Saturday, November 9, 2013

Frequently Asked Questions on Windows NLB

Frequently Asked Questions on Windows NLB

Q. What is Network Load Balancing? 
NLB is a distributed algorithm used to load balance network traffic across a number of hosts.

Q. What is a Cluster? 
A cluster is a group of independent computers that work together to run a common set of applications and provide the image of a single system to the client and application.

Q. What are the differences between NLB Clusters and Server Clusters? 
Server Cluster is a collection of servers that together provide a single, highly available platform for hosting applications.
NLB Clusters dynamically distribute the flow of incoming TCP and UDP traffic among the cluster nodes according to a set of traffic-handling rules. NLB usually functions at the network level and have little to do with the actual application. There is no shared disk requirement.

Q. Can I Use NLB and Server Clusters on the same set of servers?
No. NLB and Server Clusters CANNOT be used on the same set of servers.

Q. How large can my NLB cluster be?
A single NLB cluster supports up to 32 hosts.

Q. Are there any performance concerns as my cluster grows? 
Yes. NLB performance begins to decrease from the linear as the cluster grows beyond 20-25 nodes.

Q. How can I get around the 32-node limit on NLB? 
NLB can be used to scale beyond 32 machines by using Round Robin DNS between multiple NLB Clusters.
For example, if virtual IP 1 (VIP1) has 32-nodes behind it, and VIP2 has another 32 nodes behind it, you can load balance between VIP1 and VIP2 using Round Robin DNS, hence having 64 nodes in NLB. The same analogy can be scaled to very large number of nodes. (Although I don’t see a reason why you would need so many nodes operating in tandem).

Q. How Does NLB Detect a Server Failure? 
NLB Cluster host emits “heartbeats” to the other hosts in the cluster. If a host fails and stops emitting heartbeats, then after a default time period of 5 seconds, the remaining hosts in the cluster undergo a process called convergence to remove the failed host from the cluster and have new client connection requests mapped to remaining hosts in the cluster.

Q. How long does it take for a failed Server to be removed from the cluster? 
5 seconds are required to detect a failed host it is default time.
2 to 3 seconds to remove the failed host and redistribute its load to the alive hosts.

Q. Do the heartbeat packets consume a lot of bandwidth?
No. Heartbeat packets are emitted every second by each host and consume less than 1,500 bytes

Q. Is NLB a kernel component? 
Yes. NLB has a Windows kernel component called WLBS.SYS. (WLBS = Windows Load Balancing Services)

Q. What are the benefits of NLB over simple Round Robin Domain Name Service (RRDNS)?
In Windows NLB, automatic recovery occurs within 5 seconds
The load balancing is more even in the case of Windows NLB, when compared to Round Robin DNS.

Q. How Does NLB Cluster Convergence Work? 
Convergence involves computing a new cluster membership list and recalculating the statistical mapping of client requests to the cluster hosts. There are two instances in which cluster traffic has to be remapped due to a change in cluster membership:
1. when a host Leaves the Cluster, and
2. when a host Joins the Cluster.

Q. Can NLB Balance Load Based on CPU/Memory Usage?
No. NLB does not respond to changes in the server load such as CPU usage or MEMORY utilization or the HEALTH of an APPLICATION. NLB has nothing to do with the application itself. It merely balances evenly the network traffic among a number of nodes based on some port rules. If your NLB nodes are of different hardware configurations, you may face problems when requests are sent to the slower node, because NLB has no way of finding out which node is slow, it just evenly distributes traffic. period.

Q. Will I get more even Load Balancing if most clients connect to the NLB Cluster through a proxy?
If the cluster is configured in No Affinity mode, NLB will use both the Source IP Address and the Source Port to achieve the load balancing, and so load will be distributed amongst all of the hosts.


Q. What is the basic difference between Multicast and Unicast Modes of operation?
Unicast:

There is no inter-host communication possible between the hosts configured in Unicast mode with 1 NIC.
Multicast:
Allows inter-host communication between the hosts configured in Multicast mode with 1 NIC.

Q. How do I Reduce Switch Flooding Caused by Network Load Balancing?
Hosts can be homed to their own LAN or Virtual LAN. It will work for both Unicast or Multicast modes.

Q. Does NLB require two Network Cards per host?
No.

Q. How do I configure layer 2 switches to work with Windows NLB?
Make sure that the switch does not associate the cluster MAC address with a particular switch port!

Q. How Do I Configure Layer 3 Switches to work with Windows NLB?
Layer 3 switches need to be specially configured to work with NLB. A VLAN must be established for the hosts in the cluster, and this VLAN must be configured to operate in Layer 2 mode.

Q. How Do I Remove the Switch as a Single Point-of-Failure?
Create a subnet that spans two switches and connect half of the NLB cluster nodes to each switch. In this case, if one switch fails, you only lose half of your nodes from participating in the NLB. Alternatively, you can have other failover arrangements on your core switch.

