD)VEgZBfgk@I4b
zP+%aopcY{2!{x%)Sm6_fv6yoJbCxyBja(|)M@Jur)l{~P?@twSypMfr$M+pIC=I=#
zM9Y~+3l5HS75lF)VeH@p9-%LnG#^O~0#`}5NEw+LJ7=CeVcWcg@{dsLl5`IWW`Ea4
z9L-aX9ZWxHce*vQ+NkMhxx3Sc!2L=|#TIjM@f<mSJzsC$`?IoK*FP1Gf=#cZw#C5c
zZeu#EbLz37ox9ZAYhe{1hl_!}lKp9GfA6!TzZd0|n4K0ufRTb=4hX5)oa0sN&z4C+
zF>+2iUG^-rH%{F+1K^UPfCJB9dNPdEpP5Iqs!pxiP-*F+x0Axw7JBFwVB2RA!)|6K
zj)`STO->$LT<lb(LCL9WRyWf{l3l$~ZPuJ6E!%MF0WT}7$4#^$1fE2AE?=PgMQ=E`
zi3DY3ZNS!Q+S)lf?NMj1o2sF_^@(-v@MLjZmCq<}io>^!&hFOALtar4dbh?l@1NGE
zT)_#j)o>F4k#T1SUvY1M0)meZG>--bvGYf}tiAaO`?rV;U!WAW-NpO`?KT~p95#py
z^p%ZnH8r#Syu2V&fR*#O*iZBYgZoGsr|t<VWn%EW`d~lw@ZmxzaNKAnDT`nm`COii
zaq1Kq4fw*YFt7S`k}>5AdfhU>pmMQNN$%$4<=#!|?(`^LRw<&c?hVfa1Cl&63N9}S
z)pFwXi&la_?8qN~=VgsWI;W0I!}C4bg$Y>^D{PFzkw^ppza+#3O#XwE0^LPyj@8V~
z(6ZR&R8OqI?>gwsz(JJOt^|(_q>2jt95niGt5RT31YGSW#AZ=xMMxI;@uAr;9x6Y9
z@y^ae%`bL$GM0#r{#xK*v38p;<exOYjJc?=um9BfNfb1O$5YVXF+~kEc*nazu#UU?
z0-U4c{Jzhrw;ej_dPT1#Wv$L&2~D?`hA9ps4#SJY1OY5i^?rdAqrrm2a!ObpxvMn{
zcfWGN)H#U|)I!mm?k_p=EF9=(@1tu?C!?6T5+{S=Cc+DsUDRp)R6yOrkwesog-|e8
zb8b~v1?3NE!`tUJhH?+_2dbnmE>{}H<rdtIWDzh%x6)BIZ$9>#*n0Q8HTf+n$|~cb
zTTj?97(wVbkZex$6@U#H-rO1`fV`f6Z%)6t_S-X|&%+Vv23w`0ud1v~g+W=7u8!Xl
zz*&R@Qen_QN43#@ytJV@;MJhf?FJ4M&e1ELmUenvW4)rGFpmR$6C@F80U19W{L%`e
z&T?F%NCxG-Wswrpna4{yEhL$=_M4CSM5^tmx9#>aAeE5>krOAhW}K&w;66`_hGHh3
z!U@W$M6oOz9XDUuY2b_HLTvBlTvLvS6o3m4t$RtE41Fsh?u6ek;N5tG>qcnq+QaSy
z2LT2Lsxd^8>*GPB2OP%8!jWgA5>iX8!>4Mg*ZlKpPD?3#J$@|UkO^lxUq&BfDG-|%
zdp)qZAGG9(LI6tvWls-<v%vmHSoHn7+ku`->RZF;SNNa5XmoU5B5ZRNdmazhcepJ1
zcSknc8931qx={I}Dpn{dW?1!X7j8xbcFW%$v^q{i`)13nFDE>#JOZMT+p32qZ%oiS
z>8A^hIUOOXA;-mGRuo|d0)O!4o~IdT`^8*%owo1wi%FHX0HeOpPN4BW9CqvWzP}EB
z>YaXIyhNze7vCy4s+nhDV@S)Xb)=x`BqUFd^fP7AyF_Y+O?_3>81yPv^%EU8l}t6T
zljrpTvMC{K9H7*HpNnK~Q4zSG?QmQRw9{L`P;(O1$xR_Ugmr?ZfvOaT(J_RXS~vns
z-yY?EecPI^Ew#KOMkl4EDQ_5<8dnnRy6bK=h<SMNorX?mY1}@Gq;M(}nZEfd^_9<$
z;%EqcO6CN)Pt0&D;MG>oKh9R4<d1s+$d%}nqn6@>`eq9YzQSv5N-$gtd6KY6ky~5{
z)3G$lyMdTV@XI3lv>*&88ur`oMAm|iSzemD&ZrBnMd?-8HiGKP%IQ^fCfeDJh;r3f
z5Ue2Td&@11jtUHBkY;t#tQe_}aoT&vY*|UzaTM*cK2h6CX=Uqc7a)oQ9YGJpcNSJc
zcsNMCA{yR6Hg>O#sT7l|3O+6VdRVI&n$a_LMHV+kuCl#3>PAnKxr-b}t^ac9*3Lwq
zm3FL}T%|wFQS1YIE?JFFoy0mipYpO*Zg%N<rkjc@$`|tsD;{_snw|OJ&CN<^;@570
z6%|12o*PErQ6HB=<djHE-}yQ^RwL+D;KlSnal}g0z1!gP=fFd&NTHEZSD)y<DDeAq
zDx;C9yzSx&_n9z`xJZ6=%v`Rb%)r^-zIy%&vcgkJR|>1S4B=-XQidh;xXSySA2CQP
