Announcement

Collapse
No announcement yet.

NLB (Load Balancing) Unicast On Windows 2003

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • NLB (Load Balancing) Unicast On Windows 2003

    Hello
    I'm trying to configure an Unicast Load Balancing cluster on Windows 2003.

    I Had previously successfully configure one with 3 node in Multicast mode with one NIC per node.

    Now I'm trying to do this in Unicast mode. Each node with 2 NICs.
    I doing this on VMWARE Workstation 7

    I Have followed multiples Manuals but they're don't talk about what I need
    hxxp://www.brianmadden.com/blogs/brianmadden/archive/2004/11/29/how-to-configure-windows-network-load-balancing-for-pure-terminal-server-environments.aspx
    hxxp://www.isaserver.org/tutorials/Configuring_Fault_Tolerance_and_Load_Balancing_for _Windows_2003_ISA_FirewallVPN_Servers.html

    My problem is in the Network Configuration

    I know I need one Public IP (In the Network) in one NIC, the standard configuration.
    IP
    Mask
    Gateway
    Option to be registered on the DNS and so on, but I don't How to configure The extra NIC (The one dedicate to the NLB Cluster).

    So these are the questions that I Have

    1._Should I use a Public IP or a Private (as heartbeat on Active/Passive clusters)?
    2._Should I set a Gateway at all in those NIC?
    3._If these extra NICs should have a public Ip should every option be available (File and printing sharing for microsoft network, Gateway,DNS,Append parent DNS,register this connection address in the DNS,Netbios over TCP/IP).

    Please help me

    Thank you
    When once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been and there you will always long to return.

    Leonardo da Vinci

  • #2
    Re: NLB (Load Balancing) Unicast On Windows 2003

    at an organisation I used to work for, we did it as follows:

    2 Intel NICs, each one had 2 physical network ports (port 0,0 then 0,1 and 1,0 and 1,1)

    We'd physicall connect 0,0 and 1,0 to one switch, then 0,1 and 1,1 to the second switch.

    From those 4 network interfaces, we'd then combine 0,0 and 1,0 into one logical interface, and 0,1 and 1,1 into a second interface.

    The first logical interface would become Public, the second Private.
    Now we'd repeat the same with the second server.

    On server 1 Public, we'd give it a static IP address in the public subnet (say 192.168.1.1) and then on private, a relevant address (say 172.16.1.1)
    On server 2, we'd name it 192.168.1.2 and 172.16.1.2.
    We'd then configure the clustering, and give 192.168.1.1 and 192.168.1.2 a public front end address - 192.168.1.3 for instance.

    A single gateway would be applied on the public interface, and static routes would be created to allow communication out of the private interface to the AD domain, and to other tiers in the network.
    RElevant firewall rules would also be applied.

    Does this help at all ? I can try and make a diagram for you...

    You would definitely only have 1 gateway though.
    You should definitely only enable specific services you require - ie, for a web cluster, you wouldn't have file/print services applied to the public interface.. only TCP. If we needed file/print - they would be more likely bound to the private interface.
    Use the private IP for the heartbeat.
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: NLB (Load Balancing) Unicast On Windows 2003

      I know It will but I'm not so sure, I mean, right now I'm doing this on a vmware setup so I shouldn't have any problem with the network, in another words first I will proof the concept and later will go for the real scenario.

      Yesterday I read this
      hxxp://www.eggheadcafe.com/software/aspnet/31078234/nlb-cluster-adapter-wit.aspx

      and after some time I made it work
      What I did was this

      Server 1 : TS01
      Pub NIC
      IP : 192.168.1.15
      Mask : 255.255.255.0
      GW : Non
      DNS : 192.168.1.9

      NLB NIC
      IP : 192.168.1.16
      Mask : 255.255.255.0
      GW : 192.168.1.1
      DNS : Non
      Cluster Parameters
      -----------------------------------
      Cluster IP : 192.168.1.55
      Mask : 255.255.255.0
      Cluster Operation Mode : UNICAST
      Clustername : ts.hellheim.biz
      Host Parameters
      --------------------------------------
      Priority (Unique Host ID) : 1

