1 / 18

Microsoft Network Load Balancing Support

Microsoft Network Load Balancing Support. Vivek V vivev@cisco.com. Agenda. MS NLB Overview MS NLB Unicast mode MS NLB Multicast mode Catalyst switches and NLB Limitations and Restrictions Known Bugs References. MS NLB Overview.

desma
Download Presentation

Microsoft Network Load Balancing Support

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Microsoft Network Load Balancing Support Vivek V vivev@cisco.com

  2. Agenda • MS NLB Overview • MS NLB Unicast mode • MS NLB Multicast mode • Catalyst switches and NLB • Limitations and Restrictions • Known Bugs • References

  3. MS NLB Overview • Provides scalability and high availability to enterprise-wide TCP/IP services, such as Web Servers. • Network Load Balancing servers (also called hosts) in a cluster communicate among themselves to provide key benefits, including: • Scalability: up to 32 servers. • High availability. automatically detects failure of a server. • Distributes IP traffic to multiple copies (or instances) of a TCP/IP service, such as a Web server, each running on a host within the cluster. • Transparently partitions the client requests among the hosts and lets the clients access the cluster using one or more "virtual" IP addresses.

  4. MS NLB Overview (cont’d) Looks like a single-host/IP server to outside world/clients. All of the hosts must recv all incoming requests. Then, NLB infra distributes load between the servers

  5. MS NLB Unicast mode • Default mode • Works seamlessly on physical environments, based on flooding • User specifies a shared IP for all hosts in the cluster • A shared MAC is auto-generated and set on Host/VM interfaces: • A:B:C:D -> 02:BF:A:B:C:D

  6. MS NLB Unicast mode (cont’d) • How is the shared IP/MAC used? • ARPing of the shared IP: • ARP reply will have the shared-MAC in ARP header, but not in the ethernet header Incoming Packets: Sent to shared MAC (02:BF:A:B:C:D) This MAC is not learned anywhere -> FLOOD Outgoing Packets: Sent using a different src-MAC (02:01:A:B:C:D), so the shared MAC won’t be learned Host-1 Host-2 Host-3

  7. MS NLB Multicast Mode • How is the shared IP/MAC used? • In multicast mode: The cluster members respond to ARPs for their virtual address using a multicast MAC address for example 0300.5e11.1111 and to send IGMP Membership Report packets. If IGMP snooping is enabled on the local switch, it snoops the IGMP packets that pass through it. This prevents flooding. Incoming Packets: Sent to shared MAC (03:00:5e:B:C:D) This MAC needs to be put into the mac address table via IGMP snooping Outgoing Packets: Sent using a different src-MAC (02:01:A:B:C:D), so the shared MAC won’t be learned Host-1 Host-2 Host-3

  8. NLB Multicast Mode (cont’d) • Issues with using IGMP snooping: • -- The mac address will be present in the IGMP snooping database and will e mapped to the ports to which the servers are connected. • HOWEVER: • -- The servers will respond to arps for the VIP with a multicast mac address. • -- The switch will not accept this and will drop the response and the VIP will lose connectivity. • -- Hence we need to disable IGMP snooping.

  9. MS NLB Multicast mode cont’d • Disabling snooping leads to flooding . • Arp will still be incomplete. SOLUTION: -STATIC ARP arp172.16.63.241 0300.5e11.1111 -STATIC MAC mac−address−table static 0300.5e11.1111 vlan 200 interface fa2/3, fa2/4 NOTE: mac−address−table static 0300.5e11.1111 vlan 200 interface fa2/3, fa2/4 disable-snooping In the platform catalyst 6500

  10. MS NLB Multicast mode cont’d • Note: • Statically mapping MAC to multiple ports is supported only in software on the Catalyst 4500 switch. • Using this configuration on Catalyst 4500 switch may cause high CPU • Solution: add the servers to a separate VLAN and allow flooding in the vlan (prune the vlan from trunks that do not need them)

  11. Problems with NLB Multicast mode • -- On The cat6k later IOS , it will not show the disable snooping option even though the servers are in multicast mode • Solution: • -- This is because the switch does not recognize the macs that conform to IGMP multicast i.e 0100.5exx.xxxx , 0300.5exx.xxxx • -- Check the IGMP checkbox on the server to generate an IGMP compliant mac address.

  12. Example setup and configuration • Example setup

  13. Configuration • Cat6K#show running-configBuilding configuration...! • ! interface FastEthernet2/1 description "Uplink to the Default Gateway" no ip address switchportswitchport access vlan 100 ! • ! interface FastEthernet2/3 description "Connection to Microsoft server"no ip address switchport switchport access vlan 200 ! interface FastEthernet2/4 description "Connection to Microsoft server" no ip address switchport switchport access vlan 200 ! • ! mac-address-table static 0300.5e11.1111 vlan 200 interface fa2/3 fa2/4 disable-snooping! --- Creating a static entry in the switch for the multicast virtual mac.! --- fa2/3 & fa2/4 are the ports connected to server.!--- The disable-snooping is applicable only for Cisco Catalyst 6000/6500 series switchesarp 172.16.63.241 0300.5e11.1111! --- 172.16.63.241 is the Virtual IP of 2 servers

  14. Verification • show mac-address-table - Displays a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN. • Cat6K#show mac-address-table 0300.5e11.1111          Mac Address Table-------------------------------------------Vlan    Mac Address      vType        Ports---- -----------      --------     -----200    0300.5e11.1111     STATIC    Fa2/3 Fa2/4 • show ip arp - Displays the Address Resolution Protocol (ARP) cache. • Cat6K#show ip arpProtocol  Address          Age (min)  Hardware Addr   Type   InterfaceInternet  172.16.1.1            -     0300.5e11.1111  ARPA   Vlan200

  15. Known Bugs • CSCsw72680IP - Packets loop if running Microsoft NLB in presence of PIM • CSCtx95441Destination MAC 0000.0000.0000 on mapping unicast IP to multicast MAC • CSCsu84397Sup6E Static ARP to multicast mac address may cause routing loop • CSCug49149PFC3B/DFC3B - Routed Microsoft NLB traffic black-holed across a DEC • CSCsy62709MLS CEF - Packets loop if running Microsoft NLB in presence of PIM • CSCuh08087Microsoft NLB multicast mode broken on 3850

  16. References • Microsoft Technical Overview: • http://technet.microsoft.com/en-us/library/bb742455.aspx • Cat6k Config Example: • http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_example09186a0080a07203.shtml • Vmware + Ucast mode Workaround: • http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1556

  17. Limitations and Restrictions • not supported on PVLAN ports. • not supported on the ports configured with UUFB (unknown unicast flood blocking). • not supported on the ports configured with “switchport port-security mac-address sticky”.

More Related