zBrh{Xa>wfllXV~#@cA4>bpCQWEhHm6|Jistb7=oGH(><!BUgPpu|lM!3>L74dg*$-
z$Q5djtA0{cl+CG-&1Htd>9_V}Z9u>CF!2s46Y6PP@ol=H(cC9I-jDt-DBy+A`_pth
zB@|btys?KMkE_Afl1f=Apowol<?AE^P_OIhphT`KNO<eRihC8=$2E~JeP`wDL+#}=
zD<D{jeh7XHbK?OTAQnpp6LAmGeDb8zY-Jn2zaV4vb{4fxbTBw<v)U>q4)ckIivfzy
zqe3{8Bu<iPY^-lLXaO#sF99A2xzNW$T4q@nhFUQcnKAHYD&*Maa2YE)rXLV^cGQ9c
zDR3z+Z@1=k;oHvMuKNJ^D%Hbg;N$Q-m7eE0LWBS_CGmu@8jKax;r?r|=`9urSP<`i
z@0;x#?XPLVy*zZ|o+1)I%b`2MH$URnC|H5zdc(bVsr*q@v9Gs~gCZghq5Pv*NdS9p
zPEGcxKV-Z8;8>!-P>6f?!{It1E$z2i!;X&@)8V*=YMYhSVH5HhEMifk87$0ZkuDEa
zdWi9olie#i%y@lv;mMdIQyS+qZ;<ir9GWmX6>Ok}YN<b8To0IJVxr@ZE<J`e%hu9n
zI}JhWt$H`D(@_2(uO@}Gu`v5vz9bPbA@;*}9-`E?skkirZb(m|&k$u0or7`WJ$@)@
zS0OS-b{b@3P;5-U0OuH=3^-$I*@+v+ZQ7!`{kBAD_C{%p`=Pk6#4|YUFCGFw`prXz
zUa$j$+l!hHz5%P88NAr<IP@@CDbRfG<p(k{mq%sCPmvgPHmR7wx{hI$HL9Cus~#7d
zAJA%X3*?x>_|CbVAh~C7UJF?TI3_v&tk<U9oqm8)9xnenMAgfEup78x<cY@J6G9@%
zY16U?-6z#&p{DjLMg(ICYAqr<?=U>8-H+~)fmy!R6o}||d7wn&{%T~x+sJ~K4c#jg
zxgSbj6C1OYu=Rw&i@V*2r#4kn?I!6z_R)MKn}S9P|1wX&_;ktJLz(zr>)SDoZ|P-l
zZjkXjrSGnT5rZquHu#+K)hCO#N?a;pr|#Tu0PbfiDuU|K!h4vS7&+<J)m3DFd6b06
zLx9Ibq^T5@Am2;3{#T~#M-eh~Zows4R0+(${(hXdKBE&sLXMG)m@Eb!nl=z&ma`JS
zIcq_H8|Kh>ybY^l=T}U}Ff?jY{{zdpTE7_54{&)cd~Jjrk#qogRAhp8=RTD_8zV?3
z>O?-%A;W<7VsXTu^GbusR5pF?BZ<!sq+T#B4q;pyfuS&mo4xPd4GjYMG*myN^LI?B
zNDOLS$T=*4jNDIV`wktqbH9Z|A}FB56sT_o8--q}X{kAD<~Kx!bDU(y7#{dL?t~sT
z-=j*c2bcKNY8hDI<9x)#gg#;qcH=y99L{;cYE1{x%$``zT>b82$2?G?s_>BqPO$oH
zGjj_fkDE6>9USN8d_6bfuTwd-jv%97autHci*d2_N9;n%8HPlC*HrI+yc+AhxcQ=~
zU}yLC!b=PTrL0q-C&}j?$cCrMWf||nwtPlAX8D`m{PCiPkRIppkdi}sEhFGnEG*6@
z3lldGnTh|_X~ECAF5ns=WVGoWl;=(Le%nYb=@!O!GDJ5$t$%$MycrZ_f182=Z<Bx^
zcn`@5i}HHBwF@?A8_$A={y1vr2Sp*=3k8}p4%^0YR#U{+6KFke;s^ELthvzHO5{x_
z0xGVMQwT_XSq0l5ibv2A?qoEoPLCeGU9MvD#LGiO>!!weUhyaMSJ0zayCZ;?1Fy@4
z>h(6o<>By-*{dNM2I}#cjsunDe})y-ZXQSix(uX`AA!AUfH}ywAG$oehoE@g?cz#<
zoEzuX8kcl0eg{dk^UMRl!dhsS-;yf3Wx+krNG<@HfmCc`uwZx6Aj-_&4eLi{)LHs1
zgW9rAg{VwxT0?zPIAZw|r0C0iWC9A<R>~3m4LP-Fv)XetvRU|DsqNOvKY07hW>F-X
zb4FA@zYaI6$b9*se?0Ya6d?f%)Mqs)v)18+*WBXoOe&lfnMAj@It0S$vYOjFNox|^
zy&g=lw4Dp2sC9qCTcLqO$$N!6d!KfO1XVe+iA~97CzG&0n+Bx>x`~AJLOec^wJzIG
z)R`fE#Qxz4Qlx>RPC1&CquFGC4-Z(!TF1Wl*_+FAobG0;;RnHgi%V)dC45%P?pV;m
zAw7HK$-og#*^?tX*T*hzVwxr8K(2R5TeGfS^|^Z6SFI^^<{D4sM*UdlWjzG0x28E@
zB<|C{VlIkSqZJioRIro#D*-TvLD9k<jXZYqKsqj6z8j-U!+P`i@P->je2f|PYFrzN
z#dkOxE|_&*csAu#f*jkKn>ja{Ew5|-Ir*Je9-}V*HjpdSw132WnX`Iz1ZYg#8lwX?
