Tài liệu Module 9: Installing and Configuring Network Load Balancing doc

Pre-Installation Verify that aggregate subnet throughput supports IP traffic Verify that the throughput of each host is documented Verify that cluster members support client throughput

Trang 1

Contents

Overview 1

Network Load Balancing Driver Installation 7

Configuring the Network Load Balancing

Lab A: Installing and Configuring the

Network Load Balancing Driver 27

Review 44

Module 9: Installing and Configuring Network

Load Balancing

Trang 2

to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may

be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property

Microsoft, Active Directory, BackOffice, Jscript, PowerPoint, Visual Basic, Visual Studio, Win32, Windows, Windows NT are either registered trademarks or trademarks of Microsoft Corporation

in the U.S.A and/or other countries

Other product and company names mentioned herein may be the trademarks of their respective owners

Program Manager: Don Thompson

Product Manager: Greg Bulette

Instructional Designers: April Andrien, Priscilla Johnston, Diana Jahrling

Subject Matter Experts: Jack Creasey, Jeff Johnson

Technical Contributor: James Cochran

Classroom Automation: Lorrin Smith-Bates

Graphic Designer: Andrea Heuston (Artitudes Layout & Design)

Editing Manager: Lynette Skinner

Editor: Elizabeth Reese

Copy Editor: Bill Jones (S&T Consulting)

Production Manager: Miracle Davis

Build Manager: Julie Challenger

Print Production: Irene Barnett (S&T Consulting)

CD Production: Eric Wagoner

Test Manager: Eric R Myers

Test Lead: Robertson Lee (Volt Technical)

Creative Director: David Mahlmann

Media Consultation: Scott Serna

Illustration: Andrea Heuston (Artitudes Layout & Design)

Localization Manager: Rick Terek

Operations Coordinator: John Williams

Manufacturing Support: Laura King; Kathy Hershey

Lead Product Manager, Release Management: Bo Galford

Lead Technology Manager: Sid Benavente

Lead Product Manager, Content Development: Ken Rosen

Group Manager, Courseware Infrastructure: David Bramble

Group Product Manager, Content Development: Julie Truax

Director, Training & Certification Courseware Development: Dean Murray

General Manager: Robert Stewart

Trang 3

Instructor Notes

This module provides students with the knowledge and skills to install and

configure a Network Load Balancing cluster

After completing this module, students will be able to:

Describe the pre-installation decisions for a clustering solution

Install the Network Load Balancing driver

Configure the Network Load Balancing driver

Select the appropriate settings on the Cluster Parameters tab

Select the appropriate settings on the Host Parameters tab

Select the appropriate port rules for the cluster

Determine the proper setting for the Transmission Control Protocol/Internet Protocol (TCP/IP) stack

Determine the post-installation configuration for the cluster

Materials and Preparation

This section provides the materials and preparation tasks that you need to teach this module

Required Materials

To teach this module, you need the Microsoft® PowerPoint® file 2087a_09.ppt

Preparation Tasks

To prepare for this module, you should:

Read all of the materials for this module

Complete Lab A: Installing and Configuring the Network Load Balancing Driver

Study the review questions and prepare alternative answers to discuss

Anticipate questions that students may ask Write out the questions and provide the answers

Presentation:

60 Minutes

Lab:

15 Minutes

Trang 4

Module Strategy

Use the following strategy to present this module:

Pre-Installation Emphasize the importance of preparing for the cluster installation by reviewing the pre-installation checklist with the students

Review the hardware considerations, especially the network adapters Explain and discuss switch flooding and the possible solutions

Network Load Balancing Driver Installation Demonstrate the installation of the Network Load Balancing driver by using the user interface

Configuring the Network Load Balancing Driver Demonstrate configuration of the Network Load Balancing driver by means

of the Network Load Balancing Properties dialog box

Cluster Parameters

Demonstrate the configuration settings for the Cluster Parameter tab by

means of the user interface Type in examples of a Primary IP address and a full Internet name

Explain the security issues with managing a Network Load Balancing cluster from a remote location

Discuss the differences between unicast and multicast and identify the advantages of each mode

