Re: NLB Heartbeat/private network

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Ryan

I did see your cheat *** while I was creating my cluster and I did follow
your instructions. However - for my "private" NIC on each node I have not
used a 192.168..... address - I am using an address on the same subnet as the
"public" network. Is this a problem?

I had been using the cluster this way for a while - and everything seemed to
work until I used the SP1 SCW - and turned on the Windows Firewall. I had
been using IPSec policies to restrict traffic. With the Firewall turned on -
people outside my local subnet can see the cluster for only about 2-4 hours.
Then all of a sudden they can't see it any more - I can still see it from my
local subnet.

I was trying to determine what was causing this problem - after reading
could it be that I was not allowing ICMP traffic? It seems to be a problem
with the switch learning the virtual MAC address - I read somewhere that this
could be caused by restricting ICMP responses - does this make any kind of
sense?

Do you know if people have sucessfully used NLB with the SP1 firewall? I am
basically running IIS in my cluster

"Ryan Sokolowski [MVP]" wrote:

> I'll post my little step-by-step "cheat ***" here again for your
> benefit...
>
> Maybe the issue is that you don't work for the University of Notre Dame? :)
> (just kidding!)
>
> Hope this helps, Amy...
> --Ryan
>
>
> How-To: Configure Network Load Balancing (NLB) with Two Network Adapters
>
> 1. Assign appropriate IP addresses to each NIC, placing them in separate
> subnets.
>
> * Node1 -
>
> o "Public" NIC
> * IP address: 10.10.2.17
> * Subnet: 255.255.255.0
> * Gateway: 10.10.2.1
> * DNS: as appropriate
>
> o "NLB" NIC
> * IP address: 192.168.1.1
> * Subnet: 255.255.255.0
> * Gateway: N/A
> * DNS: N/A
>
>
> * Node2 -
>
> o "Public" NIC
> * IP address: 10.10.2.18
> * Subnet: 255.255.255.0
> * Gateway: 10.10.2.1
> * DNS: as appropriate
>
> o "NLB" NIC
> * IP address: 192.168.1.2
> * Subnet: 255.255.255.0
> * Gateway: N/A
> * DNS: N/A
>
> 2. On the "Public" NICs, click "Advanced" and add an additional IP address
> as the Virtual IP Address which clients will connect to from the Public
> network (i.e. - 10.10.2.177)
>
> 3. Install "Network Load Balancing" as an additional service from the
> "Public" adapter properties.
> * Click "Install.." and then select "Service" in the upper-window and click
> "Add."
> * Select "Network Load Balancing" in the upper-window and click "OK"
> * Answer any prompts and provide the correct path to installation media.
>
> 4. Once NLB is installed, return to the Properties page for the "Public" NIC
> and select the check-box next to "Network Load Balancing." This enables the
> service globally.
>
> 5. Next, select the item "Network Load Balancing" and click "Properties"
>
> 6. Configure the NLB Cluster properties according to your parameters, using
> the following example steps as a guide.
>
> * Node1 -
>
> o "Public" NLB Cluster Parameters tab
> * Primary IP address: 10.10.2.177
> * Subnet: 255.255.255.0
> * Full Internet Name mail.domain.com
>
> o "Public" NLB Host Parameters tab
> * Priority: 1
> * Dedicated IP address: 10.10.2.17
> * Subnet: 255.255.255.0
>
>
> * Node2 -
>
> o "Public" NLB Cluster Parameters tab
> * Primary IP address: 10.10.2.177
> * Subnet: 255.255.255.0
> * Full Internet Name mail.domain.com
>
> o "Public" NLB Host Parameters tab
> * Priority: 2
> * Dedicated IP address: 10.10.2.18
> * Subnet: 255.255.255.0
>
> 7. MultiCast support can be optional in this configuration.
>
> 8. You can also now take time to create a static Host record (A record) in
> your scenario's DNS infrastructure to provide appropriate name resolution to
> the NLB cluster name (i.e. - mail.domain.com or just mail).
>
> 9. Your NLB cluster should be up and running.
>
> 10. An external client should now be able to ping the IP address of the NLB
> cluster (i.e. - 10.10.2.177) as well as each of the individual node
> addresses (i.e. - 10.10.2.17 & -.18).
>
> 11. Many good diagnostic commands can be found by typing "wlbs /?" in a
> command window. For example, "wlbs query" shows the status and convergence
> state of the cluster.
>
> 12. IMPORTANT NOTE: In this configuration, each individual node is NOT able
> to ping the other node's Public physical IP address (i.e - 10.10.2.17 cannot
> ping 10.10.2.18 and vice-versa). I believe this is expected behavior, as
> the NLB cluster is now responding to requests on the Virtual Cluster address
> (i.e. - 10.10.2.177).
>
>
> --
> Ryan Sokolowski
> MVP - Windows Server - Clustering
> MCSE, CCNA, CCDA, BCFP
>
> "A troubleshooter's best tool is the Event Viewer and understanding the
> events and messages contained therein."
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Amy Lewis" <AmyLewis@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:F72DFDF7-68B9-46BD-85E6-9C633B5D63C5@xxxxxxxxxxxxxxxx
> >I have recently set up a 2 Node NLB Cluster. Both machines have 2 NICs.
> > Each machine has 1 NIC connected to the switch/external network (called
> > Public) and each machine has 1 NIC configured as a Private network and
> > connected via a crossover cable to the other machine.
> >
> > I can ping the private network address from each machine to the other
> > machine. My cluster seems to be working - although it doesn't seem that
> > the
> > heartbeat is functioning correctly.
> >
> > I followed the instructions using the NLB Manager. Basically here is my
> > info
> >
> > Cluster IP 141.211.134.231
> > Cluster Name uuis.umich.edu
> >
> > 1st Node (UUISWEB)
> > Dedicated Cluster address (Public) is 141.211.134.234
> >
> > 2nd Node (UUISWEB2)
> > Dedicated Cluster address (Public) is 141.211.134.235
> >
> > My 2 private addresses are 192.168.1.1 (UUISWEB) and 192.168.1.2
> > (UUISWEB2).
> >
> > My questions are:
> >
> > The NIC that has the private address doesn't seem to be getting any packet
> > traffic (i.e. shouldn't the heartbeat activity show some packets
> > sent/received)?
> >
> > How often does that heartbeat go? Every second?
> >
> > Did I set it up wrong - should the dedicated IP be the Private address?
> > So
> > when I add a host to the cluster - and it presents me with the list of
> > NICs
> > to choose from as the dedicated IP - should that be the private (non
> > routable) one???
>
>
>
.

Quantcast