z?mc5`_X6bu$VJDKpPDWPo+B<`!wvU$<FrP5ATKXA_T|;^<&vpqa*CJRD5iszHAY*&
z0BpKK_rukJY3FsW_qoiVhU0pdGxZp*mmq@>_|89}rfIZz_HVw3C!B^!*i9AIn{*yy
zbFca8s!o2&x`@H~=&iP7k-IGvE8zEHKRZ4)HL(|T?V_lpG|cSHzP-Fm8_Gs!d*KCH
z`15={F&mkXv)p`^qAM)yac=&prXbMT-REYkk|Yr!R7%_~o8{sr4>|$wcge*Xli<@u
zcxS1ex};xLgz|w}NFI=hC>*pXvo!GQY2IYPd%FegvbR0QrYs%VPp~Js@jCqzY@Gjk
z0~YqLMu^m+vCa6GwErsTROpS2h)7F2VgsA4AOXVraO_2_QTaUa{`t!?o4vRJ$>SUC
zDLa!=x2Ed%Kln>$HYO`A_Exa4=ompXU!vA$XRAE8wYsda@}1G$n$g5zo+TxQtMs}!
znN-V8RwyG4YNZG>Q`ImKVBo^6DnZje7#Sqy+ri+ulZUEvm&OlS9mgS5&SK}<x=T}M
z(haaiFk9Up30M7Qw{-&Nkf+Rai3L|&R+f^Q)UQlN$(p=ZL92S_O;J%HJ$E$o<SVYG
zW;Ay)djdF&iDrJzCbxuxE-u}HW(UWu?C1>|@zXaGgc#$mg(1ooWqVc?+WUnK%&B^7
zbbhTAtXn57P{W%{)(Y6a{v0OpJHNwgFWY|oD*4*=^l&!~?HGQ@NMb(2_HYY{_vbA)
z*2?+4iC3MmZQH&pzoy?ndpy)=yoC-^s@o6*P%F%s4v_>&tqAgbzr<zd^GN)K$+B}<
zNU7^a)Lq&UopnqL6$H^4Bi0$jd|STz)|W)yW^1uE>x7lx>&k(czd3Ucb@{^RX_`qO
ztgl&~2d`r!?dX@ZqVcusjqNoV*h3?@0_A8BbQDJ?tytH<{3ZEdxl>r)(){zK;}*Oc
z(mitUbb@%8=w^_t93#|>ibS6oXTo7RTbufu@I^02%)_59NjG&WkM+lgkd>iM$F2d#
zN{y!HC_eXvFIRnu=$&~Xao!rFu6Vd-o}rIXQZtPGjxqib<CY=w(1z8T({Djyo9CJ*
z3oTig-vTB=&@>{3B=CgrIM)*P%Lm(dH^wZ~+MFyY39vu1&>hZY5}rb?MO4&qlBD*S
zm1Qg|Qa}X-GVy@@G@Li**2=Vj*IZA2pN<w2lU>id^=H}ygW3r2wKn}`AA3_x6-bW7
zyPFpOXX9CeRa+Fh%m}J^fXdl@AA~#`q4w(>Rq?wMA-)WG*2Lg;c!Gb>gNBHC$oSFq
zK$)$YT!2`}_b3ul-^Uotz#%*OaISPQV}zl-PZIq!KvVx`U)JvouOCVKq5Dr3lJJ)b
zB=X_)P^)0#A)g^z3s`4l3C>Z)8?i>b1PpBDN}~;0_V`FT4>aIDkc<tjalBd%=?3&z
zGSTf{yDI)k`PJKSpPstrdc$FcMl=xK-0SiJoxpb8hSd&uwZcqRWhPLldfT@w6}bI4
z%TjMQqCa@TBp~4}snk)jtaJAB*ATTh27#AZ!w24t<IUWKr>~JMzrq~mT7}#P5tYhG
zf(_uQq3JvD8&r*!24z3)R3+*{7_K7}y$qDoe9NZkB>c$Ee18KR2*o95Lp%q`+p~Sl
zWXF`eqdJ|_UTbMdycx6MMoyjUq(qOZ_`-s-zv@v02Ox#SY4j-cC}fKXoIXH_iL`3p
zN*+FMPqj1*$d5IMxZ3?*yPVNkIyx=jd!WGoxKO!AB>3%naIT)uY^HCAxS#tP53cjv
z(iQ#dHJe~S07*hGf5d4{zn<^@T{SHP#P1Pl=!!s3pGG5TI7GTq48mg(-3K_^7Y84N
z58imU5b`ewe+*zB@?nRG;7T~0eu~xkW@AR1>u$f<Zm&^peFtvk8U+V}d{N#y2ah|A
z<PdMWX#feUIPl1h)ThN|hpjH~o0^>n`#HLA%4~q)g4d^U74n>UzC=&NYH}#al;vFj
zFFnI7;boh?nx;nb><KeOJiZ?-M5Cd1M-nn^Unz=h``hz#@yf5TCvKaCpR0q<7L^)a
zzEB2AtM|gh@dOBQSxu(D_t-8*B4j|1-W|)Lo)iy5CU{wp_5F5{gFgLPT}BC89&HYc
