Stepbystep NLB cluster installation and configuration

Network Load Balancing functions as a network component that is activated on a pernetwork-adapter basis. The software consists of a networking driver WLBS.SYS and control program NLB.EXE.

Before you start configuring NLB, ensure that you have several available IP addresses. In a single network adapter configuration, you will need one for the "virtual" cluster, shared among all the nodes, and one dedicated per each node. They all should belong to the same subnet and share the same subnet mask parameter. In a dual network adapter configuration, you need the "virtual" one for the entire cluster (shared among all the nodes), and two per node (dedicated and management). Cluster and dedicated IP addresses need to belong to the same subnet. All management IP addresses need to reside on a separate subnet. If a server has multiple network adapters, the default gateway parameter should be set only for the one that connects to the largest network. In the case of NLB clusters, this typically would be a cluster network adapter, connected to the public network and accepting load-balanced client requests. Paths to other networks (such as those containing management workstations) must be added manually to routing tables on each node.

Make sure that the network adapter that will be used for NLB is set with a static IP (not DHCP assigned). This static IP will be used as dedicated IP during the NLB configuration. Also ensure that you perform all of the operations using an account that has administrative privileges to all servers that will become NLB cluster members.

An NLB cluster can be installed using the properties of a network connection in the Network Connections window, using Network Load Balancing Manager, or with Application Center 2000. Using NLB Manager is the recommended method, but we will start with the first option for the sake of completeness (for information on configuring NLB with Application Center 2000, refer to its documentation). This will also help you appreciate the simplicity and robustness of the NLB Manager (which is presented next).

Network Load Balancing appears as a network component in the Network Connection properties window. Enabling it involves checking a checkbox and modifying the parameters of the cluster, host, and port rules (perform this process on each node separately). Begin in the dialog box that displays the properties of the network connection that will be used as a cluster network adapter. The NLB option should appear in the list of installed components with a checkbox unchecked. If the option is not there, add it by clicking the Install button and selecting Network Load Balancing from the list of Services. After the option is selected and the checkbox checked, the Properties button becomes enabled. Clicking it brings up the Network Load Balancing Properties dialog box from which most of the configuration settings are available.

The settings are grouped under three tabs:

♦ The Cluster Parameters tab contains clusterwide parameters (see Figure 25-9).

Close Listening Port 1723 Windows 2003
Figure 25-9: Network Load Balancing cluster parameters

♦ The Host Parameters tab contains settings specific to the node being currently configured (see Figure 25-10).

♦ The Port Rules tab contains a list of port rules that consists of both clusterwide and node-specific settings (see Figure 25-11).

After the cluster parameters, host parameters, and port rules are configured, you need to modify the TCP/IP properties for the same network adapter. In the Internet Protocol (TCP/IP) properties dialog box, click the Advanced button and add the cluster IP address, with its subnet mask as the second, to the list of IP addresses. The dedicated IP address should appear first in the list (this IP address should already be there because it has been statically assigned prior to enabling NLB). In a dual network adapter configuration, you would also assign a management IP address to the other network adapter (using DHCP in this case is allowed). Once the cluster is installed, create entries on your DNS servers, resolving the Full Internet Name of the cluster to its IP address. The same applies to any other clustered applications that use unique DNS names.

To add another node to the existing NLB cluster, repeat the process described previously. When specifying the host parameters and handling priority, ensure that you enter values different from those used on the existing cluster nodes. Conversely, ensure that all of the remaining values are identical to those on the first node. Adjust the load weight to reflect the processing capacity of the new node.

Tcp Configuration Parameters
Figure 25-10: Network Load Balancing host parameters
Terminal Servers Nlb Network Adapter
Figure 25-11: Network Load Balancing port rules

When a node is removed from an NLB cluster (by unchecking the NLB checkbox in the Network Connection properties window), the cluster IP address should be manually removed from the TCP/IP configuration properties of a cluster network adapter. Otherwise, an IP address conflict will result.

As you can see, using the Network Connection properties for configuring Network Load Balancing requires several repetitious steps and leaves plenty of room for error. This is the main reason behind recommending NLB Manager as the preferred tool for cluster management. NLB Manager helps to prevent issues resulting from misconfigured nodes, and it automates many tasks that would have to be performed manually otherwise (for example, the adding and ordering of clustered IP addresses to the TCP/IP properties of the cluster network adapter). It also simplifies creating a new cluster; adding or removing nodes; creating, deleting, or modifying port rules; and changing the host or cluster parameters. In addition, using this utility does not require access to the server (either via a console or an RDP connection). NLB Manager can run (like most administrative tools) from any workstation or server. The only exception applies to NLB clusters in unicast mode with single network adapters. In such a configuration, if NLB Manager is run directly on one of the cluster nodes, then it cannot be used to manage the parameters of any other nodes because connection to the cluster's virtual IP address originating from any of the cluster nodes would always be looped back to the same node (due to the matching destination IP and MAC address). Nonetheless, you can use the Network Connection properties window to manage the cluster and host properties directly on each node. The practical implication is that you shouldn't attempt to add more nodes to a single-node NLB cluster by running NLB Manager from the first node, as long as the single adapter in unicast mode is used.

