© 2006 Cisco Systems, Inc. All rights reserved.1 Microsoft Network Load Balancing Support Vivek V

Slides:



Advertisements
Similar presentations
Mitigating Layer 2 Attacks
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Chapter 3: Link Aggregation
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
Virtual LANs.
Switching & Operations. Address learning Forward/filter decision Loop avoidance Three Switch Functions.
CISCO NETWORKING ACADEMY Chabot College ELEC Address Resolution Protocol.
Implementing Inter-VLAN Routing
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.
Switching Topic 4 Inter-VLAN routing. Agenda Routing process Routing VLANs – Traditional model – Router-on-a-stick – Multilayer switches EtherChannel.
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
Sybex CCENT Chapter 10: Layer 2 Switching Instructor & Todd Lammle.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Protecting Against Spoofing Attacks.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public BSCI Module 7 Lesson 2 1 IP Multicasting: IGMP and Layer 2 Issues.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
Lesson 1: Configuring Network Load Balancing
Layer 2: Redundancy and High Availability Part 1: General Overview on Assignment 1.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—2-1 Implementing VLANs in Campus Networks Configuring PVLANs.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—1-1 Configuring Catalyst Switch Operations Configuring a Catalyst Switch.
Speaker 2006/XX/XX Speaker 2007/XX/XX IGMP Snooping CK NG Technical Marketing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Chapter 4: Managing LAN Traffic
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 8 – PIX Security Appliance Contexts, Failover, and Management.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
Module 13: Network Load Balancing Fundamentals. Server Availability and Scalability Overview Windows Network Load Balancing Configuring Windows Network.
IEEE 802.1q - VLANs Nick Poorman.
Module 6 – Switch Configuration CCNA 3 Cabrillo College.
Building Cisco Multilayer Switched Networks (BCMSN)
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 9 Internet Group Management Protocol (IGMP)
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 7 Internet Protocol (IP) Routing.
Medium-Sized Switched Network Construction NetPro-ITI Implementing VLANs and Trunks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching 3.0.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 8 Virtual LANs Cisco Networking Academy.
LAN Switching Concepts. Overview Ethernet networks used to be built using repeaters. When the performance of these networks began to suffer because too.
Switching Topic 2 VLANs.
© 2002 Global Knowledge Network, Inc. All rights reserved. Windows Server 2003 MCSA and MCSE Upgrade Clustering Servers.
Virtual Local Area Networks (VLANs) Part II
Switching Topic 3 VTP. Agenda VTP basics Components Frames and advertisements Domains and revision numbers VTP operations VTP pruning VTP issues.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 Multicasting within UCS Qiese Dides.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
 RIP — A distance vector interior routing protocol  IGRP — The Cisco distance vector interior routing protocol (not used nowadays)  OSPF — A link-state.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Cisco Networking Training (CCENT/CCT/CCNA R&S) Rick Rowe Ron Giannetti.
+ Lecture#8: VLAN Asma AlOsaimi Topics VLAN Segmentation VLAN Implementation VLAN Security and Design 3.0.
LAN Switching Virtual LANs. Virtual LAN Concepts A LAN includes all devices in the same broadcast domain. A broadcast domain includes the set of all LAN-connected.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 VLANs.
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
Network Load Balancing Addressing
Layer 2 Attacks and Security
MAC Address Tables on Connected Switches
Selecting Unicast or Multicast Mode
Network Load Balancing
Module 8: Concepts of a Network Load Balancing Cluster
Network Load Balancing Topology
ARP: Address Resolution Protocol
Routing and Switching Essentials v6.0
Chapter 3: Implementing VLAN Security
Ch 17 - Binding Protocol Addresses
Sécurisation au niveau 2 pour certains matériels Cisco
Multicasting Unicast.
Presentation transcript:

© 2006 Cisco Systems, Inc. All rights reserved.1 Microsoft Network Load Balancing Support Vivek V

© 2006 Cisco Systems, Inc. All rights reserved.2 Agenda MS NLB Overview MS NLB Unicast mode MS NLB Multicast mode Catalyst switches and NLB Limitations and Restrictions Known Bugs References

© 2006 Cisco Systems, Inc. All rights reserved.3 MS NLB Overview Provides scalability and high availability to enterprise-wide TCP/IP services, such as Web Servers. Network Load Balancing servers (also called hosts) in a cluster communicate among themselves to provide key benefits, including: Scalability: up to 32 servers. High availability. automatically detects failure of a server. Distributes IP traffic to multiple copies (or instances) of a TCP/IP service, such as a Web server, each running on a host within the cluster. Transparently partitions the client requests among the hosts and lets the clients access the cluster using one or more "virtual" IP addresses.