zw~89%w(r7z;{i_IZ>G5jAJzJj1ioe5$^=ECllV_I4(>NzRWq6RG{@AFxA<W69Tsd0
z3ACNdZON#`S(jzVU_e4lSfmtnR5VD4_gS&-KD=DM_~OM%BHef-znqM93zh*->Ln$w
zrqbo2qT@y8+5Pp~iEPcxF0sylx7AgjYhh2xolv-Z-eUE-Q&t<^CyAN#gSVrL#9Rf1
zFU+($U~SgMJZm=)p;fnI^gR7BsxshstkFGEIvQF$@45}I7d$k%@JyP1Rq_k=1iG+=
zRq$C&xnx|U=6yz1I;+@WT=8I4Bi0tdoz^n?G*;V7w)C9dfv6vAf%YML(%75<yX6P)
zgvWV8oBwX6SG&~$d;X$5RmXB3CI0F_X$N$kG4{NvakCRZvKN=0|2}T7J3#rk3B397
z*>U|-4lG}*ItDM6{%aql1L?3*-uTq4lB%96u{YQ1x@F)he8hT5+L(^#qupXM*YS2K
zXyA}Wt+J;HE`B<Aw_&RRn0jJm9s)Dfnp**v*mx1fGF?$&0GQ&0fWUhD%LOnh6qn(U
z_e9)exKL5n9>4VE^Jpr9&<dOnJO~t0Zmx0-Ob=pL)0hH9LI4!9h^x^Znn~u1G%s>;
z26d^~|Hcv$dtLd)dksg*=Z9GCPmzV;*E`BmvMdJ8*pt}yq$No_C~8)8dS0%-+6l0>
zZ@2icWXT7{zeA%9W0J(9M#jb$dh|k?S=><u40C#uq)7nisM~!4Hcp9cH5d(X>_ozl
zI$t3T)(s?IV?dN;hO|2FHmjBhXC%;;sNq#+hZty<DB%<0(ox~I@n50)%g_SLrb1#p
zv1MF0l%?asvX#Q+5`smJ5(%KwKWO%V>Um_vr|@99G1aGyc9aiuVbBzmjWdVu!`sly
zU7kk?xX<wUsTR8o^nM+kEodFW>U~&4<BzGJd_%q@qa8SCESP<W#JA(HQC<$84?ZAV
zFl*23H(0XmcVqfaJ+A=$UR&+au>Ah9+d#<clm}PfWh;eA?hn4vTxOArE3nEt2R)C)
zj`Q+<DM)LhE%;+5%i6PAyV3C~jG%5z_wUI^9a5o|?dga@7wtF^^`&TwX)`-@m#`HH
zn5y!*G$1>AP*D(eIe@^8!ikvnxndIZ1O6M|XKKN1phT}-qx3l$n$*LY#{P{LJo-+1
z$gMX?0@Cil1C6ObyJ31}_sSpoHG~w4ZI;8Q&(l-tO$z4)ACAXq<3&rDYU!F9WNTzQ
zU1^L&&GBkZ5cLq30)ycMg4mRkwB8fX5h28fhp_pDUP8|G1!4{dn1m|3?pEYnI28C=
zLQb!LSU@}K@k71E;HJ=Pi|fYgFs;3l2l0&mKzwX3ADhIjesrZ?_*vB<N;it4^NfrT
zCk$H{QYe&&W=r6D5O5pcTbbX)W$0BZKi}j<Y?a=7|2XRJ%CmXj7BZLLvYny}n$fN&
zb~zusnPu|*x?L<qhba7DbaEw7@X_;QIcyD5bYDpyKL$jhf;W`#!zIGWZ`g6JP`AY~
zlhszcIqE#tf%Ata*29dW;Asy04ClemO~X@EDzq`g+y+AYmpuHf=w+jQizTQ!4I)Ou
z*gE(j1pE_5N}K*N$fQ#|eVZy@@@xZ@f`$`WzyV)BjQqsgZP;{uw(YF!^TT9lXf8c>
z#r}kt9<Qk08Wy7CVm!cve2nSRE1~p+3|}3Iu_kpZI-@s=k{3!P5*<%=+7JKKfxIw{
z7Ug`$0DN?-lEHS|)XQoX+dxyqIG1wK@+gQz^JdAKx5I$S!DLm{&V^B(xA}x1TPEJd
zg@YRlx8$_BRBC9YHG%j(ebY$b$sSrg6BGge6AC{wY5K2`YATK{r$|s|(gLo|ksR3H
zk}GIqAb=|WkZ-Y7X><ZITQH&q2cXn2z*L5fpF=c)9H-@`wfXOJIgD8LJ6CNyyX8ba
z)-qR{L1=ulg?G#Z8S{KeRZm}!(lS2>L=V|9gn=E<b%UXcU#YRs?nFN=FbSG&hYS9o
zE@10uBiRcox|+?5927K!{JyiI4aD1GFiO^Yo0=ABhol{oyU=MdGv04C^j$MoT%hz=
zSJhXy2KA&MLiC~L=VNi6@6@0A{P1-kPrYs}w;aO6yCyp)F5y?!8!dqT7--xlAVS%T
