VMware Cloud Community
Aszurom
Contributor
Contributor

Migrating from physical NLB device

Here's my current situation:

2 physical hosts

Each physical host

has 4 copies of the same asp.net application running as app1a, app1b,

app1c, app1d on host #1, and app2a, app2b, app2c, app2d is host #2.

All these sites are identical, but have a different IP. 10.1.2.100, 101, 102, 103, etc.

A

physical switch (serveriron XL) is doing server load balancing. Request

comes in for 10.1.2.1 and it redirects that round-robin to .100, 101,

102, etc. (it does affinity too, but not important here)

I want to:

a) turn the 2 physical servers into 2 vmware esx guests.

b) remove the physical serveriron load balancer.

My

problem is that there are more than one copy of the application per

host. As I understand MS NLB service in 2003, you assign a number of IP

addresses to the cluster, then go into IIS on each host and assign

those shared IPs to the appropriate websites.

So, host 1 would

have 10.1.2.100 and host 2 would also have this same IP available. On

each host I'd assign that IP as belonging to a website in IIS manager.

My

problem here is that currently that single IP points to 4 websites on

each host. I can't go into IIS and hand the same IP to four identical

but separate website instances, right?

The only apparent

solution would be to run 8 hosts, each with 1 copy of the website on

it. That would mean licensing 6 more copies of the OS, and a lot more

virtual machines than I want to use for this.

So - is there any means of having an external request pass through NLB and hit one of many websites on a single IIS host?

Reply
0 Kudos
8 Replies
rriva
Expert
Expert

IHMO NLB is not working exactly as you said.

I think you can configure one ip address for the "cluster" (I know it will be not a real cluster but only a load balancing but let me talk about it with this term) for example

10.1.2.1

and then configure the single VM with more than one virtual nic and assign to every nic one of the previous IP, for example

10.1.2.100 , 10.1.2.101 and so on.

With this configuration you can balance the instances with NLB pointing to one IP address (10.1.2.1) and use all your previous IIS site in your VM configuring IIS as is now.

Otherwise you could split all IIS instances on different VM, so for example you could install 8 VM with only a virtual nic each, with a single IIS instance each one and use NLB to balance the incoming traffic from one ip address (10.1.2.1) and pointing (by the configuration of NLB) to all your 8 VM.

This second case give you the opportunity to create all the VM with less resource than a single VM and you can do all your maintanance OS operation without reduce at 50% your IIS instances.

Hope to be clear.

Bye

R

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanx!

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
Aszurom
Contributor
Contributor

That's interesting... to have multiple virtual network interfaces on the machine, each configured as part of the NLB cluster. I'm not sure, however, how I would tell 2 websites in IIS on the same machine to use a different network interface though. I'll experiment with that.

What I'd hope to end up with is this then:

Host1

website1 = nic1 10.1.2.1

website2 = nic2 10.1.2.1

Host2

website1 = nic1 10.1.2.1

website2 = nic2 10.1.2.1

If I understand your intention correctly. That would be a novel solution if I can bind the IIS site to the specific NIC somehow.

I'm specifically trying to avoid the "8 vms with 1 nic each" scenario.

Thanks! Any further commentary is most welcome.

Reply
0 Kudos
rriva
Expert
Expert

What I mean is that the first host will have :

Host1

NLB on 10.1.2.1

nic0 10.1.2.101

nic1 10.1.2.102

nic2 10.1.2.103

nic3 10.1.2.104

website1 = 10.1.2.101

website2 = 10.1.2.102

website1 = 10.1.2.103

website2 = 10.1.2.104

and the second one

Host2

NLB on 10.1.2.1

nic0 10.1.2.105

nic1 10.1.2.106

nic2 10.1.2.107

nic3 10.1.2.108

website1 = 10.1.2.105

website2 = 10.1.2.106

website1 = 10.1.2.107

website2 = 10.1.2.108

I don't have an NLB under my hand to verify what I'm saying, but think that you can use a different IP address from NLB and the IIS instances and then it's a NLB work to direct the session to one of the IP interface member.

Bye

R

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanx!

