How to properly configure NLB cluster in Windows 2008 
Question
-
Hi,
I have just tried to configure 2 node Windows 2008 NLB cluster and I run into problem.
Until now I have successfully installed Windows Server 2003 NLB clusters. I used 2 nic per node and unicast mode.
For example
Node1 Node2
Pub Interface (default) Pub Interface (default)
IP:192.168.1.11/24 IP:192.168.1.12/24
GW: 192.168.1.1 GW: 192.168.1.1
NLB Interface* NLB Interface*
IP:192.168.1.12/24 IP: 192.168.1.13/24
GW:- GW:-
*DNS registration, File Share client and server, NetBIOS over TCP/IP disabled on this interface.
After configuring IP addresses I would run NLB manager and configure cluster in unicast mode.
When I tried this on Windows Server 2008, I could not access NLB address outside local subnet. Only when I configure DEFAULT GATEWAY on both NIC's, NLB started working.
When I run network monitor I notices that in this configuration, Windows 2003 would always respond using Public LAN (source MAC address would be from public NIC), no matter if i tried to connect to Public or NLB IP address.
In Windows 2008 if I tried to connect to Public IP, response packet would had source MAC address from Public NIC and when I accessed NLB address then source MAC would be from NLB NIC. For me this looks like change from 2003.
So how do we correctly configure unicast NLB cluster with 2 NIC's in Windows Server 2008? Do we just add default gateway to NLB NIC?
Krunoslav
P.S.
When I tried to search for solution I found that other people had this issue.
Thursday, August 14, 2008 9:41 PM
Answers
-
Hi Guys,
After some research on the Internet, reading, thinking and long hours of playing with settings, I found only ONE configuration that works for me!Actually, we faced two troubles with NLB since the beginning of testing:
1) "could not access NLB address outside local subnet"
2) could not access NLB at all when two nodes were off and then we enable one on windows 2008
Key points of working configuration:
- Specify gateway on the dedicated network interface for NLB on Windows Server 2008 node
- When using Hyper-V and Windows Server 2003 as a Child Partition, use Legacy Network Adapter with static MAC address of NLB Virtual IP
If you are interested in our setup, please find all details below.
In terms of hardware, we use two HP Proliant DL 380 G5 with two E5310 CPU and 4GB each. These boxes have 2 network adapters on board (NIC1, NIC2 for the first box and NIC3, NIC4 for the second one).
As for software, we installed Windows Server 2008 Standard 64 bit with Hyper-V role on both machines. Now in Microsoft (MS) terminology we should refer to Windows Server 2008 instances as to Parent Partitions (PP1 for the first box and PP2 for the second one). We created a Virtual Machine (VM) with Windows Server 2003 R2 Standard 32 bit and run it as a Child Partition on every server (CP1 on PP1 and CP2 on PP2). In total, there are two Windows Server 2008 PP and two Windows Server 2003 R2 CP.We configured CP with 4 virtual CPU and 2 GB of RAM. All latest MS updates are installed. HP teaming is not present on PP.
Final working network configuration is as follows (network part of IPv4 addresses. IPv6 and MAC address except last digits were removed):
xx - single Class C subnet
DIP – Dedicated IP for NLB NIC
VIP – Virtual IP of NLB cluster
>ipconfig /all on PP1
Ethernet adapter Virtual LAN-V and LAN (xx.103 and xx.107):Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network
Physical Address. . . . . . . . . : xx-F6
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : xx::xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : xx.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : xx.101
xx.111
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter
Physical Address. . . . . . . . . : xx-75
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : xx.127(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : xx.117(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
NetBIOS over Tcpip. . . . . . . . : Disabled
Note: The second hardware NIC HP NC373i Multifunction Gigabit Server Adapter #2 was used to create a bridge for virtual NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network to run CP1 (external connection type in Virtual Network Manager). Because we dedicated the first hardware NIC to NLB Unicast, we decided to share second hardware NIC for PP1 communications inside LAN and CP1 virtual network - that’s why we called it like Virtual LAN-V and LAN (xx.103 and xx.107). This trick is done by enabling only one bidding on the second hardware NIC – Microsoft Virtual Switch Protocol and configuring normal IPv4 bidding on NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network that is used as external connection type in Virtual Network Manager for CP1 as well. Legacy Network Adapter was used for CP1.
