diff --git a/examples/userver/userver.cfg.default b/examples/userver/userver.cfg.default
index e1320e27..11d805af 100644
--- a/examples/userver/userver.cfg.default
+++ b/examples/userver/userver.cfg.default
@@ -112,6 +112,9 @@ userver {
 
 # MAX_KEEP_ALIVE 1000
 
+# LOAD_BALANCE_DEVICE_NETWORK    eth1
+# LOAD_BALANCE_LOADAVG_THRESHOLD 4.5
+
 # DH_FILE     ../ulib/CA/param.dh
 # CERT_FILE   ../ulib/CA/server.crt
 #  KEY_FILE   ../ulib/CA/server.key
diff --git a/examples/userver/userver.cpp b/examples/userver/userver.cpp
index da09b978..e978e927 100644
--- a/examples/userver/userver.cpp
+++ b/examples/userver/userver.cpp
@@ -80,8 +80,13 @@ public:
       //
       // LISTEN_BACKLOG             max number of ready to be delivered connections to accept()
       // SET_REALTIME_PRIORITY      flag indicating that the preforked processes will be scheduled under the real-time policies SCHED_FIFO
+      //
+      // CLIENT_THRESHOLD           min number of clients to active polling
       // CLIENT_FOR_PARALLELIZATION minum number of clients to active parallelization 
       //
+      // LOAD_BALANCE_DEVICE_NETWORK    network interface name of cluster of physical server
+      // LOAD_BALANCE_LOADAVG_THRESHOLD system load threshold to proxies the request on other userver on the network cluster ([0-9].[0-9])
+      //
       // PID_FILE       write main process pid on file indicated
       // WELCOME_MSG    message of welcome to send initially to client connected
       // RUN_AS_USER    downgrade security to that user account
diff --git a/include/ulib/ssl/net/sslsocket.h b/include/ulib/ssl/net/sslsocket.h
index d3f69f37..03e2153b 100644
--- a/include/ulib/ssl/net/sslsocket.h
+++ b/include/ulib/ssl/net/sslsocket.h
@@ -249,8 +249,9 @@ public:
    } stapling;
 
    static stapling staple;
-   static bool doStapling();
+   static bool ocsp_use_nonce;
 