Host Parameters

Demonstrate the configuration settings for the Host Parameter tab

Explain all of the dialog box settings

Port Rules

Demonstrate the configuration settings for the Port Rules tab by means of

the user interface

Discuss the importance of maintaining consistent port rules across all of the cluster hosts

Demonstrate how to configure the filtering modes for the Network Load Balancing driver by means of the user interface Explain all of the dialog box settings

Demonstrate the configuration settings for the Affinity tab by means of the

user interface Explain all of the dialog box settings

Demonstrate the configuration settings for the Load Weighting and

Priority tab Explain all of the dialog box settings

TCP/IP Properties

Demonstrate the configuration settings for the General tab of the Internet

Protocol (TCP/IP) Properties dialog box by means of the user interface

Post-Installation Configuration Review with the students the proper handling of the registry changes

Trang 5

Lab Setup

There are lab setup requirements; the student computer should not have server cluster installed Server cluster was uninstalled in the lab associated with Course 2087A, Module 7, Lab A: Cluster Maintenance, Exercise 2: Removing the Cluster Service

The following list describes the setup requirements for LabA: Installing and Configuring the Network Load Balancing Driver

Required minimum of one network adapter on the student computer

Static Internet Protocol addresses are allocated to the adapter

Default.asp pages must be added to the default site of each individual student’s Web server

Instructors Notes

Exercise 1 Network adapters will have been renamed if students completed Course 2087A, Module 3, Lab A: Configuring Advanced Server for Cluster Installation, Exercise 2: Set Up Public and Private Networks for Cluster Installation You can continue to use these names (Cluster Private, Cluster

Public) or rename them to Local Area Connection providing that you

advise the students which names to use

Ensure that the students select a network adapter that provides connectivity with all of the student’s computers in the classroom If you have multiple network adapters in the student computer, the students can be confused as to which one to select

Exercise 2

In this exercise students will examine the current configuration of their network adapters The IP addresses resolved during this exercise will have been allocated during previous exercises If your configuration constrains the IP addresses in your classroom, you need to advise the students of the IP addresses that they must use

Trang 7

Overview

Pre-Installation

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

In this module, you will install and configure the Network Load Balancing driver You will learn how to configure the driver by selecting the appropriate

settings for the Network Load Balancing and TCP/IP Properties dialog

After completing this module, you will be able to:

Describe the pre-installation decisions for a clustering solution

Install the Network Load Balancing driver

Configure the Network Load Balancing driver

Select the appropriate settings on the Cluster Parameters tab

Select the appropriate settings on the Host Parameters tab

Select the appropriate port rules for the cluster

Determine the proper setting for the Transmission Control Protocol/Internet Protocol (TCP/IP) stack

Determine the post-installation configuration for the cluster

In this module, you will learn

about installing and

configuring the Network

Load Balancingdriver

Trang 8

Pre-Installation

Verify that aggregate subnet throughput supports IP traffic

Verify that the throughput of each host is documented

Verify that cluster members support client throughput

Verify that all IP addresses are manually allocated Verify that TCP/IP is bound to the network card

In designing a Network Load Balancing solution, you will collectall of the relevant information that is required to configure your cluster, but initially there are some common considerations that you must address for all of the cluster solutions

Prior to installing the first cluster host, complete the following tasks:

Ensure that only TCP/IP is bound to the network card that you will use as the cluster adapter The Network Load Balancing driver intercepts and supports all IP packets that the hardware driver of the cluster adapter forwards The Network Load Balancing driver only supports IP packets If other protocols, such as Internetwork Packet Exchange (IPX), must be supported, verify that you have installed multiple network interface cards (NIC) in the computer

Ensure that the aggregate throughput of the subnet will support both cluster

IP and dedicated IP traffic for the required number of hosts If the subnet utilization is a concern, you can install multiple network cards or use round robin DNS entries to allow for a reduction in the number of hosts per cluster

Ensure that you have documented the throughput of each host If you have configured all of the cluster members identically, the throughput will be similar

For example, if all of your hosts have the same number of CPUs, clock speed, and network cards, their throughput rate will be very similar If your computers have different clock speeds or number of CPUs, then the throughput rate of each will vary If you use computers with different throughput rates, you can use the manual load balance feature of Network Load Balancing to distribute clients across cluster members