      Server 2 : TS02
      Pub NIC
      IP : 192.168.1.20
      Mask : 255.255.255.0
      GW : Non
      DNS : 192.168.1.9

      NLB NIC
      IP : 192.168.1.21
      Mask : 255.255.255.0
      GW : 192.168.1.1
      DNS : Non
      Cluster Parameters
      -----------------------------------
      Cluster IP : 192.168.1.55
      Mask : 255.255.255.0
      Cluster Operation Mode : UNICAST
      Clustername : ts.hellheim.biz
      Host Parameters
      --------------------------------------
      Priority (Unique Host ID) : 2


      Server 3 : TS03
      Pub NIC
      IP : 192.168.1.25
      Mask : 255.255.255.0
      GW : Non
      DNS : 192.168.1.9

      NLB NIC
      IP : 192.168.1.26
      Mask : 255.255.255.0
      GW : 192.168.1.1
      DNS : Non
      Cluster Parameters
      -----------------------------------
      Cluster IP : 192.168.1.55
      Mask : 255.255.255.0
      Cluster Operation Mode : UNICAST
      Clustername : ts.hellheim.biz
      Host Parameters
      --------------------------------------
      Priority (Unique Host ID) : 3



      With this configuration I could connect to every server by it name via DNS
      TS01
      TS02
      TS03

      and to the cluster name TS (after I created a record A on the DNS of course), also I could make the connection with the Network Load Balancing Manager.

      Its working by I received this warning in the 3 servers from VMWARE Workstation
      Code:
      Adapter Ethernet1 may not have network connectivity.MAC address 02:BF:C0:A8:01:37 of adapter Ethernet1 is within the reserved address range or is in use by another virtual adapter on your system.
      
      Adapter Ethernet1 may not have network connectivity....
      I don't know if this will work in the real scenario (with routers, switches and so on), if I want to implement it at work I will have to do some real test, as a matter of fact I will need a lot of research concerning the MultiCast and Unicast setup (But I know We are going to use UNICAST above Multicast).

      Thank you, I hope to create a little manual for people like me.
      When once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been and there you will always long to return.

      Leonardo da Vinci

      Comment


      • #4
        Re: NLB (Load Balancing) Unicast On Windows 2003

        separate your private communication and your public communication..
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: NLB (Load Balancing) Unicast On Windows 2003

          Originally posted by tehcamel View Post
          separate your private communication and your public communication..
          Could you please give me more details?.

          I don't know to much about networking (where about everything as a matter of facts).

          I know that in MCSC I should Have different networks for the Heartbeat card but this case is new to me.
          When once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been and there you will always long to return.

          Leonardo da Vinci

          Comment


          • #6
            Re: NLB (Load Balancing) Unicast On Windows 2003

            by separating your public/private data i'm talking about having one network - say the 192.168.1.0 network you discussed, for public
            and then for your cluster comms/heartbeat/management, you have a separate network, say 192.168.2.0


            it's not essential to do, but in my mind it's a fairly good practice to get into, from a security point of view if nothing else
            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

            Comment


            • #7
              Re: NLB (Load Balancing) Unicast On Windows 2003

              Excellent, I will take your recommendations.
              When once you have tasted flight, you will forever walk the earth with your eyes turned skyward, for there you have been and there you will always long to return.

              Leonardo da Vinci

              Comment


              • #8
                Re: NLB (Load Balancing) Unicast On Windows 2003

                make sure you know it's working the way you've described as well though
                especially if you're doing for learning purposes
                Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                Comment


                • #9
                  Re: NLB (Load Balancing) Unicast On Windows 2003

                  To step in, what are you trying to accomplish?
                  Marcel
                  Technical Consultant
                  Netherlands
                  http://www.phetios.com
                  http://blog.nessus.nl

                  MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                  "No matter how secure, there is always the human factor."

                  "Enjoy life today, tomorrow may never come."
                  "If you're going through hell, keep going. ~Winston Churchill"

                  Comment

                  Working...
                  X