+   static bool doStapling();
    static void cleanupStapling();
    static bool setDataForStapling();
    static void certificate_status_callback(SSL* _ssl, void* data);
diff --git a/src/ulib/net/server/plugin/usp/businesses.usp.save b/src/ulib/net/server/plugin/usp/businesses.usp.save
deleted file mode 100644
index 3d4505aa..00000000
--- a/src/ulib/net/server/plugin/usp/businesses.usp.save
+++ /dev/null
@@ -1,470 +0,0 @@
-<!--#
-prototype for Victor Stewart
--->
-<!--#declaration
-
-/**
- * {
- * "token": "A619828KAIJ6D3",
- * "type": "localesData",
- * "radius": "near",
- * "location": "40.7831 N, 73.9712 W"
- * }
- */
-
-class Request {
-public:
-	// Check for memory error
-	U_MEMORY_TEST
-
-	// Allocator e Deallocator
-	U_MEMORY_ALLOCATOR
-	U_MEMORY_DEALLOCATOR
-
-	UString token, type, radius, location;
-
-	Request()
-		{
-		U_TRACE_REGISTER_OBJECT(5, Request, "")
-		}
-
-	Request(const Request& r) : token(r.token), type(r.type), radius(r.radius), location(r.location)
-		{
-		U_TRACE_REGISTER_OBJECT(5, Request, "%p", &r)
-
-		U_MEMORY_TEST_COPY(r)
-		}
-
-	~Request()
-		{
-		U_TRACE_UNREGISTER_OBJECT(5, Request)
-		}
-
-	void clear()
-		{
-		U_TRACE_NO_PARAM(5, "Request::clear()")
-
-		   token.clear();
-		    type.clear();
-		  radius.clear();
-		location.clear();
-		}
-
-	void fromJSON(UValue& json)
-		{
-		U_TRACE(5, "Request::fromJSON(%p)", &json)
-
-		json.fromJSON(U_JSON_METHOD_HANDLER(token,	 UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(type,	    UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(radius,   UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(location, UString));
-		}
-
-#ifdef DEBUG
-	const char* dump(bool breset) const
-		{
-		*UObjectIO::os << "token    (UString " << (void*)&token	  << ")\n"
-							<< "type     (UString " << (void*)&type     << ")\n"
-							<< "radius   (UString " << (void*)&radius   << ")\n"
-							<< "location (UString " << (void*)&location << ')';
-
-		if (breset)
-			{
-			UObjectIO::output();
-
-			return UObjectIO::buffer_output;
-			}
-
-		return 0;
-		}
-#endif
-
-private:
-	Request& operator=(const Request&) { return *this; }
-};
-
-/**
- * [
- * { "name": "Business 1"
- *   "rating": "Red"
- *   "address": "123 park lane, New York, NY, USA 10028"
- *   "phone": "12126465788"
- *   "url": "www.business1.com" } ,
- *
- * ....
- *
- * { "name": "Business 20"
- *   "rating": "Yellow"
- *   "address": "837 mott street, New York, NY, USA 10019"
- *   "phone": "12124829384"
- *   "url": "www.business2.com" }
- * ]
- */
-
-class Response {
-public:
-	// Check for memory error
-	U_MEMORY_TEST
-
-	// Allocator e Deallocator
-	U_MEMORY_ALLOCATOR
-	U_MEMORY_DEALLOCATOR
-
-	UString name, rating, address, phone, url;
-
-	Response()
-		{
-		U_TRACE_REGISTER_OBJECT(5, Response, "")
-		}
-
-	Response(const Response& r) : name(r.name), rating(r.rating), address(r.address), phone(r.phone), url(r.url)
-		{
-		U_TRACE_REGISTER_OBJECT(5, Response, "%p", &r)
-
-		U_MEMORY_TEST_COPY(r)
-		}
-
-	~Response()
-		{
-		U_TRACE_UNREGISTER_OBJECT(5, Response)
-		}
-
-	void clear()
-		{
-		U_TRACE_NO_PARAM(5, "Response::clear()")
-
-			name.clear();
-		 rating.clear();
-		address.clear();
-		  phone.clear();
-			 url.clear();
-		}
-
-   void toJSON(UValue& json)
-		{
-		U_TRACE(5, "Response::toJSON(%p)", &json)
-
-		json.toJSON(U_JSON_METHOD_HANDLER(name,	 UString));
-		json.toJSON(U_JSON_METHOD_HANDLER(rating,	 UString));
-		json.toJSON(U_JSON_METHOD_HANDLER(address, UString));
-		json.toJSON(U_JSON_METHOD_HANDLER(phone,	 UString));
-		json.toJSON(U_JSON_METHOD_HANDLER(url,		 UString));
-		}
-
-	// SERVICES
-
-	bool operator<(const Response& other) const { return cmp_obj(&name, &other.name); }
-
-	static int cmp_obj(const void* a, const void* b)
-		{
-		U_TRACE(5, "Response::cmp_obj(%p,%p)", a, b)
-
-		return (*(const Response**)a)->name.compare((*(const Response**)b)->name);
-		}
-
-#ifdef DEBUG