Topic Objective

Describe the pre-installation

decisions for a clustering

solution

Lead-in

In designing a Network Load

Balancing solution, you will

collect all of the relevant

information that is required

to configure your cluster, but

initially there are some

common considerations that

you must address for all of

the cluster solutions

Trang 9

If you are going to use Network Load Balancing in a failover mode of operation, ensure that all of the members of the cluster can support the required client throughput You may deliberately design your system to have performance degrade during failover; for example, if your default host

is a quad CPU computer, you can assign a dual CPU computer with lesser throughput as the next priority (failover) computer, accepting that the performance will degrade until the original default computer is repaired and brought back online

Ensure that all of the IP addresses that you will use for the Network Load Balancing cluster are manually allocated The Network Load Balancing driver is not a Dynamic Host Configuration Protocol (DHCP) client and cannot use DHCP-allocated addresses If the address range that you use is within a corporate DHCP group, ensure that the Cluster IP addresses are excluded from any defined ranges

Trang 10

Hardware Considerations

The Network Load Balancing driver runs within the cluster hosts as part of the Microsoft® Windows® 2000 Advanced Server operating system; it does not require dedicated hardware support The current version of the Network Load Balancing driver operates on Fiber Distributed Data Interface (FDDI) or Ethernet-based local area networks (LAN) within the cluster All cluster members should be on the same broadcast subnet, in the same virtual LAN, or

on a single hub

While the Network Load Balancing driver will work successfully by using one NIC, two NICs are preferred Using two NICs will enable the cluster IP and heartbeat traffic to operate on one NIC and IP traffic for an individual host to operate on the second NIC; for example, when you use two NICs, traffic associated with replication services and backend access to a database is separated from the cluster inbound traffic

If your Network Load Balancing solution will include multiple NICs, it is recommended that the cluster IP and dedicated IP be on different subnets to maximize the throughput available to cluster IP traffic Using different subnets increases security by providing isolation between public and private traffic If all of the NICs are connected to the same subnet, it can create throughput and security limitations in the network

The network adapters that you use must support dynamic allocation of the media access control (MAC) address and multicast MAC address requirements Both multicast and unicast modes of operation will result in the Network Load Balancing driver programming new MAC addresses into the card

Topic Objective

To identify the hardware

considerations for Network

Load Balancing

Lead-in

The Network Load

Balancing driver runs within

the cluster hosts as part of

the Windows 2000

Advanced Server operating

system; it does not require

dedicated hardware support

Trang 11

Controlling Switch Flooding

Hosts on individual ports results

In many networks where collapsed backbone switching technology is used, there are very large port counts available Typically in these environments individual computers are allocated a single switch port to provide maximum possible bandwidth to the computer

If the cluster hosts are directly connected to a switching hub or combined switch/router to receive client requests, you must send incoming client traffic to all of the switch ports that are supporting cluster hosts After a switching hub has identified which port a particular host (recognized by its MAC address) is connected to, it will no longer duplicate inbound traffic to all of the ports Network Load Balancing service prevents a switching hub from identifying the host’s port by masking the source MAC address by using a different MAC address in reply Masking the source MAC address results in the switch continuing to send inbound data to all of the ports, which is called switch flooding If the switch has ports associated with computers other than cluster hosts, these ports will also have the inbound traffic reflected on them, consuming bandwidth on ports where the traffic will be discarded

used, there are very large

port counts available and

individual computers are

allocated a single switch

port

Delivery Tip

Be prepared to explain the

functionality of a layer-2

switch, you may have

students in the class who

are not familiar with the

technology

Trang 12

Considerations for Switch Flooding

Switch flooding can become a problem when:

Applications have significant inbound network traffic directed to the cluster IP; for example where large file uploads use File Transfer Protocol (FTP), the cluster IP will accept a large amount of inbound network traffic

Multiple clusters share a switch and their combined inbound traffic becomes significant compared to the switch port capacity

A switch is configured to use ports to connect to a backbone network that has a higher speed than those that are used to connect to cluster hosts Under this circumstance, switch occupancy can become high, reducing available bandwidth on all of the ports

For example, consider a multiple cluster solution, where a switch uses a gigabit port to connect to a backbone and 100 megabits per second (Mbps) ports for the individual cluster hosts, with a total inbound traffic average of

