Setting Cluster Parameters for Network Load Balancing

The Cluster Parameters tab, shown in Figure 24-2, has options that apply to the entire cluster. Configure the cluster parameters for each host in the cluster, using the guidelines discussed in this section.

Primary IP Address Enter the cluster's primary IP address, using standard Internet dotted notation. The address is a virtual IP address because it's the one that's used for the cluster as a whole. You must use the same address for all the hosts in the cluster.

Subnet Mask Enter the subnet mask, which is linked to the IP address you just entered (for instance,

Cluster's Full Internet Name Enter the cluster's full Internet name, for example, This name is applied to the cluster as a whole, and should be the same for all the hosts in the cluster. The name must also be resolvable to the cluster's primary IP address through a DNS server or the HOSTS file.

Nlb Mac Address

Figure 24-2. NLB cluster parameters are the same on all nodes of the cluster.

Cluster's Network Address NLB automatically generates the network address (MAC address) for the NIC that will handle client-to-cluster traffic, based on the cluster's primary IP address. If multicast support is enabled, NLB uses a locally administered address that is also a multicast MAC address.

Cluster Operation Mode Specify multicast or unicast mode. In either mode, NLB will use the cluster IP address to generate a locally administered MAC address.

In unicast mode, NLB generates a unicast MAC address that it uses in place of the NIC's hardware MAC address. This address is used for packets sent from the cluster IP address, and for packets from other IP addresses configured for the NLB NIC. Because the network stack will never send a packet out to the network wire if it is addressed to a MAC address that is on its own computer, nodes of the same NLB cluster can't communicate with one another using the load-balanced NIC if they're in unicast mode. Unicast mode requires that each cluster node have a second NIC if the nodes need to access one another for reasons other than the NLB service.

If multicast mode is enabled, NLB continues to use the NIC's hardware MAC address with the node's dedicated (unique) IP address, so the cluster nodes can access one another using the load-balanced NIC. However, NLB generates a multicast MAC address for cluster operations. This means that the cluster's primary (unicast) IP address will resolve to this multicast MAC address as part of the ARP protocol.

Take care before enabling multicast mode. Many firewalls and routers—including Cisco routers —fail to add this entry to their ARP cache, causing client communications to the cluster to fail unless you implement a workaround (described next). For this reason, unicast mode is NLB's default mode of operation, even though multicast mode is the preferred mode of operation.

If clients are accessing a cluster operating in multicast mode via a router, the router must accept an ARP reply that has one MAC address in the payload of the ARP structure, but appears to arrive from a station with another MAC address (as seen in the Ethernet header). Additionally, the router must be able to accept an ARP reply that has a multicast MAC address in the payload of the ARP structure. If the router cannot meet these requirements, you may be able to add a static ARP entry to the router or firewall upstream from the cluster to support the resolution of unicast IP addresses to multicast MAC addresses.

If the NIC does not permit changes to the MAC address, you'll have to replace the NIC with one that does. This is a hardware requirement for NLB in unicast mode.

In unicast mode, it's best to use two NICs, dedicating one to client-to-cluster traffic and one to node-specific traffic. Otherwise, the performance level of the cluster suffers.


You cannot mix multicast and unicast mode in a NLB cluster.

New IGMP Multicast Mode IGMP Multicast is a multicast-mode option new to Windows Server 2003. This new option is designed to eliminate switch flooding caused by multicast traffic. Switch flooding occurs when a switch doesn't know which switch port services a particular MAC address, and so needs to send the packet to all switch ports. This, of course, means you've lost the advantages of a switch over a hub.

The Internet Group Management Protocol (IGMP) allows IP hosts to report their multicast group membership to neighboring routers and switches. A layer 3 switch is aware of upper-level network protocols and addresses (like IP), in addition to the layer 2 hardware-level protocols and related MAC addresses. When NLB cluster nodes connect to the network through a layer 3 switch, IGMP reduces traffic through the switch by informing the switch which ports connect to members of the multicast group. To use the IGMP Multicast option effectively, the cluster nodes must connect to the network through a switch that supports IGMP Monitoring. Periodically (once a minute by default) each NLB cluster node sends an IGMP Join message, informing network equipment upstream that it is a member of the cluster's IGMP group.

If you enable IGMP Multicast support, the associated multicast IP address must be a valid Class D IP address—that is, an address in the range to

Remote Password You can supply a remote password for accessing the cluster from a remote Windows Server 2003 computer. This password is used for authentication by the nlb.exe cluster control program (it is not used when controlling the cluster operations from the cluster host). Remote operations from nlb.exe require the /passw parameter on the command line, along with the password, to perform control operations on the cluster.

To eliminate the need for a password, clear both the Remote Password and Confirm Password fields.

If remote control is enabled, it is important to secure the cluster, because it is possible for intruders to take advantage of the environment through the remote-control ports. Use a firewall to control access to the Network Load Balancing UDP control ports (the ports that receive the remote-control commands). By default, these are ports 1717 and 2504 at the cluster IP address. Better yet, use nlbmgr.exe or a WMI-based management tool instead of nlb.exe in remote-control mode.


Nlb.exe remote-control commands don't work properly when IPSec encrypts the packets.

Was this article helpful?

0 0
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


  • Abbie
    How to find nlb cluster mac address?
    7 years ago

Post a comment