z&5fJtcjIKFT({U=Obi2|RuPG%5;E=vH52h%9BI3MET?1?@S#~!@{QT?{UNPG+$lFz
zX(M;n=k{C|Nxx=AWadYlnNUieSA^xv+3tz-8Of>}2rmrV>50%2xR=!0nZ;&hARDH2
ze|whBWpxG;KAf6r{;n#WgZk<F5V@kr@h2{~yg6kIU4g)bEliZ3@T4bsz$B<puKH@7
zdm<%TsrHOY0{*`orC@>K;NNZ35qq#LIz^81(u&@<lS(++ytYj<(IqjN-cMeO4w`2O
zMq;>avvGa7I9RP+yohg`lIY8e??)G}AApmCSjK<a2awK}l;qx=j&IJ;P+Lw9;88&L
zs4gQR$|3y)HZZSP>e%$cz@M=$Npa#53Ml`F*;t#4D4xYdgRwC^D*}UF!&P;i<GIx{
z2S=5pqK<|+TY7rH?>`4XycWmWQZS+A3zNq%FHw(HZoF!*;S0*rN4pF#32GPJCY$J5
z*+^b*02%xa(0_V{-_#nQq~Kl5t$QvbZQpKi&1qIV$k@v7q+?kqwme7li}HW4QQfW1
z1qF^1J5B07;y8XUZVEq9-p-0!4^Zj*v4E@U@%{R28f}A;xV}PzddzK+u#GS^_`7jM
zNR2QxGYiE4_r}>hnu1JJIT0uQsMlVSOd7e^4pu|su6$<Z>{(9=EG+8p>c$t1T1E!Y
z(*fqgSSpqAuU}ILF~90cE5=^FTndieExA(^gp&CiBus2r3W0_q($cB~f9KJ^ZE~&g
zJ~>Y5l-<a09T+`4%5`Y?-!X3$jxg6`J$MXE5iOXtwtT&mVANwFOqlJ{4a2UIqS7Xe
zj9$PG%vuqG<EA)dd?Lc0Y%EF1jUEot4Ph9cKwZe@(fU8&b*)-ZKpdLx>=?$!N9Ep*
z@!c?hG4?p@+&NojvSpI*?HyA2dIPBI44`-7v{A05bLo<q*4>RT%5nShLnZe!zJ4>Z
z!#h*ZLqOrckwx_I^j-PFhy0?~y0Rjd4tj)|7t*o()!F**uPdYdrWL!gYH4!HUrKS^
ze`j|n<uB1pSiJ37<_qwe+#a6i{%ONupxyhEo$h67BJYaJ#Mtw_T3mQtUE{=lh<W^N
z-Y~-+-+!VU)#I9oW0C**BHM41{;_!MtFCRh!0WcbLZ7@C?XpjYzY1k~AgTJdPI8X&
zj}R!!>mzMer^Hb^1^bq<oavvt^Jt0~a&E5N#Pep#c4>-q8}J#uP!izsvDGfwZCdO;
z+31<EF;iMSa=D2TK02!DSfg+#71jXuD$DVI!mNww9u{XzdT*vN;Ns8C^X1pF32lmK
z{N~FV-`{kEv9gs%<DDhIf9n4!qbap<S=$*WX*ztUQEgEFjqlyLop0+QKv|>X#pauk
zC#w?=ErF2<RzM_P!BwOu?Wr+YobYaq%12s<F7mh{1VDe9&hBqr)gm{lQ(~675CQmT
z0x1fJZ}lEt6TbIEFn2H#)#T70yw9^eVfdYJqAVzje^p>65yQ5koxf)EO<Xv`u)k}Z
z{h5aYnu}iQkjBXVn9=qL(C*_^Q|(|V&w_pns#Gc5jZr2q&c&}*%C`bGSxae633k%3
zun-5Ve3b}`ND$hXx;^Uk=CUhi<`^Do{Y^CcGb3ZkgQCbZzUSZycOZh)Pjn=&X>R=&
zKRDO+4)PP&#JIFg$(cG<%C>>U>M(_p5plMXPLKq0@-Llj?h<eu9|g)fug>H|z=B)v
z+)veCFq}*j26ilSfoKo8h!63|XF{VD#7<Z8{2UHFOjTRHYTP8mr&+BZfe=h}9+}H=
zBAUwNxrFv_-Wh@d-+kYG^P6?K=!zsu!ptp)S*?`$wY6D3(L|gxFa5t$0hBPxcjax(
z_G|~^dC6_Yh#$f%E$)yrv9z>}4|0Kq7E_heUKEr?2FvPtp75Bseg%3~3pWFkWm^GO
zP%_|ToA4fT-=JZ^+X11T1vD^~$5V`vv|vD|7C}&>U<krujsuE}y;>xIhYQ#Lv42mm
zen7R^U%<E*bRJz*je<8nUk#bfFqfEwAtN7~85+u*oIFsk6SriSba-dPd|1DHylSFR
z8C6{ThL)H5t<8zME1+j;+;!^#9s!1osTM9`P)bII!Q9;8)Sc_;3AM$(at;Y8M_iJ?