20 Mbps Because all of the traffic will be reflected to all of the ports, the switch occupancy will average 20 percent for all of the cluster hosts One solution to this scenario is to use multicast mode and set up a virtual LAN in the switch to limit switch flooding

Switch Flooding Solutions

You can avoid switch flooding problems by using two network adapters per host on the cluster subnet to direct network traffic through the cluster hosts by separating inbound and outbound data Using two network adapters allows incoming client traffic to flow through the switching hub for simultaneous delivery to all of the hosts, while outgoing traffic flows directly to the switch ports

If you assign a gateway and interface metric for the dedicated adapter that is less than the value assigned to the cluster adapter, the dedicated adapter will be used for outbound traffic

You can limit all of the traffic for a cluster to one switch port, thereby conserving switch bandwidth Connect the individual cluster members to a hub, with the hub connected to a single switch port This solution is viable providing that a single port will support the maximum required throughput for the cluster

Where all of the cluster members are connected to a single switch port the switch can be allowed to learn the MAC address by setting the registry

setting for HKEY_LOCAL_MACHINE\SYSTEM\

CurrentControlSet\Services\WLBS\ Parameters\MaskSourceMAC = 0 on

all Network Load Balancing hosts Changing the registry setting allows the switch to direct inbound traffic to only one switch port, eliminating switch flooding

Important

Trang 13

Network Load Balancing Driver Installation

Select Driver

Cluster Parameters Host Parameters Port Rules

NLB Cluster Host 1 Properties

General Connect using:

Configure

Description

Sharing

Intel® PRO/100+ Management Adapter

Components checked are used by this connection:

Client for Microsoft Networks

Network Load Balancing

Network Monitor Driver Internet Protocol (TCP/IP) Install… Uninstall Properties This component provides TCP/IP load balancing functionality.

Show icon in taskbar when connected

Cancel

Close

The Windows Network Load Balancing driver is associated with a single network adapter in your computer Configuring the properties of the network adapter that will perform Network Load Balancing completes installation of the driver To avoid networking problems, follow these steps in the exact order shown

To install Network Load Balancing:

1 Open Network and Dial-up Connections

2 Right-click the Local Area Connection on which you will install Network Load Balancing, and then click Properties The Local Area Connection

Properties dialog box appears

3 Under Components checked are used by this connection, you see

Network Load Balancing Note that it is listed but not selected (If

Network Load Balancing is not listed, search for Installing Network Load

Balancing If It was Previously Uninstalled in the Help for Windows 2000

associated with a single

network adapter in your

computer

Delivery Tip

To make the presentation

more dynamic, use the UI to

demonstrate the installation

procedure

Important

Trang 14

Configuring the Network Load Balancing Driver

response to traffic

apply to default traffic

apply to the cluster

Network Load Balancing Properties

Cluster Parameters

Primary IP address 1 1 1 100 Subnet mask 255 255 255 0 Full Internet name cluster.domain.com Network address 02-bf-01-01-01-64 Multicast support enabled Remote password

Confirm password Remote control enabled Please consult on-line help for configuration information

When you enable the Network Load Balancing driver, you configure it to provide the type of service that is appropriate for your Network Load Balancing

cluster plan There are three tabs associated with the configuration, Cluster

Parameters, Host Parameters, and Port Rules Incorrect configuration can

result in incorrect operation or prevent the host that is being configured from joining a cluster

You should plan what type of configuration you want to implement for the host before enabling and configuring the Network Load Balancing driver, because the type of service required, ports supported, IP addresses, and network configuration all influence the configuration parameters

The Network Load Balancing driver checks configuration parameters entered in

the Network Load Balancing Properties dialog box for validity Cluster

operations will not start if a problem is detected All detected errors are reported

in the Windows event log and are classified into the following categories

Information events Record state transitions, such as driver startup, the completion

of convergence, and the completion of cluster control actions

example, a configuration problem, such as an invalid dedicated IP address or other parameter

configuration parameter problems, inconsistencies, or unexpected execution errors

When you enable the

Network Load Balancing

driver, you can configure it

to provide the type of

service that is appropriate

for your Network Load

Balancing cluster plan

Delivery Tip

Review each of the

components of the Network

Load Balancing Properties

dialog box

Trang 15

Cluster Parameters

Set Cluster Internet name

Confirm password Remote control enabled Please consult on-line help for configuration information

