Dual-NIC NLB Configuration with Windows Server 2008 NLB Clusters

We've had a few calls from customers who have run into a particular issue when they've deployed NLB on a Windows Server 2008 cluster. Most of them have had older NLB deployments and thought we made a change to 2008 NLB to cause a problem. The installations with the issue have dual-NIC nodes with the default gateway on the Cluster NIC. This is the reported behavior:

  • Communication with the cluster IP from a computer on the same subnet works without a problem
  • Communication with the cluster IP from an computer on a different subnet fails
  • If you move the default gateway to the cluster NIC, everything works

In Windows Server 2003, a packet from the client would route in through the inbound NIC and because the response was not from the same subnet, it would be sent back via the outbound NIC to the default gateway and back to the client. The problem with the above configuration on a 2008 server is that we disabled IP forwarding by default. Therefore, when the packet enters the inbound NIC, without a default gateway, it has no way to get off subnet and the packet is dropped.

There is actually a simple change in order to get this to work without putting the default gateway on the cluster NIC. You need to enable routing using one of the two following methods - via netsh or via the registry:

Via netsh:

  • First, you need to get the name of the Cluster NIC. This appears in "Network Connections" or, from the command prompt, run the following command:
    • netsh interface show int
  • The output will look like this:
Admin State    State          Type             Interface Name

-------------------------------------------------------------------------

Enabled        Connected      Dedicated        Cluster NIC
  • That will show you the interfaces in the server. Find the name of the cluster NIC and put it in quotes in the following command:
    • netsh interface ipv4 set interface "Cluster NIC" forwarding=enabled
  • You can confirm that it is changed by running the command:
    • netsh interface ipv4 show interface l=verbose
  • If the look at the output below, you'll see that Forwarding is now enabled:
Interface Cluster NIC Parameters

----------------------------------------------

IfLuid                             : ethernet_5

IfIndex                            : 10

Compartment Id                     : 1

State                              : connected

Metric                             : 20

Link MTU                           : 1500 bytes

Reachable Time                     : 30000 ms

Base Reachable Time                : 30000 ms

Retransmission Interval            : 1000 ms

DAD Transmits                      : 3

Site Prefix Length                 : 64

Site Id                            : 1

Forwarding                         : enabled

Advertising                        : disabled

Neighbor Discovery                 : enabled

Neighbor Unreachability Detection   : enabled

Router Discovery                   : dhcp

Managed Address Configuration      : enabled

Other Stateful Configuration       : enabled

Weak Host Sends                    : disabled

Weak Host Receives                 : disabled

Use Automatic Metric               : enabled

Ignore Default routes              : disabled

Via the registry

Add the following value:

Key name: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Value Name: IpEnableRouter

Data Type: REG_DWORD

Value: 1

Be sure to reboot the server for the change to take effect. The netsh command does not require a reboot.

Technorati : , , ,
Del.icio.us : , , ,
Zooomr : , , ,
Flickr : , , ,

Posted in , , ,


0 Response to "Dual-NIC NLB Configuration with Windows Server 2008 NLB Clusters"

Post a Comment

Subscribe to: Post Comments (Atom)