The disclosed technology for load balancing in a dynamic service chain offers a security services platform that scales horizontally and uniformly to administer customized security services and policies for organizations and avoids single points of failure. Security services customers using the disclosed technology are able to specify which security services apply for different types of tenant data, and to customize security policies for the data being transmitted via the devices of their organizations. Tenant configurations can be documented using a service chain to specify the path for the flow of data packets that are to be sequentially routed to multiple security services for the specific tenant. The tenant configuration specifies the ordered sequence of services in a service chain for the customer. The subsequent dynamic steering of traffic flows of data packets through the ordered set of services needs to be fast to provide acceptable security services for tenants. Also, new third party services can be deployed using the security services platform, without affecting existing flows of packets. Additional disclosed technology for improved recovery from failure of a service instance in a service chain identifies primary and secondary roles for service instances and synchronizes state information when processing packets, to improve recovery from failure of service instances. An example system for load balancing of a dynamic service chain is described next.

Architecture