-	const char* dump(bool breset) const
-		{
-		*UObjectIO::os << "url     (UString " << (void*)&url	   << ")\n"
-							<< "name    (UString " << (void*)&name	   << ")\n"
-							<< "phone   (UString " << (void*)&phone   << ")\n"
-							<< "rating  (UString " << (void*)&rating  << ")\n"
-							<< "address (UString " << (void*)&address << ')';
-
-		if (breset)
-			{
-			UObjectIO::output();
-
-			return UObjectIO::buffer_output;
-			}
-
-		return 0;
-		}
-#endif
-
-private:
-	Response& operator=(const Response&) { return *this; }
-};
-
-class RequestStartup {
-public:
- 
-   UString type, version, deviceID, osVersion, deviceModel;
-   bool authed;
-
-   RequestStartup() : type(U_STRING_FROM_CONSTANT("startup")) {}
-
-	void clear()
-		{
-		U_TRACE_NO_PARAM(5, "RequestStartup::clear()")
-
-		type.clear();
-		version.clear();
-		deviceID.clear();
-		osVersion.clear();
-		deviceModel.clear();
-
-		authed = false;
-		}
-
-   void fromJSON(UValue& json)
-		{
-		U_TRACE(5, "RequestStartup::toJSON(%p)", &json)
-
-		json.fromJSON(U_JSON_METHOD_HANDLER(type,		    UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(version,	    UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(deviceID,	 UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(osVersion,	 UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(deviceModel, UString));
-		json.fromJSON(U_JSON_METHOD_HANDLER(authed,		 bool));
-		}
-};
-
-class ResponseStartup {
-public:
-
-   UString type, token;
-   UVector<UString> fbPermissions;
-   
-   ResponseStartup(): type(U_STRING_FROM_CONSTANT("startup")) {}
-
-	void clear()
-		{
-		U_TRACE_NO_PARAM(5, "ResponseStartup::clear()")
-
-		type.clear();
-		token.clear();
-		fbPermissions.clear();
-		}
-
-   void toJSON(UValue& json)
-      {
-      U_TRACE(0, "ResponseStartup::toJSON(%p)", &json)
-
-      json.toJSON(U_JSON_METHOD_HANDLER(type,			 UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(token,			 UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(fbPermissions, UVector<UString>));
-      }
-};
-
-class BusinessCell {
-public:
-	// grey = 0, darkBlue = 1, funBlue = 2, green = 3, orange = 4, red = 5, pink = 6
-
-	UString name, businessID, address, neighborhood;
-	unsigned color, category, grouping, distance;
-	bool filler;
-	int64_t decay;
-
-	BusinessCell(const UString& _name, const UString& _businessID, const UString& _address, const UString& _neighborhood,
-					 unsigned _color, unsigned _category, unsigned _distance, unsigned _grouping, bool _filler, int64_t _decay) :
-					 name(_name), businessID(_businessID), address(_address), neighborhood(_neighborhood),
-					 color(_color), category(_category),  grouping(_grouping), distance(_distance), filler(_filler), decay(_decay)
-		{
-		}
-
-	BusinessCell() {}
-
-   void toJSON(UValue& json)
-      {
-      U_TRACE(0, "BusinessCell::toJSON(%p)", &json)
-
-      json.toJSON(U_JSON_METHOD_HANDLER(name, UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(businessID, UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(address, UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(neighborhood, UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(color, unsigned));
-      json.toJSON(U_JSON_METHOD_HANDLER(category, unsigned));
-      json.toJSON(U_JSON_METHOD_HANDLER(grouping, unsigned));
-      json.toJSON(U_JSON_METHOD_HANDLER(distance, unsigned));
-      json.toJSON(U_JSON_METHOD_HANDLER(filler, bool));
-      json.toJSON(U_JSON_METHOD_HANDLER(decay, int64_t));
-      }
-};
-
-class ResponseCells {
-public:
-
-   UString type;
-   UVector<BusinessCell*> businesses;
-   unsigned status;
-
-   ResponseCells() : type(U_STRING_FROM_CONSTANT("cells"))
-		{
-		U_TRACE_NO_PARAM(0, "ResponseCells::ResponseCells()")
-
-		status = 0;
-		}
-
-   void toJSON(UValue& json)
-      {
-      U_TRACE(0, "ResponseCells::toJSON(%p)", &json)
-
-      json.toJSON(U_JSON_METHOD_HANDLER(type, UString));