zuiIPO2L8iLdpMd$SRBb&{OG8)(VE+2<CT391N8(ZhBNY^1F8GMRp}_Gi?Rz;K)G^O
zfs4Dx;`m$6_woKDFQYA#3F*fDHD!tvayARVb(mo;XLK3-<<r9nj`!#xCr)Lt<FC|L
z9lc-6`UPQhM4<@mVXG)lPj!Bs{q0_^o^B#RvxfTi_xt;>@&>hvhH86_fvD+pMh&Y1
zlDVkFhX4r)#iGq#(2QS*h?I>@C{r6-P#bq66TjZYJiCIN0!OEOsc@ggyjQhGtsui>
z?ZqmPc(JjJk5+(qVBp?#O-vf*xGpp-Oo20VVtyw@wF=k3KhAC9@g^!x$?A@@#*J6|
zai7Nb^_*xEyae(w-No8qm{|3q@p<VC3pvn936i=His>UR!yrZab-<32r;YI78%;OS
z*Q5%sG;WTG3Z?<D7Ji08;UVYbe3vYnXDQXxFuWKwr4c7)J2rbZL;GpOPI5g29R#84
zZ#aE@fqVTnQ0v=U{jM!1dw#Dg;q`Qzl{J=d)b^{n7TTdmFr05;gq^^%(vel*K#9Cr
zO7!JyB%Za+3@1;>z201tW0$)Rkv%vvFj9Ec2rfP@Ha^pe9dF8MVF56G=$2u7II>IM
zlGh#k!y3Q1v;>PVKk{$lKg%AiRZ)1pyeVBJBVWqdm;{#3qt0ScDNl&AhD}^jDqV-N
zC><MTfBL#}eRKB8FUK#?Ffg(JA+!SC0By~V^ZLSaDq@so=1(KM<r@O%mB}F{Q_5ZQ
zicFvDEr^T){hDGX17TsW%J?cu1{y`uG;R81{L)K+C9tQX;#w&L6Px(!kNG3^6rL(x
z`U%y*Jcj1@th@V$hKrD)1~%-U%mtW<aaEmOVp=fABP_?6d{yvKr20w^-#9azdn=J@
zJfSb9`99ODSA+EGU4tWqhcO`wtxF-%xVpUf0uchEMS5x0exlSG#$N?f>N4T4!&h!+
zwO)qed$yNH>#C%@z<^1r;st|jcv=`;8io+Ne2EAPENjJ<8#2qGy>A{J!!1U6{YW%=
zTxgrXlP`20P8yebh~WExiHJ7i;hYv*aa+4Z<)UQ7N!S|@(7k%YFZlCyOj<zJc8?wd
zwB?5#?XFC(eN^u#2!w$kN(%IqHQZCg*XXgExuhSk4pr_fS5*gJdLKEEh~YB<%iG~6
z2bkO->{D#Tsm~Q#th`dHTz?6)?`EH9i55b}3>UP0*O2`npL;u_9qr~n>v!z;4Y;M-
zhrK`SygzCRR#ugijSsiFR3Z%YQ<_2*j`OOC)>8FVZFMv%%S^H_sDbPOrzTvxaoz^)
z&)iT-`AS?jhVmF!k6Y(TvljG2+lWru)n)UG-Z(2H_*m!|2-Y@Bd@OpV8*q&0Tf>>f
z^DITW>{0<NVLu1$Pg4^B3W9o%wCB+}Y1o=Bf@kT9x?qA0fPyU4UCBtdsDytBc_z3v
z|44k8Z?wGZwT9*Nx;wOVQuwAj^!^eCD#@7Jl%h@60kIGpOoK?%@0`)A2?2pa-KN8Z
zj;4ml5y~D~2>S2DU3Ix`a8;89yQ>qQkb1LZjjYhtzRXsMm$c!8CSnA!O^fR`?9HIK
z+1b6s1b+B{TqvGrxVu+P#m{~YJLd7t1z1BHZ+0<e7d%sHw~5;6aq;q&%V#_s-wjMp
z6;UZ-PbEoM$+Hw9$LRDJtkJIyu#;@>B95jiubZ8kLN*X$`X=iJUzqFMxxMg}oI#=F
z8wo#No=?sDTQcVVE{Ti}Vlg!uLI3>ON(Z4-J}8cmoSz7sC<Ld!eJ)aM$-zY8xl>?C
zg9XY;BDvM#qLm=&iX79~5$f|1O%spnv5=4v#7Y{2Rc&{;`-=75Nd%gdZae1Lapj^<
zR(OjWUDjyRgX4x1^a`;@`N7kZm4J67pEQ_osXsCrgh5$gsf5RelT3(hP0TKRhYlt%
z@5YC8@n6DO-V(XWza505MKs$kvf5?n04s5eOF7><-(D(*Ltz#Ptrh-ZYTt{<Aj;=f
z=yA1fAOQ{0R$CT(K_irP4#ZtoaK4~!7tn%=M$5rX@u$dyh#iyWsS|a^VrmpuLLCdR
z*}#Y_!K<q?`*&Smy!ehOk^bM=#Flj~qd7cIJ5ffhgO0uZRoY{hn|@qc^p~?zFQh~`
zfBE88QVk7TlU%9&zmJUGeIsK+Vi<!-1h(#1Q?CNvy};RE&x`J7jo0>rfeQ8GJCDsT
zgF?o^n8|2Dp(;h+vVX9c4*!1m94om9ZLMI&nF(eHr~Z?WD~-PNdcC^mYx^^Wm-d%A
zEJ}AvMnTCp)FZ1Tj2_AuwH#Yp3?l{r9PqVN&`QgQxVGPuzEaMDDaQaA@7t}ULNVuw
zJe1Vb+}#XX+6D1u49d$7q*F0}zb_DZv~6Hx^D5}dnV+9$i6v3+bZ?0UO^>bk7zlr^
z_u<<6GZ2nqquqqyXiVO73+SQyY?QUGSo4=cFM2a7BeVVUr+B<aJD!%RC|Wvl%4E1j
zqw&Z{U<MvX5ZxEV|0f<XyL3WwI=p``65r(b*NfC|<z8^^omm+z_JlejkmBN7GO{Kf
z0QM7NR2;{ZpO!QHgMU9<0DreJ5O{kFXkcZ<LoySWOx9DEs4!3xSI3s&CFadfh>S*(
z_ZINZMfFp`kn9Zr5pv;?abS}cJiR@dnqFm1w!QklIy--ZhvKf*xL$V{LxH=drF(K)
wr2P%`6sXIX@L#it|2G8V|11(M`vZd9v0;INR>Kzk`*FC8grazjs8R6$0J%r!(EtDd

literal 0
HcmV?d00001

diff --git a/doc/guide/admin/loadbalancer.sdf b/doc/guide/admin/loadbalancer.sdf
