Purpose
I often run across failing NLB clusters, and administrator with many questions. Like with many technologies, I find NLB to best be kept simple, it does not require some grand configuration, and whitepapers only intending to explain all you options, often mislead you into configuring things wrong, or more detailed than is needed. In this article, I intend to share a simple configuration of NLB that has not failed me in my years of working with it, and assisting customers with troubleshooting their config.
Prerequisites
Before configuring NLB here are some things you will need.
– A separate subnet for the NLB cluster is recommended. This is because NLB traffic (if not using multicast which requires further functions from the network hardware) is broadcast to every port on the Vlan.
– You will need an IP from every host/interface.
– You will need an IP for the VIP of each NLB cluster (the IP must be in the same subnet as the boxes static IPs)
Configure NLB
Configure the Cluster Parameters
This part will be the same on every node within the NLB cluster.
– From a run prompt enter ncpa.cpl
– Right-click the adapter you want to participate and then click Properties.
– If you do not already see Network Load Balancing:
– Then click Install
– Select Network Load Balancing then Ok
– The server will load the driver then return you to the properties page
– Check the Network Load Balancing check box, and then click Properties.
– On the Cluster Parameters tab enter the following information for the cluster:
– Cluster IP address
– Subnet mask
– Cluster FQDN (DNS name)
– Under Cluster operation mode, click Unicast (in most cases, unless your network admin gave you a multicast address and enabled multicast on the routers)
Note: I would recommend that you do not select the Allow remote control check box to turn on remote-control operations. There are too many security issues with this and too many secure way to manage the cluster (i.e. RDP, the NLB manager, etc).
Configure the Host Parameters
This part will be different on every node within the NLB cluster.
– From a run prompt enter ncpa.cpl
– Right-click the adapter you want to participate and then click Properties.
– Select Network Load Balancing, and then click Properties.
– Select the Host Parameters tab.
– Add the static IP information for the NIC connected to this cluster in the Dedicated IP configuration box.
– Under Initial host state, specify the host state with regard to the Network Load Balancing cluster when Windows is started.
Configure Port Rules
You will see a number of people and articles out there saying to configure the port rules of the cluster to just what you need it for. Let me say, that this is not needed and can often cause more problems. If you are not putting multiple clusters on the same set of interfaces, on the same set of servers, leave this alone. The server receives the packets either way, all you would be doing is cutting it legs off.
Configuring the Host
The last thing that you will need to take care of is to configure the host. Here are a couple of things that you will need to do.
– Add NLB VIP to IP address on the interface participating in the cluster.
– From a run prompt enter ncpa.cpl
– Right-click the adapter participating in NLB and then click Properties.
– Select TCP/IP, and then click Properties.
– Click Advanced
– On the IP Settings tab add the NLB VIP as the second IP address in the list.
– Ok, Ok, Ok.
– Ensure that MaskSourceMac is set in the registry.
– Browse to the location in the registry
– In 2000 the MaskSourceMAC is located in the following registry key:
– HKLMSYSTEMCurrentControlSetServicesWLBSParameters
– In Microsoft Windows Server 2003, the MaskSourceMAC value is located in the following registry key:
– HKLMSYSTEMCurrentControlSetServicesWLBSParametersInterface<GUID>
Verifying the Config
There are a couple of tools that you can use to manage and verify the configuration of the each NLB node. I prefer the WLBS Display command used at the command line. After configuring any NLB cluster I like to run this command on each node in the cluster to ensure that the cluster configurations between them match.
You also can use the NLB management tools (those these can sometimes be flaky) and of course you can always go back to through the properties of the NIC itself.
After you are confident that the setting on each node match, it is time to test your config. The easiest and most thorough way to do this is to simply only have NLB running on one node at a time, and ensure that you can connect (from multiple workstations on multiple subnets is best). To stop NLB without having to shutdown the server, at a command-prompt simply enter WLBS Stop. Once you test this one each server you can be confident that you NLB cluster will provide the fault tolerance you are looking for.