-      json.toJSON(U_JSON_METHOD_HANDLER(businesses, UVector<BusinessCell*>));
-      json.toJSON(U_JSON_METHOD_HANDLER(status, unsigned));
-      }
-};
-
-class HTTP2Push : public UEventTime {
-public:
-
-	UString message, token;
-
-	HTTP2Push() : UEventTime(15L * 60L, 0L), message(U_STRING_FROM_CONSTANT("{aps:{content-available:1},check:health}")), token(U_CAPACITY)
-		{
-		U_TRACE_REGISTER_OBJECT(0, HTTP2Push, "", 0)
-
-#	ifdef USE_LIBCURL
-		UCURL::initHTTP2Push("https://api.development.push.apple.com", "/certificates/samplepush/development.pem", "GoGo.Hopscotch");
-#	endif
-		}
-
-	virtual ~HTTP2Push() U_DECL_FINAL
-		{
-		U_TRACE_UNREGISTER_OBJECT(0, HTTP2Push)
-		}
-
-	// define method VIRTUAL of class UEventTime
-
-	virtual int handlerTime() U_DECL_FINAL
-		{
-		U_TRACE_NO_PARAM(0, "HTTP2Push::handlerTime()")
-
-		pid_t pid = UServer_Base::startNewChild();
-
-		if (pid > 0) U_RETURN(0); // parent
-
-		// child
-
-		token.snprintf(U_CONSTANT_TO_PARAM("dbdaeae86abcde56rtyww1859fb41d2c7b2cberrttyyy053ec48987847"), 0);
-
-#	ifdef USE_LIBCURL
-		if (UCURL::sendHTTP2Push(token, message) == false)
-#	endif
-		{
-		U_WARNING("UCURL::sendHTTP2Push() failed");
-		}
-
-		if (pid == 0) UServer_Base::endNewChild();
-
-		U_RETURN(0);
-		}
-
-#if defined(DEBUG) && defined(U_STDCPP_ENABLE)
-	const char* dump(bool _reset) const { return UEventTime::dump(_reset); }
-#endif
-
-private:
-   U_DISALLOW_COPY_AND_ASSIGN(HTTP2Push)
-};
-
-static UMongoDBClient* mc;
-static UVector<UString> mongoResults;
-
-static void usp_init_businesses()
-{
-	U_TRACE(5, "::usp_init_businesses()")
-
-	UEventTime*	push;
-
-	U_NEW(HTTP2Push, push, HTTP2Push);
-
-	UTimer::insert(push);
-
-	mongoResults.push(U_STRING_FROM_CONSTANT("{ \"fbPermissions\" : [ \"public_profile\", \"user_friends\", \"email\" ] }"));
-}
-
-static void usp_fork_businesses()
-{
-	U_TRACE(5, "::usp_fork_businesses()")
-
-	U_NEW(UMongoDBClient, mc, UMongoDBClient);
-
-	if (mc->connect(0,0) == false)
-		{
-		U_WARNING("usp_fork_businesses(): connection failed");
-
-		return;
-		}
-
-	if (mc->selectCollection("database", "businesses") == false)
-		{
-		U_WARNING("usp_fork_businesses(): selectCollection() failed");
-
-		return;
-		}
-}
-
-#ifdef DEBUG
-static void usp_end_businesses()
-{
-	U_TRACE(5, "::usp_end_businesses()")
-
-	delete mc;
-}
-#endif
--->
-<!--#header
-Content-Type: application/json
--->
-<!--#vcode // validation code
-UString type;
-
-if (USP_JFIND_REQUEST("type", type) == false)
-	{
-	UHTTP::setBadRequest();
-
-	return;
-	}
--->
-<!--#lcode // load balance code
-if (type.equal(U_CONSTANT_TO_PARAM("localesData")))
-	{
-	Response response;
-
-	USP_JSON_OBJ_stringify(Response, response);
-	}
-else if (type.equal(U_CONSTANT_TO_PARAM("cells")))
-	{
-	BusinessCell* pcell;
-	ResponseCells response;
-
-	U_NEW(BusinessCell, pcell, BusinessCell);
-
-	response.businesses.push_back(pcell);
-
-	USP_JSON_OBJ_stringify(ResponseCells, response);
-	}
-else if (type.equal(U_CONSTANT_TO_PARAM("startup")))
-	{
-	RequestStartup request;
-
-	if (USP_JSON_REQUEST_PARSE(request))
-		{
-		ResponseStartup response;
-
-		if (request.authed)
-			{
-			}
-
-		UString workingString;
-
-		if (UValue::jread(mongoResults[0], U_STRING_FROM_CONSTANT("{'fbPermissions'"), workingString))
-			{
-			for (uint32_t i = 0, n = UValue::jread_elements; i < n; ++i)
-				{
-				UString workingString2;
-
-				(void) UValue::jread(workingString, U_STRING_FROM_CONSTANT("[*"), workingString2, &i);
-
-				U_INTERNAL_DUMP("pushing = %V", workingString2.rep);
-
-				response.fbPermissions.push_back(workingString2);
-				}
-			}
-
-		USP_JSON_OBJ_stringify(ResponseStartup, response);
-		}
-	}
--->
diff --git a/src/ulib/ssl/net/sslsocket.cpp b/src/ulib/ssl/net/sslsocket.cpp
index 3bfff5a7..131b0061 100644
--- a/src/ulib/ssl/net/sslsocket.cpp
+++ b/src/ulib/ssl/net/sslsocket.cpp
@@ -31,11 +31,12 @@
 #define SSL_ERROR_WANT_ACCEPT SSL_ERROR_WANT_READ
 #endif
 