NLB Manager is part of the Windows Server 2003 Enterprise Server and Windows Server 2003 Datacenter Server Administrative Tools. Like Cluster Administrator, it is not implemented as a Microsoft Management Console snap-in but as an executable, NLBMGR.EXE. Its main window (shown in Figure 25-12) is divided into three panes. The top-left pane contains a list of clusters and nodes. When one is selected, its content (with properties) is shown in the top right window pane. The bottom portion of the window displays status messages generated by different actions invoked from the top or context-sensitive menus. You can connect to multiple NLB clusters from the same window.

To create a new NLB cluster, you need to select New from the Cluster menu. This brings up the Cluster Parameters screen.

Figure 25-12: Main interface of Network Load Balancing Manager

At this screen, enter the same parameters that you did in the Network Connection properties window. After typing them in and clicking the Next button, you have the option to add more cluster IP addresses (besides the primary). The next dialog box enables you to define port rules, and is followed by the Connect screen (presented in Figure 25-13), where you can specify a host that will become the first member of the new cluster. After you type in its host name or IP address and click Connect, you are presented with the list of interfaces available for configuration of a new cluster.

Figure 25-13: Designating the first host of an NLB Cluster using NLB Manager

Select the one that will be clustered and click Next again. You will be presented with the Host Parameters window, which is identical to the one provided by the Network Connection properties. From here, you can alter the default values if desired. This step completes the setup of the first node of the NLB cluster.

To add another node, highlight the cluster in the top-left pane and select the Add Host to Cluster option from the Cluster menu. You will be prompted for the Host IP address with the same Connect dialog box that appeared when creating the cluster. After you click the Connect button (a target server has to be active), you will see a list of its IP interfaces (just as before). Select the one to which the cluster IP address will be bound and click Next. Then, specify the host parameters and click Finish. Repeat the same process for all remaining nodes.

Removal of the host is also straightforward. Select the Delete Host menu option. This automatically removes the IP cluster address from the TCP/IP properties of a cluster network adapter on a target server.

To manage an existing node, use the Connect to Existing menu option (in the Cluster menu or right-click menu of the NLB Clusters node). This will display the Connect dialog box, prompting you for the IP address or name of one of the cluster nodes. Do not enter the clustered IP address here. Otherwise, you might have problems accessing some of the nodes' parameters.

The following list shows the port rule parameters for the most common types of services used with Network Load Balancing:

FTP: Because FTP uses two nonadjacent port ranges, two port rules need to be created. Port Rule #1

Port range: 20 to 21 Protocols: TCP

Filtering mode: Multiple Hosts Affinity: Single or Class C Port Rule #2

Port range: 1024 to 65535 Protocols: TCP

Filtering mode: Multiple Hosts Affinity: Single or Class C


Port Rule

Port range: 23 to 23 Protocols: TCP

Filtering mode: Multiple Hosts

Affinity: None (because only a single TCP connection is used)


Port Rule

Port range: 80 to 80 Protocols: TCP

Filtering mode: Multiple Hosts

Affinity: None (if session state is not stored on the cluster) Single or Class C otherwise HTTP over SSL: Port Rule

Port range: 443 to 443 Protocols: TCP

Filtering mode: Multiple Hosts Affinity: Single or Class C

VPN via PPTP/GRE or IPSEC/L2TP: Port Rule for PPTP

Port range: 1723 to 1723 Protocols: TCP

Filtering mode: Multiple Hosts Affinity: Single or Class C Port Rule for IPSec

Port range: 500 to 500 Protocols: UDP

Filtering mode: Multiple Hosts

Affinity: Single or Class C

For VPN connections, NLB requires two separate network adapters. One of them is configured only with a shared cluster IP address (no dedicated address should be assigned to it); the other uses a unique one. These addresses cannot belong to the same class C network. Default port rules can be used. Choose between a single and multiple hosts filtering mode, depending on whether you want to provide failover or load balancing. This type of configuration is one of a few exceptions for which it is recommended to use unicast mode, rather than multicasting.

On Windows Server 2003 Enterprise and Datacenter Servers, Network Load Balancing is capable of keeping track of IPSec sessions. This way, the existing connections are maintained even after such convergence-affecting events such as adding or removing a cluster node.

Was this article helpful?

+2 0


  • doreen roth
    Can you have an nlb cluster with nodes from multiple subnets?
    7 years ago
  • sinit
    How many NLB cluster can you configure in windows 2008?
    7 years ago
  • russom medhane
    How many host can a nlb cluster have?
    7 years ago
  • Enrica
    How to properly configure nlb cluster in windows 2003?
    7 years ago
  • onni
    Why nlb cluster not able to connect to other host with administrative privilege?
    6 years ago
  • wolfgang
    How to use network load balancing with ftp in windows 2008?
    6 years ago
  • Adelbert Longhole
    How to configure ip addresses nlb two adapters?
    6 years ago
  • Graham
    How to change TMG nlb affinity to none?
    1 year ago
  • teppo
    Which of the following is the function of port rules in an NLB cluster?
    11 months ago

Post a comment