This not true, you can still use a hair-pin cable.
1.) Create a new VLAN 2
2.) Add the NLB server ports to that VLAN 2
3.) Add a "free port" to VLAN 2, let's say 1/10
3.) Create VLAN 3
4.) Add a port to that new VLAN, let's say 1/11
5.) Connect port 1/10 to 1/11 with a network cable
6.) Assign an IP interface to VLAN 3
7.) Create a static-route to the NLB server cluster IP which is "behind" the IP interface of VLAN 3 (so the network knows how to reach the IP)
8.) As the switch can't learn the MAC-ADDRESS of the cluster, it will flood in VLAN 2 and therefore all servers receive the traffic (as MS wants it)
9.) You'll have ensure that the servers know the "way out" of that network
I know this is quick and dirty, but it works. This doesn't give you much bandwidth though ...
Hope this helps...
Configuration for Microsoft NLB Network Loadbalancer
-
benny
-
Elmo
Re: Configuration for Microsoft NLB Network Loadbalancer
I have actually got this to work but would like to know how many rules I am breaking to make this happen.
Our environment is as follows:
The NLB cluster servers are connected to 7700 switches (which do handle NLB)
The NLB is in multicast mode
The NLB consists of 2 servers in physically different locations
Our 6850 connects to 2 separate 7700 switches with one fiber connection to each switch
RIP is enabled on all switches
The two connections on the 6850 are for the same VLAN (VLAN1) (yes, I know you are not supposed to use VLAN1 - pre-existing customer condition)
Clients on the 6850 are on a separate VLAN - VLAN 3
The intent is to isolate traffic on VLAN 3 from other VLANs
The 6850 is configured with ports 1/1 and 1/2 on VLAN 1 and ports 1/3 through 1/48 as VLAN 3
The physical connections to VLAN 1 from the 6850 to the two different 7700's are through ports 1/1 and 1/2
Here is what I needed:
I needed to hit the NLB cluster from a client on VLAN 3 for authentication and roaming profile access.
Here is what I did (after many attempted tweaks):
Set a static ARP entry on the 6850 for the NLB MAC on port 1/1 (I could not get proxy ARP to work)
I aggregated port 1/1 and 1/2
This allows me to successfully hit the NLB and get / set roaming profile data for my users.
I have seen that there are many problems with the 6850 and NLB and would like to know:
1. Is any better way of doing this?
2. Just how many rules of good network design am I breaking?
Our environment is as follows:
The NLB cluster servers are connected to 7700 switches (which do handle NLB)
The NLB is in multicast mode
The NLB consists of 2 servers in physically different locations
Our 6850 connects to 2 separate 7700 switches with one fiber connection to each switch
RIP is enabled on all switches
The two connections on the 6850 are for the same VLAN (VLAN1) (yes, I know you are not supposed to use VLAN1 - pre-existing customer condition)
Clients on the 6850 are on a separate VLAN - VLAN 3
The intent is to isolate traffic on VLAN 3 from other VLANs
The 6850 is configured with ports 1/1 and 1/2 on VLAN 1 and ports 1/3 through 1/48 as VLAN 3
The physical connections to VLAN 1 from the 6850 to the two different 7700's are through ports 1/1 and 1/2
Here is what I needed:
I needed to hit the NLB cluster from a client on VLAN 3 for authentication and roaming profile access.
Here is what I did (after many attempted tweaks):
Set a static ARP entry on the 6850 for the NLB MAC on port 1/1 (I could not get proxy ARP to work)
I aggregated port 1/1 and 1/2
This allows me to successfully hit the NLB and get / set roaming profile data for my users.
I have seen that there are many problems with the 6850 and NLB and would like to know:
1. Is any better way of doing this?
2. Just how many rules of good network design am I breaking?
-
cedric1
Re: Configuration for Microsoft NLB Network Loadbalancer
hello
a design is better than a long text , so if you can post one with link, vlan port member, where you make routing etc.
config output of static arp.
I'm working too on this topics and get some info from support about this.
But info I ask you in the first line are very important
When you say
Cedric
a design is better than a long text
, so if you can post one with link, vlan port member, where you make routing etc.config output of static arp.
I'm working too on this topics and get some info from support about this.
But info I ask you in the first line are very important
When you say
what do you mean , linkagg ? as you connect to two 7700 you use DHL ?aggregate port 1/1 to 1/2
Cedric
-
Elmo
Re: Configuration for Microsoft NLB Network Loadbalancer
Hello Cedric 1,
Sorry about that.
Put a diagram with this post - hope it clears up some of the questions.
I have used IP addresses that are not actual addresses on the network due to customer requirements.
Please note - it was not mentioned but ALL sub-net addresses are: 255.255.0.0
The server has 2 NICs that are configured with BASP (Broadcom) as a virtual NIC. Each NIC is connected to a different 7700 switch as shown in the diagram.
The NLB cluster consists of another server configured in a similar fashion with additional switches.
This set up is my LAB setup because I do not have enough equipment to simulate the full blown customer network.
This setup is essentially 'half' of the network.
In order to communicate with the server from the 1.1.3.X client, I had to insert a static ARP with the MAC address for 1.1.2.6 into the 6850 (03:bf:01:01:02:06) and assign it to port 1.