>ipconfig /all on PP2
Ethernet adapter LAN 10.110.62.101:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter
Physical Address. . . . . . . . . : xx-56
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : xx::xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
xx.10
xx.123
NetBIOS over Tcpip. . . . . . . . : EnabledNote: The second hardware NIC HP NC373i Multifunction Gigabit Server Adapter #2 is dedicated to CP2 and used as a bridge (we call it LAN-V Bridge) for virtual NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network (external connection type in Virtual Network Manager). So, only one bidding is configured on this hardware NIC – Microsoft Virtual Switch Protocol. To create dedicated virtual NIC, we un-ticked all bindings on NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network – so it can’t be used by host PP2! Legacy Network Adapter was used for CP2, as well.
FYI Please find good explanation of virtual networking with Hyper-V here -http://blogs.technet.com/jhoward/archive/2008/06/17/hyper-v-what-are-the-uses-for-different-types-of-virtual-networks.aspx>ipconfig /all on CP2
Ethernet adapter LAN xx.105:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
Physical Address. . . . . . . . . : xx-03
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : xx.105
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : xx.101
xx.111Ethernet adapter FE NLB2 LAN (DIP xx.128 and VIP xx.117): Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adapter (Generic) Physical Address. . . . . . . . . : xx-75 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : xx.117 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IP Address. . . . . . . . . . . . : xx.128 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . . . . . . . : Disabled
We installed web server (IIS) on all server instances, but we have special design requirement regarding NLB: need to load balance IIS7 on PP1 with IIS6 on CP2.
To sum up, we are configuring 2-nodes unicast NLB cluster with 2 NIC's on each server instance. One node is Windows Server 2008 Standard 64 bit Parent Partition (PP1) with Hyper-V role installed, another one - Windows Server 2003 Standard 32 bit running as a Child Partition (CP2) on another Windows Server 2008 Standard 64 bit Parent Partition (PP2) with Hyper-V box. We installed NLB feature on PP1 and NLB component on CP2.Procedure of creating working NLB for thus particular scenario is as follows:
Using NLB Manager on PP1 we create standard unicast NLB with cluster Virtual IP - VIP xx.117. Take a note of the network address (MAC) of the cluster (xx-75) – we will use it to configure Legacy NIC for CP2. Then we connect to the 1st master node (PP1), selectEthernet adapter FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw) for NLB, then assign 1st host priority and dedicated IP - DIP xx.127. When the host is converged, we go to the properties of FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw) on PP1 and change them manually in the following way:
- Un-tick all bindings, leave only NLB and TCP/IPv4
- Specify gateway on the TCP/IPv4 properties (xx.1)
- On Advanced Settings, IP Settings tab un-tick Automatic metric and assign 20 as Interface metric
- On Advanced Settings, WINS tab Disable NETBIOS over TCP-IP
Go to TCP/IPv4 properties of the Ethernet adapter Virtual LAN-V and LAN (xx.103 and xx.107) on PP1 and un-tick
Automatic metric as well - assign 1 as Interface metric.
Shut down CP2 and go to settings of this VM on PP2. Go to Legacy Network Adaptor settings and change MAC address
from Dynamic to Static – specify it as network address (MAC) of the NLB cluster. Start CP2.Then in NLB Manager on PP1 we add the second node – CP2. Select Add Host to the cluster and connect to the CP2, select Ethernet adapter FE NLB2 LAN (DIP xx.128 and VIP xx.117) for NLB, assign 2nd host priority and dedicated IP - DIP xx.128. When the host is converged, we go to the properties of FE NLB2 LAN (DIP xx.128 and VIP xx.117) on CP2 and change them manually in the following way:
- Un-tick all bindings, leave only NLB and TCP/IP
- On Advanced Settings, IP Settings tab un-tick Automatic metric and assign 20 as Interface metric
- On Advanced Settings, WINS tab Disable NETBIOS over TCP-IP
Go to TCP/IPv4 properties of the Ethernet adapter LAN xx.105 on CP2 and un-tick Automatic metric as well - assign 1 as Interface metric.