The Cluster Parameters tab contains the configuration elements associated

with the virtual IP address, the Domain Name System (DNS) name for the host, the host mode (unicast or multicast), and the remote control password and permission

To configure the Cluster Parameters tab:

1 Open Network and Dial-up Connections

2 Right-click Local Area Connection, and then click Properties

3 In the Local Area Connection Properties dialog box, click Network Load

Balancing, and then click Properties The Network Load Balancing Properties dialog box appears

4 On the Cluster Parameters tab, specify values for Primary IP address,

Subnet mask, Full Internet name, Multicast support, and the remote

options, such as Remote password, Confirm password, and Remote

control, by using information from the installation checklist

Primary IP Address and Subnet Mask

The primary address is a virtual IP address and must be set identically for all of the hosts in the cluster You use this IP address to address the cluster as a whole, and it should be the IP address for the full Internet name that you specify for the cluster The subnet mask must be identical on all cluster members, as they must be on the same subnet

Full Internet Name

The full Internet name specifies the full Internet name for the Network Load Balancing cluster This name is used for the cluster as a whole, and should be the same for all hosts in the cluster, the DNS aliases, but this entry must resolve

to the cluster virtual IP address

Topic Objective

To configure the Cluster

Parameters tab

Lead-in

The Cluster Parameters

tab contains the

configuration elements

associated with the virtual IP

address, the DNS name for

the host, the host mode

(unicast or multicast), and

the remote control password

and permission

Delivery Tip

Review each of the

components of the Cluster

Parameters tab

Trang 16

Remote Control

By default, you must control all cluster hosts locally If you plan on performing remote administration (start, stop, and configuration of the cluster members), you can enter and confirm a password for remote operations You can only enable remote control by using the check box

Trang 17

Selecting Unicast or Multicast Mode

Network Load Balancing can use one of two IP protocol configurations, unicast

or multicast By default, Network Load Balancing will use unicast You must decide whether the unicast mode will be suitable for your cluster

The Network Load Balancing service does not support a mixed unicast and multicast environment All cluster hosts should be either multicast

or unicast or the cluster will not function properly

Network Load Balancing’s unicast mode induces switch flooding to simultaneously deliver incoming network traffic to all of the cluster hosts Also, when Network Load Balancing uses multicast mode, switches often flood all of the ports by default to deliver multicast traffic

However, Network Load Balancing's multicast mode gives the administrator the opportunity to limit switch flooding by configuring a virtual LAN within the switch for the ports corresponding to the cluster hosts You can configure a virtual LAN by manually programming the switch or by using the Internet Group Management Protocol (IGMP) or the Generic Attribute Registration Protocol Multicast Registration Protocol

The current version of Windows Network Load Balancing does not provide automatic support for IGMP or Generic Attribute Registration Protocol Multicast Registration Protocol

Unicast Mode

The unicast operation uses a single MAC address for all of the operations involving the cluster adapter Using a single MAC address has the side effect of disabling all communication between cluster hosts, because outgoing packets for another cluster host are sent to the same MAC address as the sender These packets are then looped back within the sender stack and never reach the network

Topic Objective

To describe the process of

selecting the unicast or

multicast mode

Lead-in

can use one of two IP

protocol configurations,

unicast or multicast

Important

Note

Trang 18

Multicast Mode

Multicast provides no significant advantage over unicast from a network traffic perspective, and the increased multicast processing overhead for routers and switches may lead to degraded or slower performance You should carefully analyze the network impact when you use multicast to avoid congestion in other network devices

Host Communication

You will need to make decisions about host communications depending on your clustering plan If communication between hosts is required, you can use:

recommended configuration that works in both routed and nonrouted environments The configuration complexity is greater because it has multiple NICs and usually multiple subnets

additional restrictions within a routed environment, in that the routers must handle multicast information Verify that any routers in your network path will support cluster multicast Address Resolution Protocol (ARP) packets

It is recommended that you use Unicast with multiple NICs for maximum flexibility in a routed environment