© 2006 Cisco Systems, Inc. All rights reserved.4 MS NLB Overview (cont’d) Looks like a single-host/IP server to outside world/clients. All of the hosts must recv all incoming requests. Then, NLB infra distributes load between the servers

© 2006 Cisco Systems, Inc. All rights reserved.5 MS NLB Unicast mode Default mode Works seamlessly on physical environments, based on flooding User specifies a shared IP for all hosts in the cluster A shared MAC is auto- generated and set on Host/VM interfaces: A:B:C:D -> 02:BF:A:B:C:D

© 2006 Cisco Systems, Inc. All rights reserved.6 MS NLB Unicast mode (cont’d) How is the shared IP/MAC used? ARPing of the shared IP: ARP reply will have the shared-MAC in ARP header, but not in the ethernet header Host-1Host-2Host-3 Incoming Packets: Sent to shared MAC (02:BF:A:B:C:D) This MAC is not learned anywhere -> FLOOD Outgoing Packets: Sent using a different src-MAC (02:01:A:B:C:D), so the shared MAC won’t be learned

© 2006 Cisco Systems, Inc. All rights reserved.7 MS NLB Multicast Mode How is the shared IP/MAC used? In multicast mode: The cluster members respond to ARPs for their virtual address using a multicast MAC address for example e and to send IGMP Membership Report packets. If IGMP snooping is enabled on the local switch, it snoops the IGMP packets that pass through it. This prevents flooding. Host-1Host-2Host-3 Incoming Packets: Sent to shared MAC (03:00:5e:B:C:D) This MAC needs to be put into the mac address table via IGMP snooping Outgoing Packets: Sent using a different src-MAC (02:01:A:B:C:D), so the shared MAC won’t be learned

© 2006 Cisco Systems, Inc. All rights reserved.8 NLB Multicast Mode (cont’d) Issues with using IGMP snooping: -- The mac address will be present in the IGMP snooping database and will e mapped to the ports to which the servers are connected. HOWEVER: -- The servers will respond to arps for the VIP with a multicast mac address. -- The switch will not accept this and will drop the response and the VIP will lose connectivity. -- Hence we need to disable IGMP snooping.

© 2006 Cisco Systems, Inc. All rights reserved.9 MS NLB Multicast mode cont’d -Disabling snooping leads to flooding. -Arp will still be incomplete. SOLUTION: -STATIC ARP arp e STATIC MAC mac−address−table static e vlan 200 interface fa2/3, fa2/4 NOTE: mac−address−table static e vlan 200 interface fa2/3, fa2/4 disable- snooping In the platform catalyst 6500

© 2006 Cisco Systems, Inc. All rights reserved.10 MS NLB Multicast mode cont’d Note: Statically mapping MAC to multiple ports is supported only in software on the Catalyst 4500 switch. Using this configuration on Catalyst 4500 switch may cause high CPU Solution: add the servers to a separate VLAN and allow flooding in the vlan (prune the vlan from trunks that do not need them)

© 2006 Cisco Systems, Inc. All rights reserved.11 Problems with NLB Multicast mode -- On The cat6k later IOS, it will not show the disable snooping option even though the servers are in multicast mode Solution: -- This is because the switch does not recognize the macs that conform to IGMP multicast i.e exx.xxxx, exx.xxxx -- Check the IGMP checkbox on the server to generate an IGMP compliant mac address.

© 2006 Cisco Systems, Inc. All rights reserved.12 Example setup and configuration Example setup

© 2006 Cisco Systems, Inc. All rights reserved.13 Configuration Cat6K#show running-config Building configuration... ! ! interface FastEthernet2/1 description "Uplink to the Default Gateway" no ip address switchport switchport access vlan 100 ! ! interface FastEthernet2/3 description "Connection to Microsoft server" no ip address switchport switchport access vlan 200 ! interface FastEthernet2/4 description "Connection to Microsoft server" no ip address switchport switchport access vlan 200 ! ! mac-address-table static e vlan 200 interface fa2/3 fa2/4 disable-snooping ! --- Creating a static entry in the switch for the multicast virtual mac. ! --- fa2/3 & fa2/4 are the ports connected to server. !--- The disable-snooping is applicable only for Cisco Catalyst 6000/6500 series switches arp e ! is the Virtual IP of 2 servers

© 2006 Cisco Systems, Inc. All rights reserved.14 Verification show mac-address-table - Displays a specific MAC address table static and dynamic entry or the MAC address table static and dynamic entries on a specific interface or VLAN. Cat6K#show mac-address-table e Mac Address Table Vlan Mac Address vType Ports e STATIC Fa2/3 Fa2/4 show ip arp - Displays the Address Resolution Protocol (ARP) cache. Cat6K#show ip arp Protocol Address Age (min) Hardware Addr Type Interface Internet e ARPA Vlan200

© 2006 Cisco Systems, Inc. All rights reserved.15 Known Bugs CSCsw72680CSCsw72680 IP - Packets loop if running Microsoft NLB in presence of PIM CSCtx95441CSCtx95441 Destination MAC on mapping unicast IP to multicast MAC CSCsu84397CSCsu84397 Sup6E Static ARP to multicast mac address may cause routing loop CSCug49149CSCug49149 PFC3B/DFC3B - Routed Microsoft NLB traffic black-holed across a DEC CSCsy62709CSCsy62709 MLS CEF - Packets loop if running Microsoft NLB in presence of PIM CSCuh08087CSCuh08087 Microsoft NLB multicast mode broken on 3850

© 2006 Cisco Systems, Inc. All rights reserved.16 References Microsoft Technical Overview: Cat6k Config Example: Vmware + Ucast mode Workaround:

© 2006 Cisco Systems, Inc. All rights reserved.17 Limitations and Restrictions not supported on PVLAN ports. not supported on the ports configured with UUFB (unknown unicast flood blocking). not supported on the ports configured with “switchport port-security mac-address sticky”.

© 2006 Cisco Systems, Inc. All rights reserved.18

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.