OK, it’s done now!
I tested connectivity using simple ping command from workstation on the same and different subnets – everything worked.
Testing – my scenario:
- disable NLB NIC on PP1 or CP2, and still can ping VIP (active node replies)
- disable remaining NLB NIC , and cannot ping VIP (both nodes are down)
- enable PP1 or CP2 (test both), starts pinging VIP (active node replies)
Hope my post could help someone with NLB on Windows Server 2008 and beyond :-)
Friday, September 19, 2008 7:22 AM
All replies
-
This is from http://technet.microsoft.com/en-us/library/cc771300.aspx so you might need to edit the port rules since I don't know what you're clustering.
To create an NLB cluster-
To open Network Load Balancing Manager, click Start, click Administrative Tools, and then click Network Load Balancing Manager. You can also open Network Load Balancing Manager by typing Nlbmgr from a command prompt.
-
Right-click Network Load Balancing Clusters, and then click New Cluster.
-
Connect to the host that is to be a part of the new cluster. In Host, enter the name of the host, and then click Connect.
-
Select the interface that you want to use with the cluster, and then click Next. (The interface hosts the virtual IP address and receives the client traffic to load balance.)
-
In Host Parameters, select a value in Priority (Unique host identifier). This parameter specifies a unique ID for each host. The host with the lowest numerical priority among the current members of the cluster handles all of the cluster's network traffic that is not covered by a port rule. You can override these priorities or provide load balancing for specific ranges of ports by specifying rules on the Port rules tab of the Network Load Balancing Properties dialog box. Click Next to continue.
-
In Cluster IP Addresses, click Add to enter the cluster IP address that is shared by every host in the cluster. NLB adds this IP address to the TCP/IP stack on the selected interface of all hosts chosen to be part of the cluster. NLB doesn't support Dynamic Host Configuration Protocol (DHCP). NLB disables DHCP on each interface it configures, so the IP addresses must be static. ClickNext to continue.
-
In Cluster Parameters, type values in IP Address and Subnet mask (for IPv6 addresses, subnet mask is not needed). A full Internet name is not needed when using NLB with Terminal Services.
-
In Cluster operation mode, click Unicast to specify that a unicast media access control (MAC) address should be used for cluster operations. In unicast mode, the MAC address of the cluster is assigned to the network adapter of the computer, and the built-in MAC address of the network adapter is not used. It is recommended that you accept the unicast default settings. Click Next to continue.
-
In Port Rules, click Edit to modify the default port rules. Configure the rules as follows:
In Port Range, specify a range of 3389 to 3389 so that the new rule applies only to RDP traffic.
In Protocols, select TCP as the specific TCP/IP protocol that a port rule should cover. Only the network traffic for the specified protocol is affected by the rule. Traffic not affected by the port rule is handled by the default host.
In Filtering mode, select Multiple host, which specifies that multiple hosts in the cluster handle network traffic for this port rule.
In Affinity (which applies only for the Multiple host filtering mode), select Noneif you are planning to use TS Session Broker. Select Single if you are not planning to use TS Session Broker.
-
Click Finish to create the cluster.
Technet Forums Moderator | Solution Specialist | Ask The Experts IT-forumTuesday, August 19, 2008 7:09 AM -
-
Hi Joachim,
Nice cut & paste you done here. This doesn't explain how to configure the cluster network but the client network. The question said that he is using 2 NIC's per node. How do you congure the "NLB Interface"?
Thanks
TMT.
ascThursday, August 28, 2008 8:06 AM -
Hi Guys,
Just let you know, that we faced the same trouble, i.e. "could not access NLB address outside local subnet".
We configured 2-nodes unicast NLB cluster with 2 NIC's on each server instance. But unlike pure Windows Server 2008 NLB cluster from the first post, one of our nodes is Windows Server 2008 parent partition with Hyper-V role installed, another one - Windows Server 2003 running as a child partition on another Windows Server 2008 Hyper-V box. Do not ask me, why we use this Hyper-V virtual thingy ;-) mostly to save money on hardware and to utilize existing Windows Server 2003 licenses.