Note

Trang 19

Host Parameters

OK Port Rules

Cancel

The Host Parameters tab contains the configuration elements, which control

the priority for default traffic, the start state for the cluster software, and the dedicated IP address for traffic that is not associated with load balancing

To configure host parameters:

1 Click the Host Parameters tab in the Network Load Balancing

Properties dialog box

2 Specify values for Priority (Unique host ID), Initial cluster state,

Dedicated IP address, and Subnet mask by using information from your

installation checklist

Failure to set a Unique Host ID will result in the Network Load Balancing cluster failing to converge when another host with a new Unique Host ID is started

Priority

Priority specifies a host’s unique priority for handling default network traffic for TCP and User Datagram Protocol (UDP) ports that are not otherwise specified in an explicit port rule The priority set for this host must be unique in the cluster, but does not require a contiguous series across the cluster members The host with the highest priority (the lowest numerical value) among the current members of the cluster handles all of the cluster’s default network traffic If this host fails or goes offline, the host with the next highest priority within the cluster takes over handling this network traffic

Topic Objective

To configure the Host

Parameters tab

Lead-in

The Host Parameters tab

contains the configuration

elements, which control the

priority for default traffic, the

start state for the cluster

software, and the dedicated

IP address for traffic that is

not associated with load

balancing

Delivery Tip

Review each of the

components of the Host

Parameters tab

Note

Trang 20

Initial Cluster State

The initial cluster state specifies whether Network Load Balancing should start and whether the host should immediately join the cluster when Windows 2000

is starting If you must start other services and applications before cluster operations begin, you can clear this option so that the host will not join the cluster before you have properly configured its services and applications You

can then command a cluster host to join and leave the cluster by using the start and stop commands in the Network Load Balancing command-line control

Dedicated IP Address and Subnet Mask

The dedicated IP address and subnet mask specify that the host’s IP address be used for network traffic that is not associated with the cluster (for example, Telnet access to a specific host within the cluster) The dedicated IP address is used to individually address each host in the cluster and should be unique for each host

Trang 21

Port Rules

and Protocol for this rule

Host Parameters Port Rules

Protocols TCP UDP Both Filtering mode

Multiple hosts Single host Disabled

Affinity None Single Class C Load weight 50 or Equal Handling priority 1

Add Modify Remove Start End Protocol Mode Priority Load Affinity

80 80 Both Multiple Equal None

The Port Rules tab maximizes control of the various types of inbound TCP/IP

traffic by allowing you to configure the port rules to control the cluster network traffic By default there is a single rule which handles all of the traffic that is inbound to the cluster virtual IP You must modify or delete this rule, and create other rules to handle incoming traffic appropriately for your cluster plan

When configuring port rules on multiple members of a cluster you must ensure that:

For every rule that you configure, you will select the applicable port range and protocols You can set the port range to an individual port by entering the same value in both dialog boxes and you can set the protocol to TCP, UDP, or both

The rules that you enter on each host in the cluster must have matching filtering mode, affinity, and load weight and priority If Network Load Balancing detects an inconsistent rule among the hosts in the cluster, it records a message in the Windows event log

The number and type of rules must exactly match for each host in the cluster If a host attempts to join the cluster with a different number and type

of rules from the other hosts, it will fail to go online and a message about the host status will be entered into the Windows event log

The following procedures describe how to create, modify, and delete the port rules

Topic Objective

To configure the Port Rules

tab

Lead-in

The Port Rules tab

maximizes control of the

various types of inbound

TCP/IP traffic by allowing

you to configure the port

rules to control the cluster

network traffic

Delivery Tip

Review each of the

components of the Port

Rules tab

Trang 22

To create a new port rule:

1 Click the Port Rules tab in the Network Load Balancing Properties

dialog box

2 Specify values for Port range, Protocols, Filtering mode, Affinity, Load

weight, and Handling priority using the information from your installation

checklist

3 Click Add

To modify an existing port rule:

To delete a port rule:

dialog box

2 On the Port Rules tab, click the rule that you want to remove, and then click Remove

Trang 23

Filtering Mode

Handling Priority

Cluster Parameters Port range 80 to 80

The filtering mode for Network Load Balancing is the method by which a cluster host handles a port’s inbound network traffic to the virtual IP address The filtering mode can allow inbound traffic to be handled by multiple hosts, a single host, or discarded by a host