-int         USSLSocket::session_cache_index;
-SSL_CTX*    USSLSocket::cctx; // client
-SSL_CTX*    USSLSocket::sctx; // server
+int      USSLSocket::session_cache_index;
+SSL_CTX* USSLSocket::cctx; // client
+SSL_CTX* USSLSocket::sctx; // server
 
 #if !defined(OPENSSL_NO_OCSP) && defined(SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB)
+bool                 USSLSocket::ocsp_use_nonce;
 USSLSocket::stapling USSLSocket::staple;
 #endif
 
@@ -1346,7 +1347,9 @@ next: // extract OCSP responder URL from certificate
 
             (void) U_SYSCALL(OCSP_request_add0_id, "%p,%p", staple.req, staple.id);
 
-            (void) U_SYSCALL(OCSP_request_add1_nonce, "%p,%p,%d", staple.req, 0, -1);
+            U_INTERNAL_DUMP("ocsp_use_nonce = %b", ocsp_use_nonce)
+
+            if (ocsp_use_nonce) (void) U_SYSCALL(OCSP_request_add1_nonce, "%p,%p,%d", staple.req, 0, -1);
 
             // sign the request
 
@@ -1475,26 +1478,45 @@ bool USSLSocket::doStapling()
 
          basic = (OCSP_BASICRESP*) U_SYSCALL(OCSP_response_get1_basic, "%p", resp);
 
-         result = (basic && U_SYSCALL(OCSP_check_nonce, "%p,%p", staple.req, basic) > 0);
+         if (ocsp_use_nonce &&
+             U_SYSCALL(OCSP_check_nonce, "%p,%p", staple.req, basic) != 1)
+            {
+            result = false;
 
-         if (result == false) goto end;
+            U_DEBUG("ocsp: response has wrong nonce value");
+
+            goto end;
+            }
 
          // verify signature
 
          result = (U_SYSCALL(OCSP_basic_verify, "%p,%p,%p,%lu", basic, 0, UServices::store, staple.verify ? OCSP_TRUSTOTHER : OCSP_NOVERIFY) == 1);
 
-         if (result == false) goto end;
+         if (result == false)
+            {
+            U_DEBUG("ocsp: couldn't verify OCSP basic response");
+
+            goto end;
+            }
 
          result = (U_SYSCALL(OCSP_resp_find_status, "%p,%p,%p,%lu", basic, staple.id, &status, 0, 0, &thisupdate, &nextupdate) == 1);
 
+         if (result == false)
+            {
+            U_DEBUG("ocsp: no Status found");
+
+            goto end;
+            }
+
          nextupdate_str = UStringExt::ASN1TimetoString(nextupdate);
 
          U_INTERNAL_DUMP("OCSP_resp_find_status() - %d: %s This update: %s Next update: %v", status,
                           OCSP_cert_status_str(status), UStringExt::ASN1TimetoString(thisupdate).data(), nextupdate_str.rep)
 
-         if (result == false ||
-             status != V_OCSP_CERTSTATUS_GOOD)
+         if (status != V_OCSP_CERTSTATUS_GOOD)
             {
+            result = false;
+
             goto end;
             }