In addition, we played with 2-nodes unicast NLB setup using only Windows Server 2008, but - same trouble. Hyper-V was used in this scenario as well: 1st node - Windows Server 2008 parent partition with Hyper-V role installed, another one - Windows Server 2008 running as a child partition on another Windows Server 2008 Hyper-V box.
BTW, to add Windows Server 2008 child partition to NLB cluster, HotFix from Microsoft should be applied and virtual network card (NIC) has to be manually configured using Virtual Network Manager tool with MAC address of Virtual NLB interface (more details in KB 953828)... A lot of 'virtual', hah?!
To recap, it seems like using default settings for NLB with Windows 2008 is not a good idea. And I could not find any kind of best practices for proper NLB setup for different scenarios so far. Any help?
Cheers, Vic
P.S. Discussion related to running NLB with Hyper-V - http://social.technet.microsoft.com/forums/en-US/winserverhyperv/thread/dcda9a2c-a0a9-4fb6-86eb-a2e86ea9f745/Wednesday, September 10, 2008 6:30 AM -
Hi Guys,
After some research on the Internet, reading, thinking and long hours of playing with settings, I found only ONE configuration that works for me!Actually, we faced two troubles with NLB since the beginning of testing:
1) "could not access NLB address outside local subnet"
2) could not access NLB at all when two nodes were off and then we enable one on windows 2008
Key points of working configuration:
- Specify gateway on the dedicated network interface for NLB on Windows Server 2008 node
- When using Hyper-V and Windows Server 2003 as a Child Partition, use Legacy Network Adapter with static MAC address of NLB Virtual IP
If you are interested in our setup, please find all details below.
In terms of hardware, we use two HP Proliant DL 380 G5 with two E5310 CPU and 4GB each. These boxes have 2 network adapters on board (NIC1, NIC2 for the first box and NIC3, NIC4 for the second one).
As for software, we installed Windows Server 2008 Standard 64 bit with Hyper-V role on both machines. Now in Microsoft (MS) terminology we should refer to Windows Server 2008 instances as to Parent Partitions (PP1 for the first box and PP2 for the second one). We created a Virtual Machine (VM) with Windows Server 2003 R2 Standard 32 bit and run it as a Child Partition on every server (CP1 on PP1 and CP2 on PP2). In total, there are two Windows Server 2008 PP and two Windows Server 2003 R2 CP.We configured CP with 4 virtual CPU and 2 GB of RAM. All latest MS updates are installed. HP teaming is not present on PP.
Final working network configuration is as follows (network part of IPv4 addresses. IPv6 and MAC address except last digits were removed):
xx - single Class C subnet
DIP – Dedicated IP for NLB NIC
VIP – Virtual IP of NLB cluster
>ipconfig /all on PP1
Ethernet adapter Virtual LAN-V and LAN (xx.103 and xx.107):Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network
Physical Address. . . . . . . . . : xx-F6
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : xx::xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : xx.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : xx.101
xx.111
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw):
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter
Physical Address. . . . . . . . . : xx-75
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : xx.127(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IPv4 Address. . . . . . . . . . . : xx.117(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
NetBIOS over Tcpip. . . . . . . . : Disabled
Note: The second hardware NIC HP NC373i Multifunction Gigabit Server Adapter #2 was used to create a bridge for virtual NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network to run CP1 (external connection type in Virtual Network Manager). Because we dedicated the first hardware NIC to NLB Unicast, we decided to share second hardware NIC for PP1 communications inside LAN and CP1 virtual network - that’s why we called it like Virtual LAN-V and LAN (xx.103 and xx.107). This trick is done by enabling only one bidding on the second hardware NIC – Microsoft Virtual Switch Protocol and configuring normal IPv4 bidding on NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network that is used as external connection type in Virtual Network Manager for CP1 as well. Legacy Network Adapter was used for CP1.