Then I had to perform a link aggregate of port 1/1 and 1/2 on the 6850 in order to provide automated fail-over if the path for port 1/1 out of the 6850 were to go down for any reason. This is a one-sided link aggregate - only the 6850 connections were aggregated inside the 6850 switch. No other aggregates exist anywhere in the network.
No matter how I tried to configure the 6850 to support multi-casting it would not allow communication to the server NLB cluster unless I added the static ARP - it would not function correctly with a proxy ARP.
If I did not aggregate the 1/1 and 1/2 slots on the 6850 - I could not get the automated fail-over.
I know that link aggregation is for increasing bandwidth between switches so performing this only on one side (the 6850) that is connected to the same VLAN in 2 different switches raised questions about this configuration. I feel like I am cheating, but this is the only way I could get this to work.
Any feedback you have on this would be greatly appreciated.
Thanks.
E
Sorry about that.
Put a diagram with this post - hope it clears up some of the questions.
I have used IP addresses that are not actual addresses on the network due to customer requirements.
Please note - it was not mentioned but ALL sub-net addresses are: 255.255.0.0
The server has 2 NICs that are configured with BASP (Broadcom) as a virtual NIC. Each NIC is connected to a different 7700 switch as shown in the diagram.
The NLB cluster consists of another server configured in a similar fashion with additional switches.
This set up is my LAB setup because I do not have enough equipment to simulate the full blown customer network.
This setup is essentially 'half' of the network.
In order to communicate with the server from the 1.1.3.X client, I had to insert a static ARP with the MAC address for 1.1.2.6 into the 6850 (03:bf:01:01:02:06) and assign it to port 1.
Then I had to perform a link aggregate of port 1/1 and 1/2 on the 6850 in order to provide automated fail-over if the path for port 1/1 out of the 6850 were to go down for any reason. This is a one-sided link aggregate - only the 6850 connections were aggregated inside the 6850 switch. No other aggregates exist anywhere in the network.
No matter how I tried to configure the 6850 to support multi-casting it would not allow communication to the server NLB cluster unless I added the static ARP - it would not function correctly with a proxy ARP.
If I did not aggregate the 1/1 and 1/2 slots on the 6850 - I could not get the automated fail-over.
I know that link aggregation is for increasing bandwidth between switches so performing this only on one side (the 6850) that is connected to the same VLAN in 2 different switches raised questions about this configuration. I feel like I am cheating, but this is the only way I could get this to work.
Any feedback you have on this would be greatly appreciated.
Thanks.
E
You do not have the required permissions to view the files attached to this post.
-
cedric1
Re: Configuration for Microsoft NLB Network Loadbalancer
hello
It is ok for me for your nlb setup.
Only strange point is the use of link agg between 6850 and both 7700. You use static link agg ?
Linkagg is configured on 6850, but not on 7700 (please confirm)
I suppose link between 7700 is in blocking mode or ALT for spanning tree.
For vlan 1 configure 6850 as root stp.
in this way link from 6850 to 7700 will stay in Forward mode and not need to use asymetric linkagg
Design will be more Compliant with best practice network design.
Rgds and good luck for production running
Cedric
It is ok for me for your nlb setup.
Only strange point is the use of link agg between 6850 and both 7700. You use static link agg ?
Linkagg is configured on 6850, but not on 7700 (please confirm)
I suppose link between 7700 is in blocking mode or ALT for spanning tree.
For vlan 1 configure 6850 as root stp.
in this way link from 6850 to 7700 will stay in Forward mode and not need to use asymetric linkagg
Design will be more Compliant with best practice network design.
Rgds and good luck for production running
Cedric
You do not have the required permissions to view the files attached to this post.
-
Elmo
Re: Configuration for Microsoft NLB Network Loadbalancer
Thanks Cedric,
The link agg is abnormal - only a static on the 6850 nothing on the 7700.
This is the only combination that I could get the configuration to work the way I wanted it to work.
One of the 7700 links is blocking depending on which route the path travels (tried the fail-over of each connection)
I will try your recommendation to be more compliant with best practices.
Thanks for the help.
Elmo
The link agg is abnormal - only a static on the 6850 nothing on the 7700.
This is the only combination that I could get the configuration to work the way I wanted it to work.
One of the 7700 links is blocking depending on which route the path travels (tried the fail-over of each connection)
I will try your recommendation to be more compliant with best practices.
Thanks for the help.
Elmo
-
cedric1
Re: Configuration for Microsoft NLB Network Loadbalancer
Hello
It is my tour to post my setup for successfull NLB implementation.
Here we use XNI-U2 board for incoming traffic and outgoinf for layer3. So routing is done on fsx55 and fsx56.
As we have an Hw limitation for this board we have to make a loop on these board, check design.
limitation is for XNI-U2 / U6 or 48T board.
In my case if traffic enter trough and C24 board and go out on a C24 board, I have no loop to be done.
It is my tour to post my setup for successfull NLB implementation.
Here we use XNI-U2 board for incoming traffic and outgoinf for layer3. So routing is done on fsx55 and fsx56.
As we have an Hw limitation for this board we have to make a loop on these board, check design.
limitation is for XNI-U2 / U6 or 48T board.
In my case if traffic enter trough and C24 board and go out on a C24 board, I have no loop to be done.
You do not have the required permissions to view the files attached to this post.