Q. I Have two Network Adapters on each server in my NLB Cluster. How do I ensure that all outbound traffic goes through non-load-balanced network adapters?
Simply set the metric on the cluster NIC to a higher value than the non-cluster NIC.

Q. Can I Have Part of the Cluster Operate in Multicast Mode and the Other in Unicast Mode?
No. The entire cluster MUST be in one operational mode.

Q. Does NLB Support Multiple Virtual IP Addresses?
Yes. NLB supports multiple, virtual IP addresses.

Q. Is it possible to specify different port rules for different virtual IP addresses (VIPs) on the same set of hosts?
Windows Server 2003 supports specifying different port rules for different virtual IPs. However, this is not supported on Windows 2000 NLB.

Q. Is it possible to mix Windows NT 4.0 WLBS, Windows 2000 WLBS and Windows Server 2003 in the same cluster?
Yes. Mixing is supported.

Q. Is it possible to Bind NLB to multiple interfaces?
Yes. This is supported in Windows Server 2003 only.

Q. Can I have two NLB clusters on the same subnet?
Yes. In a switched environment.

Q. We Need to span a cluster, where nodes are distributed across buildings. Can we use NLB to load-balance them?
Yes. As long as the hosts are part of the same subnet.

Q. How can I keep a record of NLB Manager activities?
Configure Network Load Balancing Manager to log each event.

Q. Can I manage an NLB Cluster remotely using WLBS.EXE?
Yes, but this is generally not recommended.

Q. How do I deal with Denial of Service (DOS) attacks on my NLB Cluster?NLB utilizes the TCP/IP Denial of Service attack protection.

Q. How Do I secure my NLB Cluster?
NLB assumes that the LAN to which it is homed is trusted. There are no security features to configure on the NLB itself. Administrators should secure the network itself using firewalls, intrusion prevention systems, etc.

Q. How do I configure my cluster to handle load non-uniformly?
To configure a host to handle more or less than an equal share of the load, edit the port rule to clear the “Equal” load weight check box and enter a load weight number between 1 and 100.

Q. How Does Single Affinity Mode Differ From No Affinity Mode? Which One Should I Use to Load Balance My Application?

Single Affinity mode:
NLB load balances traffic based only on the Source IP Address of the incoming connection. Single Affinity mode ensures that all TCP connections originating from the same client (IP Address) are sent to the same host in the cluster.

No Affinity mode:
NLB load balances traffic is based on Source IP Address and Source Port of the incoming connection request. In No Affinity mode, multiple connections from the same client may be handled by different hosts in the cluster as long as these connections have different source ports.

Q. If my clients use SSL to connect to my web servers, can I still use NLB to load balance these web servers?
Yes, for efficiency reasons configure the port rule in Single Affinity mode.

Q. I have multiple web servers on my NLB. How do I make sure that the website content is exactly the same on all nodes so that all users get the same version of the page?
NLB has nothing to do with your application/web site. It merely distributes requests evenly between the nodes. The synchronization/replication of content/data evenly between the two nodes has to be done manually or by using another solution.

Q. Can I use NLB to load balance my database server?
No, for database servers like Microsoft SQL Server, use Server Clusters/Microsoft Cluster Service instead. You can, however, use NLB on your front end application web servers and have them connect to the Server Cluster on your database servers. See image below.



Q. Can NLB be used for Load Balancing Terminal Server Clusters?
Yes.

Q. While Load Balancing Terminal Server Clusters, how can I ensure that a disconnected user always re-connects to the same terminal server node?
WLBS/NLB relies on the client’s IP address to determine which Terminal Server services a client. If you configure WLBS/NLB to use Affinity, the IP address used by the client is serviced by the same Terminal Server as long as you do not change the Terminal Server cluster.
If you need disconnected clients to connect to the same Terminal Server to recover from a ‘disconnected’ session, the client computers need to use static IP addresses and WLBS/NLB must be configured to use Single Affinity. Note that IP addresses obtained from DHCP servers on the LAN or through your ISP may change, as well as roaming users’ IP addresses. See KB243523.

Q. Does NLB Support WINS Resolution?
No. WINS names should not be automatically registered for the IP addresses configured on the NLB interface. The IP can be mapped statically in WINS.

Q. Can I Use L2TP/IPSec on a NLB Cluster?
Yes, in Windows Server 2003 NLB supports both PPTP and L2TP VPN sessions.

Q. Can I Use Kerberos with Applications Load-Balanced by NLB?
Yes.

Q. Can I Use NLB with Host Header Names?
Yes.

Q. Can I Load-Balance NetBIOS Traffic?
Yes, it is possible, though not recommended for File and Print Services.

No comments:

Post a Comment