The filtering mode (rule) is applied to a numerical range of ports, by defining a port rule with a set of configuration parameters that define the filtering mode The rules that you enter on each host in the cluster must have matching port ranges, protocol types, and filtering modes

You can make three choices when deciding on the filtering mode for a Network Load Balancing cluster They are outlined in following the table

traffic for the associated port rule

according to the specified priority, will handle network traffic for the associated port rule

blocked

Topic Objective

To describe the selection of

the filtering mode on the

Port Rules tab

Lead-in

The filtering mode for

Network Load Balancing is

the method by which a

cluster host handles a port’s

inbound network traffic to

the virtual IP address

Trang 24

Your selection of multiple, single, or disabled hosts is based on the following information:

Select Multiple hosts when you want inbound traffic to be balanced across

cluster members This setting allows all cluster hosts to share, to a defined extent, all of the inbound client connection requests or UDP data streams

Select Single host when you want all inbound traffic to go to a single

member of the cluster The highest priority host will service all inbound traffic, and if this host fails, then the next highest priority host will handle all of the inbound traffic This mode of operation provides fault tolerance without load balancing

Select Disabled when you wish to block traffic to a designated port

Blocking traffic allows you to build a firewall-like capability for TCP and UDP data at the Network Load Balancing driver The filtering capability of the Windows 2000 TCP/IP stack allows additional filtering of inbound traffic, you can protect your application server from some forms of malicious attacks against the defined ports

Creating rules to disable traffic handling can simplify protection by ensuring that traffic is discarded before being passed to the TCP/IP stack

Filtering by using the disabled setting in a rule applies only to defined TCP and UDP traffic; other protocols, such as ICMP, are not disabled

Note

Trang 25

Affinity

Select Affinity mode for client IP

Cluster Parameters Port range 80 to 80

Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting to control how multiple connections from a single client will be distributed in a load balancing cluster

By default affinity will be set to single after you install the Network Load

Balancing driver You implement affinity by directing all client requests from the same IP address, or a Class C group of addresses to the same cluster host The following table provides a summary of the affinity choices available to you

requests from the same client to the same cluster host

the same client IP address to the same cluster host Single affinity is the default setting

same TCP/IP Class C address range to the same cluster host

Topic Objective

To describe how affinity is

configured on the Port

cluster, you can be required

to select an Affinity setting

to control how multiple

connections from a single

client will be distributed in a

load balancing cluster

Trang 26

You will base your selection of None, Single, or Class C affinity on the following criteria:

Select None (no affinity) when you can distribute the client connections to

any cluster member; for example, when load balancing a simple Hypertext Markup Language (HTML) based Web site or a virtual private network (VPN) server, all of the client connections can go to any cluster member

Select Single affinity where the same cluster host must service all

connection requests from a single client, for example the same host must handle Hypertext Transfer Protocol (HTTP) connections and Hypertext Transfer Protocol Secure (HTTPS) connections from a client

Select Class C affinity where client connections can appear to come from

different IP source addresses; for example when the Network Load Balancing cluster is isolated from the clients by a proxy array, Class C affinity would be the appropriate choice for the clustered environment If

you do not need this capability, select the Single affinity option instead to

maximize scaled performance when using client affinity

When making a decision to enable or disable client affinity use the following criteria:

Enabling either Single or Class C affinity ensures that only one cluster host handles all of the connections that are part of the same client session Traffic handling by a single host is essential if the server program running on the cluster host maintains session state (such as server cookies) between connections

Disabling client affinity improves performance in a load balancing cluster because it allows different cluster hosts to concurrently handle multiple connections from the same client To maximize scaled performance, disable

client affinity (by using the None option) when it is not needed

Tiêu đề	Installing and Configuring Network Load Balancing
Tác giả	April Andrien, Priscilla Johnston, Diana Jahrling, Jack Creasey, Jeff Johnson
Người hướng dẫn	Don Thompson
Trường học	Microsoft Corporation
Chuyên ngành	Network Load Balancing
Thể loại	tài liệu
Năm xuất bản	2000
Thành phố	Redmond

Định dạng
Số trang	52
Dung lượng	1,04 MB