new file mode 100644
index 0000000000..2f9061d999
--- /dev/null
+++ b/doc/guide/admin/loadbalancer.sdf
@@ -0,0 +1,169 @@
+# $OpenLDAP$
+# Copyright 2021 The OpenLDAP Foundation, All Rights Reserved.
+# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
+H1: Load Balancing with lloadd
+
+As covered in the {{SECT:Replication}} chapter, replication is a fundamental
+requirement for delivering a resilient enterprise deployment.  As such
+there's a need for an LDAPv3 capable load balancer to spread the load between the
+various directory instances.
+
+{{lloadd}}(8) provides the capability to distribute LDAP v3 requests between a
+a set of running {{slapd}} instances.  It can run as a standalone daemon
+{{lloadd}}, or as an embedded module running inside of {{slapd}}.
+
+H2: Overview
+
+{{lloadd}}(8) was designed to handle LDAP loads.
+It is protocol-aware and can balance LDAP loads on a per-operation basis rather
+than on a per-connection basis.
+
+{{lloadd}}(8) distributes the load across a set of slapd instances. The client
+connects to the load balancer instance which forwards the request to one
+of the servers and returns the response back to the client.
+
+H2: When to use the OpenLDAP load balancer
+
+In general, the OpenLDAP load balancer spreads the load across configured backend servers.  It does not perform
+so-called intelligent routing. It does not understand semantics behind the operations being performed by the clients.
+
+More considerations:
+
+ - Servers are indistinguishable with respect to data contents.  The exact same copy of data resides on every server.
+ - Clients do not require 'sticky' sessions.
+ - The sequence of operations isn't important.  For example, read after update isn't required by the client.
+ - If your client can handle both connection pooling and load distribution then it's preferable to lloadd.
+ - Clients that require a consistent session (e.g. do writes), the best practice is to let them set up a direct session to one of the providers.  The read-only clients are still free to use lloadd.
+ - 2.6 release of lloadd will include sticky sessions (coherency).
+
+H2: Runtime configurations
+
+It deploys in one of two ways:
+
+^ Standalone daemon: {{ lloadd }}
++ Loaded into the slapd daemon as a module: {{ lloadd.la }}
+
+It is recommended to run with the balancer module embedded in slapd because dynamic configuration (cn=config) and the monitor backend are then available.
+
+{{B: Sample load balancer scenario:}}
+
+!import "load-balancer-scenario.png"; align="center"; title="Load Balancer Scenario"
+FT[align="Center"] Figure: Load balancer sample scenario
+
+^ The LDAP client submits an LDAP operation to
+the load balancer daemon.