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
Reply
0 Kudos
Aszurom
Contributor
Contributor

The way I've seen NLB set up, you have a single unique IP per host. Then you have a NLB "pool" of IPs that are assigned on each host in the cluster. The unique IP is for the cluster to communicate, and also to talk to the specific machine directly. The "pool" IPs are the same on each host in the cluster.

Like this:

Host1 = 10.1.5.1 (unique)

NLB 10.1.1.2

NLB 10.1.1.3

NLB 10.1.1.4

Host2 = 10.1.5.2 (unique)

NLB 10.1.1.2

NLB 10.1.1.3

NLB 10.1.1.4

I'm not aware of a way to set it up so that once traffic comes into the box on one IP it can be split internally to different IPs on that machine.

Reply
0 Kudos
rriva
Expert
Expert

The way I've seen NLB setup is opposite than your, and I've ever configured it like this :

one Virtual IP Address (NOT assigned to any host)

and all host members with it's own IP address.

so :

Host1 = 10.1.2.1 (NLB)

NLB 10.1.2.100

NLB 10.1.1.101

and so on

Host2 = 10.1.2.1 (NLB)

NLB 10.1.2.200

NLB 10.1.1.201

and so on

NLB 10.1.1.4

After this you can configure priority on the hosts to define how share the Virtual IP address assigned to NLB services.

In this way you have all client pointing to ONE IP ADDRESS (always the same) and you can disconnect one or shutdown one or more nodes without have service diruption.

In you configuration you don't have a unique IP address for reaching your IIS application, so how you can tell the client which IP must try to reach ? Do you also use a DNS Round Robin configuration ?

Bye

R

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanx!

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
Reply
0 Kudos
Aszurom
Contributor
Contributor

Yeah, I just read over the windows documentation. Each machine has one unique IP and then all other IPs on the machine are identical to the "pool" list. That's how 2003 server does it. Linux and such probably not.

http://www.west-wind.com/presentations/loadbalancing/NetworkLoadBalancingWindows2003.asp

That guy lays it out pretty well - although he's only using a single "pool" IP. But I have a server that hosts 5 different websites. There are 3 clones of this server in my rack. Each server has a single IP unique to itself. The IPs for the websites are in the pool, and if you run ipconfig on any of the machines you'll see all five of those same IPs on each of them. If you ping one of those IPs, all four servers respond to each ICMP request. The problem with these other web servers is that all websites on the server are the same, and couldn't be assigned unique IPs due to how NLB on 2003 works. The reason we have multiple clones of the same site on the same host is due to ram limitations of how much you can present to a single IIS instance in 2003. We run four sites because each site can only use 1/4th of the ram in the box.

So, I don't see this working in the way I was hoping. I was thinking maybe a virtual appliance like the Hercules load balancer would be able to take the place of the physical load balancer and allow me to keep the IP scheme the same. Any suggestions on doing that?

Reply
0 Kudos
rriva
Expert
Expert

why you don't keep your phisical switch with load balancing and simply convert to VM your actual phisical host ?

[http://www.west-wind.com/presentations/loadbalancing/NetworkLoadBalancingWindows2003.asp]

In this page the configuration is much more similar to my idea of NLB than yours ... or I don't understand how you configure your machine.

Infact he create a cluster with 111.111.111.10

but the three machine have 111.111.111.11 , 111.111.111.12 and 111.111.111.13 , and not have a real network interface with the cluster IP Address.

All machine repond to the cluster IP Address request because are NLB group members.

I repeat, if you create this situation, I think you can solve all your problems and doubts.

Do you have the possibility to emulate this situation with your application ?

My suggestion is :

- Download VMWare Server and install it on two phisical host (i.e. your laptop and another desktop)

- Create two Win2003 VM (with only one NIC) and IIS (one on the first PC and one on the other one).

- Create a NLB Cluster as i suggest and make some test

I think you will be surprise.

Bye

R

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanx!

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
Reply
0 Kudos
rriva
Expert
Expert

Getting NLB running on ESX is a trick and requires some specific

VSwitch settings. In general if you plan to use NLB unicast mode, you

must run all members of the NLB cluster on the same virtual switch.

Bye

R

If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanx!

RRiva | http://about.me/riccardoriva | http://www.riccardoriva.com
Reply
0 Kudos