>ipconfig /all on PP2
Ethernet adapter LAN 10.110.62.101:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter
Physical Address. . . . . . . . . : xx-56
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : xx::xx(Preferred)
IPv4 Address. . . . . . . . . . . : xx.101(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : ::1
127.0.0.1
xx.10
xx.123
NetBIOS over Tcpip. . . . . . . . : EnabledNote: The second hardware NIC HP NC373i Multifunction Gigabit Server Adapter #2 is dedicated to CP2 and used as a bridge (we call it LAN-V Bridge) for virtual NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network (external connection type in Virtual Network Manager). So, only one bidding is configured on this hardware NIC – Microsoft Virtual Switch Protocol. To create dedicated virtual NIC, we un-ticked all bindings on NIC HP NC373i Multifunction Gigabit Server Adapter #2 - Virtual Network – so it can’t be used by host PP2! Legacy Network Adapter was used for CP2, as well.
FYI Please find good explanation of virtual networking with Hyper-V here -http://blogs.technet.com/jhoward/archive/2008/06/17/hyper-v-what-are-the-uses-for-different-types-of-virtual-networks.aspx>ipconfig /all on CP2
Ethernet adapter LAN xx.105:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter
Physical Address. . . . . . . . . : xx-03
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : xx.105
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : xx.1
DNS Servers . . . . . . . . . . . : xx.101
xx.111Ethernet adapter FE NLB2 LAN (DIP xx.128 and VIP xx.117): Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel 21140-Based PCI Fast Ethernet Adapter (Generic) Physical Address. . . . . . . . . : xx-75 DHCP Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : xx.117 Subnet Mask . . . . . . . . . . . : 255.255.255.0 IP Address. . . . . . . . . . . . : xx.128 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : NetBIOS over Tcpip. . . . . . . . : Disabled
We installed web server (IIS) on all server instances, but we have special design requirement regarding NLB: need to load balance IIS7 on PP1 with IIS6 on CP2.
To sum up, we are configuring 2-nodes unicast NLB cluster with 2 NIC's on each server instance. One node is Windows Server 2008 Standard 64 bit Parent Partition (PP1) with Hyper-V role installed, another one - Windows Server 2003 Standard 32 bit running as a Child Partition (CP2) on another Windows Server 2008 Standard 64 bit Parent Partition (PP2) with Hyper-V box. We installed NLB feature on PP1 and NLB component on CP2.Procedure of creating working NLB for thus particular scenario is as follows:
Using NLB Manager on PP1 we create standard unicast NLB with cluster Virtual IP - VIP xx.117. Take a note of the network address (MAC) of the cluster (xx-75) – we will use it to configure Legacy NIC for CP2. Then we connect to the 1st master node (PP1), selectEthernet adapter FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw) for NLB, then assign 1st host priority and dedicated IP - DIP xx.127. When the host is converged, we go to the properties of FE NLB1 LAN (DIP xx.127 and VIP xx.117 with gw) on PP1 and change them manually in the following way:
- Un-tick all bindings, leave only NLB and TCP/IPv4
- Specify gateway on the TCP/IPv4 properties (xx.1)
- On Advanced Settings, IP Settings tab un-tick Automatic metric and assign 20 as Interface metric
- On Advanced Settings, WINS tab Disable NETBIOS over TCP-IP
Go to TCP/IPv4 properties of the Ethernet adapter Virtual LAN-V and LAN (xx.103 and xx.107) on PP1 and un-tick
Automatic metric as well - assign 1 as Interface metric.
Shut down CP2 and go to settings of this VM on PP2. Go to Legacy Network Adaptor settings and change MAC address
from Dynamic to Static – specify it as network address (MAC) of the NLB cluster. Start CP2.Then in NLB Manager on PP1 we add the second node – CP2. Select Add Host to the cluster and connect to the CP2, select Ethernet adapter FE NLB2 LAN (DIP xx.128 and VIP xx.117) for NLB, assign 2nd host priority and dedicated IP - DIP xx.128. When the host is converged, we go to the properties of FE NLB2 LAN (DIP xx.128 and VIP xx.117) on CP2 and change them manually in the following way:
- Un-tick all bindings, leave only NLB and TCP/IP
- On Advanced Settings, IP Settings tab un-tick Automatic metric and assign 20 as Interface metric
- On Advanced Settings, WINS tab Disable NETBIOS over TCP-IP
Go to TCP/IPv4 properties of the Ethernet adapter LAN xx.105 on CP2 and un-tick Automatic metric as well - assign 1 as Interface metric.
OK, it’s done now!
I tested connectivity using simple ping command from workstation on the same and different subnets – everything worked.
Testing – my scenario:
- disable NLB NIC on PP1 or CP2, and still can ping VIP (active node replies)
- disable remaining NLB NIC , and cannot ping VIP (both nodes are down)
- enable PP1 or CP2 (test both), starts pinging VIP (active node replies)
Hope my post could help someone with NLB on Windows Server 2008 and beyond :-)
Friday, September 19, 2008 7:22 AM -
We had a Similar issue with a 2008 cluster, which turned out to be a problem with both Unicast and Multicast IGMP. We contacted premier support and worked with them for quite a bit, to discover (or bet told that) this is a "feature" in 2008. By default, IP forwarding is disabled. A cluster with multiple NICs will not respond without a default gateway enabled. This can be worked around by entering the following command from a command prompt:
replace the section in quotes with the name of the cluster NIC.
--netsh interface ipv4 set int "Front-end" forwarding=enabledTuesday, October 28, 2008 7:28 PM -
Hi,
I am also facing a similar issue with Windows 2008 NLB when configured in unicat mode is not accessible from other subnet.
I have two NIC cards.
One nic card of both hosts is connected to nortel switch and assigned IP address 10.X.X.X with NLB enabled (local Area Connection).
Another NIC of both hosts is connected via crossover cable and assigned IP address 192.168.X.X (heartbeat).
It works fine when changed to multicast mode. However, I want itto run in Unicast mode.
I run the command you mentioned that is
--netsh interface ipv4 set int "Local Area Connection" forwarding=enabled
Still, i am not able to acess the cluster across the subnet. Running abve command created some issue with server accessing the DC/DNS servers. So, I had to revert it.
Any suggestions. Thanks!Monday, February 02, 2009 6:05 PM -
A little something to share... to get the NLB traffic issues resolved in this scenario I entered persistent routes on the two nodes of the array. This is due to traffic coming in via the NLB has no return route due to having no default gateway set on the NLB NICs. We tried adding the gateway, but this usually causes a slew of other headaches on the servers. So we removed the gateway and entered the route configs.
We did this by doing a ROUTE PRINT in a command prompt to get the interface number of the NLB NIC. Then run the ROUTE ADD command to add a persistent route for the applicable segments outside of the local network via the same DG value of the non-NLB NIC. The trade off with this option is the manual entry of the applicable subnets and if you have dozens or hundreds of networks, that could be painful unless you can script the commands. However, it is just a one time entry :)
SAMPLE:
route add 172.16.0.0 mask 255.240.0.0 172.20.1.2 if 11 -p
route add 192.168.0.0 mask 255.255.0.0 172.20.1.2 if 11 -pFriday, March 13, 2009 1:55 AM -
another alternative to setting the default gateway on the NLB NIC is to disable the strong host model.
check the posting by bill grant on this thread
http://social.technet.microsoft.com/Forums/en-US/winserverPN/thread/1369b2cf-627e-4eab-bbf2-c02f4a0e0650/
quoted here again
Quote:
I figured out with a call to Microsoft Tech support.Windows 2008 introduces a "strong host model" that doesn't allow the
different NICs to talk to each other. For example, if a request comes in on
the 2nd NIC and there's no default gateway setup, then the NIC will not use
the 1st NIC to reply to the requests. (even though there's a default gateway
setup on that 1st NIC).In order to change that behaviour and go back to a 2003 model, you go to the
command prompt and then you type:netsh interface ipv4 set interface NLB weakhostreceive=enable
netsh interface ipv4 set interface NLB weakhostsend=enable(where NLB is the name of the network interface... default is Local Area
Connection)As an alternative, you can set a default gateway on the 2nd NIC but that can
introduce more problems where the system doesn't know which way to send
traffic. MS said that I could set the metric to 2 on the 2nd NIC and that
way it will only be used if the 1st NIC is unavailable.http://technet.microsoft.com/en-us/magazine/2007.09.cableguy.aspx
Unquote:Monday, November 02, 2009 7:25 PM -
Thursday, November 05, 2009 1:30 PM
-
ok here is a new problem for you all i am running a 2 node nlbc for vpn access. however on node one i am also trying to use it as my default gateway using nat for my internal clients. this was working ok unlill i configured nlb and still forks fine if i stop node 2. here is my setup
router-
ip-xxx.xxx.150.1
static for node 1- xxx.xxx.150.3
static for node 2- xxx.xxx.150.4
node1-
private ip- xx.xx.0.2
running-
dns,dhcp,ad,routting and remote access, file and print
standard config for vpn access pick the public address and select the private for dhcp
node 2-
private ip- xx.xx.0.10
running iis, and vpn
standard config for vpn access pick the public address and select the private for dhcp
nlb ip
xxx.xxx.150.2
problem is when i config the nlb i can access vpn just fine but my internal computers are unable to access the internet
what am i doing wrongSaturday, February 13, 2010 9:03 PM -
hi,
we have two web servers, each one has the same contents and services (IIS and MS-SQL), now we want to deploy them in HA mode. i read about NLB and I thing its the best way to achieve this purpose, we are planning to setup the following scenario:
Node1 and node2 are windows 2008 64 standard edition servers
both nodes have Two NIC's : nlb nic and public nic
we have made new cluster and we added node1 and node2 to this cluster and we choose the NLB NIC IP to be the dedicated ip and we use unicast and set the filtering to single (because we dont want to use load balance, we want only active/passive) and we added the Virtual IP as second ip on both nlb nic's on node1 and node2 and we enabled the ip forwarding for nlb nic's,
the Virtual IP is Real IP and it has dns record (it was the ip used to access our web from the public,the Virtual ip refers to www.xxxx.com)
When I test the above settings, Unfortunatly , I could ping on the Virtual IP from any subnet but I couldnt access the site through Virtual IP from internet explorer
is the above configuration is correct? should we have to make any settings on the IIS?
Tuesday, June 22, 2010 5:32 AM -
Dear Joachim,
Thank you for the provided information which is availble in MCTS Training Kit 70-643 Configuring Windows Server 2008 Applicatioin Infrustructure.
People recommened to read in details not a copy paste only.
Do we have to configure 2 ranges of IPs for example:
For NLB: 10.X.X.X
For LAN to communicate with Clients 192.168.1.X
Or both should be from the same range?
In No 4 and 5 do we have to select the same NIC?
IN No 5 +6 + 7 which IP shoudl be selected
Do we have to put the Virtual IP address in for each Phisical NIC?
I wish to read this details from you soon
Thursday, June 24, 2010 8:01 AM -
When I changed the NLB CLuster nodes to Weakhost model, noticed that NLB Cluster is failing to converge the nodes . Then I had to rebuild my NLB Cluster by configuring default gateway on both nics including NLB Nic. Any idea what validations to be performed after enabling Weak host model . Not sure if anyone had such experice.
Thanks SreekanthSaturday, October 30, 2010 11:36 PM -
To solve problem in our scenario we run:
netsh interface ipv4 set interface "NLB" forwarding=enabled
Tuesday, November 23, 2010 7:12 PM -
Thanks Mario for a reply. This means , with weak host model we should also enable forwarding for both NIC's right?
Thanks SreekanthSaturday, November 27, 2010 11:27 AM -
your 2 commend make my NLB working fine. Thanks.
netsh interface ipv4 set interface NLB weakhostreceive=enable
netsh interface ipv4 set interface NLB weakhostsend=enableRegards,
Sambath
Wednesday, September 26, 2012 6:09 AM -
Hi,
I have nlb that its work fine.
Can i give to my nlb cluster more ip address that he 2 ip address can its possible ?
扫一扫
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