+
++ The load balancer forwards the request to one of the backend instances in its pool of servers.
+
++ The backend slapd server processes the request and returns the response to
+the load balancer instance.
+
++ The load balancer returns the response to the client.  The client's unaware that it's connecting to a load balancer instead of slapd.
+
+H2: Build Notes
+
+To build the load balancer from source, follow the instructions in the
+{{SECT: A Quick-Start Guide}} substituting the following commands:
+
+^ To configure as standalone daemon:
+
+..{{EX:./configure --enable-balancer=yes}}
+
++ To configure as embedded module to slapd:
+
+..{{EX:./configure --enable-modules --enable-balancer=mod}}
+
+H2: Sample Runtime
+
+^ To run embedded as {{ lloadd }} module:
+
+..{{EX: slapd [-h URLs]  [-f lloadd-config-file] [-u user] [-g group]}}
+
+ - the startup is the same as starting the {{ slapd }} daemon.
+ - URLs is for slapd management. The load balancer's listener URLs set in the configuration file or node. (more later)
+
++ To run as standalone daemon:
+
+..{{EX: lloadd [-h URLs]  [-f lloadd-config-file] [-u user] [-g group]}}
+
+ - Other than a different daemon name, running standalone has the same options as starting {{ slapd }}.
+ - -h URLs specify the lloadd's interface directly, there is no management interface.
+
+For a complete list of options, checkout the man page {{ lloadd.8 }}
+
+H2: Configuring load balancer
+
+H3: Common configuration options
+
+Many of the same configuration options as slapd. For complete list, check
+the {{lloadd}}(5) man page.
+
+.{{S: }}
+{{B:Edit the slapd.conf or cn=config configuration file}}.
+
+To configure your working {{lloadd}}(8) you need to make the following changes to your configuration file:
+  ^ include {{ core.schema }} (embedded only)
+  + {{ TLSShareSlapdCTX { on | off } }}
+  + Other common TLS slapd options
+  + Setup argsfile/pidfile
+  + Setup moduleload path (embedded mode only)
+  + {{ moduleload      lloadd.la }}
+  + loglevel, threads, ACL's
+  + {{ backend lload }} begin lloadd specific backend configurations
+  + {{ listen ldap://:PORT }} Specify listen port for load balancer
+  + {{ feature proxyauthz }} Use the proxy authZ control to forward client's identity
+  + {{ io-threads INT }} specify the number of threads to use for the connection manager.  The default is 1 and this is typically adequate for up to 16 CPU cores
+
+H3: Sample backend config
+
+Sample setup config for load balancer running in front of four slapd instances.
+
+>backend lload
+>
+># The Load Balancer manages its own sockets, so they have to be separate
+># from the ones slapd manages (as specified with the -h "URLS" option at
+># startup).
+>listen ldap://:1389
+>
+># Enable authorization tracking
+>feature proxyauthz
+>
+># Specify the number of threads to use for the connection manager.  The default is 1 and this is typically adequate for up to 16 CPU cores.
+># The value should be set to a power of 2:
+>io-threads  2
+>
+># If TLS is configured above, use the same context for the Load Balancer
+># If using cn=config, this can be set to false and different settings
+># can be used for the Load Balancer
+>TLSShareSlapdCTX true
+>
+># Authentication and other options (timeouts) shared between backends.
+>bindconf bindmethod=simple
+>         binddn=dc=example,dc=com credentials=secret
+>         network-timeout=5
+>         tls_cacert="/usr/local/etc/openldap/ca.crt"
+>         tls_cert="/usr/local/etc/openldap/host.crt"
+>         tls_key="/usr/local/etc/openldap/host.pem"
+>
+>
+># List the backends we should relay operations to, they all have to be
+># practically indistinguishable. Only TLS settings can be specified on
+># a per-backend basis.
+>
+>backend-server uri=ldap://ldaphost01 starttls=critical retry=5000
+>               max-pending-ops=50 conn-max-pending=10
+>               numconns=10 bindconns=5
+>backend-server uri=ldap://ldaphost02 starttls=critical retry=5000
+>               max-pending-ops=50 conn-max-pending=10
+>               numconns=10 bindconns=5
+>backend-server uri=ldap://ldaphost03 starttls=critical retry=5000
+>               max-pending-ops=50 conn-max-pending=10
+>               numconns=10 bindconns=5
+>backend-server uri=ldap://ldaphost04 starttls=critical retry=5000
+>               max-pending-ops=50 conn-max-pending=10
+>               numconns=10 bindconns=5
+>
+>#######################################################################
+># Monitor database
+>#######################################################################
+>database        monitor
diff --git a/doc/guide/admin/master.sdf b/doc/guide/admin/master.sdf
index 05a00625cf..40a926a7ac 100644
--- a/doc/guide/admin/master.sdf
+++ b/doc/guide/admin/master.sdf
@@ -84,6 +84,9 @@ PB:
 !include "monitoringslapd.sdf"; chapter
 PB:
 
+!include "loadbalancer.sdf"; chapter
+PB:
+
 !include "tuning.sdf"; chapter
 PB: