Scribd Logo
Hochladen

Willkommen bei Scribd!

  • NLB Data

    Hochgeladen von

    Sathya
    10 Ansichten4 Seiten
    nlb-steps touble

    Originaltitel

    nlb-data

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    TXT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    nlb-steps touble

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    10 Ansichten4 Seiten

    NLB Data

    Hochgeladen von

    Sathya
    nlb-steps touble

    Copyright:

    © All Rights Reserved
    Als TXT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 4

    Troubleshooting NLB

    Updated: February 1, 2011

    This topic provides guidance for diagnosing and resolving issues that you may
    encounter when you use Network Load Balancing (NLB) to load balance traffic among
    Forefront TMG array members.

    The following sections provide:

    Understanding Cluster Operation Modes

    Flowchart for troubleshooting NLB

    Procedures for troubleshooting NLB

    Understanding Cluster Operation Modes

    NLB assumes that NLB interfaces are connected to a Layer 2 device by default. This
    configuration uses the MaskSourceMAC feature to ensure that the switch is unable to
    learn the original source MAC addresses of the NLB hosts.

    In Unicast cluster operation mode, if the switch is unable to associate a MAC


    address with a particular port (because it is masked) it sends the data to all
    switch ports; thereby ensuring that all NLB hosts process the traffic.

    To identify NLB-enabled hosts when using switch or network tracing software look
    for MAC addresses that start with 02. The masked MAC address is similar to the
    original MAC address, but with the first two fields replaced as follows: 02-[Host
    ID including zero]-[Original MAC address values]. That is, an NLB host with a host
    ID of 3 and a MAC address of 00-19-BB-3C-29-08 has a substituted source MAC address
    of 02-03-BB-3C-29-08.

    In Multicast cluster operation mode, when the source MAC address is masked, the ARP
    response from an NLB host includes a substitute source MAC address in the Ethernet
    frame, but contains the correct NLB cluster MAC address in the ARP header. Some
    Layer 3 switches and routers are confused by this response and cannot perform the
    ARP mapping automatically. In this case, create a static ARP entry on the affected
    switch/router which maps the NLB virtual IP address to the NLB cluster MAC address.

    Layer 3 switches provide routing capabilities and must be configured to


    interoperate with Microsoft NLB. Create VLANs that operate in Layer 2 mode and then
    connect NLBenabled interfaces to ports which are associated with this special Layer
    2 mode VLAN. These VLANs now function as Layer 2 devices.

    In unicast mode (the default Forefront TMG cluster operation mode) NLB induces
    switch flooding, by design, relaying packets sent to the VIP addresses to all
    cluster hosts. Switch flooding is part of the NLB strategy for obtaining the best
    throughput for any specific load of client requests. However, if the NLB interfaces
    share the switch with other (non-cluster) computers, switch flooding can add to the
    other computers' network overhead by including them in the flooding and
    consequently have a detrimental effect on network and/or server performance.

    To solve this problem, isolate the NLB hosts so that the inherent switch flooding
    mechanism only affects cluster nodes, as opposed to other non-cluster computers on
    the same network (broadcast domain). This can be achieved by placing the NLB
    interfaces in their own LAN or virtual LAN, thereby creating an isolated network
    for NLB-related communications. Another option to avoid flooding non-cluster
    computers is to place a network hub between the switch and the NLB interfaces, and
    then disable the MaskSourceMAC feature.

    Although multicast mode is often used to remove unicast mode limitations such as
    switch flooding, this operational mode can also cause switch flooding. As with
    unicast mode, this can be solved by placing the NLB interfaces into their own LAN
    or virtual LAN, thereby creating an isolated network across which to pass multicast
    traffic. If this is not possible, map the switch ports to which NLB-enabled
    interfaces are attached to the NLB cluster MAC address via static entries in the
    Content-Addressable Memory (CAM) table of the switch. This ensures that the switch
    is aware of which switch ports are NLB-enabled and eliminates the need to flood all
    ports.

    If you have the network hardware to support it, use the Multicast with IGMP cluster
    operation mode and configure appropriate network devices to support IGMP snooping.
    This restrains multicast traffic in a switched network without the use of dedicated
    VLANs. By default, a LAN switch floods multicast traffic within the broadcast
    domain, consuming bandwidth if several multicast servers send streams to the same
    segment. With IGMP snooping, the switch intercepts IGMP messages from the host and
    updates its MAC table accordingly, eliminating the need to manually update the CAM
    entries.
    Flowchart for troubleshooting NLB

    This flowchart guides you through the steps that are required for troubleshooting
    NLB.
    Flowchart for troubleshooting VoIP
    Procedures for troubleshooting NLB

    The following procedures describe the steps you might need to take when you use the
    flowchart to troubleshoot NLB.

    How to check if the array members are in synch with the CSS

    How to check if NLB integration is enabled

    How to check if the NLB status is green

    How to check if cluster nodes converged successfully

    How to check if NLB cluster is configured in Unicast mode

    How to check if the traffic is blocked by Forefront TMG

    How to check if traffic is distributed equally in the cluster

    How to check if the traffic is blocked at the NLB driver level

    How to check the NLB Hook Rules

    How to check Layer 3 switch

    How to check if the route from the array member to the CSS goes through a NIC
    with MAC address starting with 02-bf

    How to run NLBClear

    How to check if IP is configured correctly

    How to check if the array members are in synch with the CSS
    For more information see Creating a standalone array.
    To check if the array members are in synch with the CSS

    In the Forefront TMG Management console, in the tree, click the Monitoring
    node.

    Click the Configuration tab.

    Verify the configuration status of the servers listed under Configuration


    Status.

    How to check if NLB integration is enabled

    To check if NLB integration is enabled:

    In the Forefront TMG Management console, in the tree, click the Networking
    node.

    In the Tasks pane, check if Configure Load Balanced Network appears.

    If not, click Enable Network Load Balancing Integration to configure NLB.

    Select the networks which will be load balanced. NLB cannot be configured for
    enterprise-level networks and for the following default array-level networks: Local
    Host, Quarantined VPN Clients, and VPN Clients.

    Select a network and click Configure NLB Settings.

    Define the Primary VIP, Subnet mask and Cluster operation mode (Unicast,
    Multicast or IGMP Unicast).
    ImportantImportant:
    The virtual IP address must belong to the network.

    Add additional VIPs if required.

    Repeat the steps above for each network.

    Click Next and then click Finish.

    How to check if the NLB status is green

    For more information, see Monitoring alerts.


    To check if the NLB status is green:

    In the Forefront TMG Management console, in the tree, click the Monitoring
    node.

    In the Alerts tab, check that NLB Started for each array member.

    In the Network Load Balancing Manager (nlbmgr), check the status of the current
    node for all clusters define. Repeat this for each member.

    Run nlb display to view the current state of the NLB cluster and hosts. Repeat
    this for each member.

    How to check if cluster nodes converged successfully

    To check if cluster nodes converged successfully:


    Run nlb query. If the node has converged with the cluster a message appears
    indicating that the node entered a converging state.

    View the event log for entries generated by NLB.

    How to check if NLB cluster is configured in Unicast mode

    To check if NLB cluster is configured in Unicast mode:

    In the Forefront TMG Management console, in the tree, click the Networking
    node.

    In the Tasks pane, click Configure Load Balanced Network.

    Click Next.

    Select the required network, and then click Configure NLB Setting.

    In the Cluster operation mode area, check if Unicast is selected.

    How to check if the traffic is blocked by Forefront TMG

    To check if the traffic is blocked by Forefront TMG:

    In the Forefront TMG Management console, in the tree, click the Troubleshooting
    node.

    Click the Traffic Simulator tab.

    Run the Web access and Non-Web access simulation scenarios. If required update
    the policy rules.

    Check the logs.

    How to check if traffic is distributed equally in the cluster

    To check if traffic is distributed equally in the cluster:

    In the Forefront TMG Management console, in the tree, click the Monitoring
    node.

    Click the Sessions tab.

    Das könnte Ihnen auch gefallen