Part 1 - Prepare Windows Cluster
Part 2 - Install and configure SQL Cluster
part 4 - Install and configure SharePoint farm (3-tier)
This post demonstrate a step by step NLB configuration , how to prepare a NLB cluster to be used later on as SharePoint WFE servers .
however through this walkthrough of NLB configuration , I tried to pause on some steps and explain the NLB configuration steps as much as possible, although this series is to configure the NLB for SharePoint WFE Servers, I tried to make this post as generic as possible to accommodate any NLB configuration for any purpose.
IP addresses :
1- If you are using virtual machines on hyper-v it’s important to enable the IP spoofing
2- NLB configuration , from Server manger –> add NLB feature on all WFE Servers:
3- Open NLB manager from administrative tools , Cluster –>new , or from start –> run –> NlbMgr
4- in this step we are going to add the first server node to the NLB (which is the first web front end server WFE01) ,enter the server name then connect ,
5- Select the network adapter which you wish to participate in the NLB Cluster , then Click next:
5- in this screen the dedicated IP (private IP) is displayed , with the ability to add more private IPs, leave as default and click next.
5- in this screen you will be prompted to add the NLB cluster IP (Public IP) that will be used to communicate with the front end server, click Add
enter the Cluster IP as required , then click next
6- in this screen you will enter the NLB Cluster name, by selecting the NLB Cluster IP then entering Name (SPSFENLB) , this IP will be used as cluster NLB IP that will be accessed by external traffic , and traffic will be routed accordingly to the host node with the least network traffic
IP address: virtual IP address(Public IP) is set for cluster, must be identical on all cluster hosts, all applications are going to use this IP to communicate with cluster
Full internet name: ClusterName.DomainName , must be identical for all cluster hosts, users type this name in their browsers to access web server cluster, This name must be registered and mapped in DNS with its Cluster IP.
Cluster Operation Mode
When you use the unicast method, all cluster hosts share an identical unicast MAC address. Network Load Balancing overwrites the original MAC address of the cluster adapter with the unicast MAC address that is assigned to all the cluster hosts.
When you use the multicast method, each cluster host retains the original MAC address of the adapter. In addition to the original MAC address of the adapter, the adapter is assigned a multicast MAC address, which is shared by all cluster hosts. The incoming client requests are sent to all cluster hosts by using the multicast MAC address.
As a rule of thumb Select the unicast method for distributing client requests, unless only one network adapter is installed in each cluster host and the cluster hosts must communicate with each other from inside
For more info refer to Multicast vs Unicast section at the end of this post.
7- Define Port Rules , this is an optional step , where in default all rules are enabled,
how ever if you wanted to limit the traffic on this NLB Cluster select the port rule –> Edit
· Filtering Modes : There are three Filtering Modes which determines the host responsible to handle network traffic for this rule (this helps to distribute network traffic among hosts):
o Multiple Host : both hosts will handle network traffic over specified port range, This filtering mode provides scaled performance in addition to fault tolerance by distributing the network load among multiple hosts
TCP Vs UDP :
TCP: connection between sender & Receiver persist until sending is finished then connection is closed. (sender can guarantee delivery, some how heavy on network).
UDP: Sender package the data and release it in the network to reach receiver (no guarantee for delivery, very light on network).
Underlying Transport Protocol
remote terminal access
remote file server
6- After you finish , add the second WFE host, follow same steps
7- Two servers are now joined to the NLB cluster
9. Go to Active Directory and create a host record for the NLB cluster name
NLB adds the new virtual MAC to the network card, but also keeps the card’s original MAC address
NLB replaces the network card’s original MAC address with the New entered one. (Cluster IP)
Not all routers can support having two MAC addresses on one Network card where routers might reject replies from NLB hosts since a UniCast IP must have one MAC not Two MAC addresses
Work with all routers since each network card only has one MAC address
Servers can communicate with each other in NLB administrator via the original addresses of their NLB network cards
Since all hosts in the cluster all have the same MAC and IP address, they do not have the ability to communicate with each other via their NLB network card. A second network card is required for communication between the servers
Note: be aware that some routers doesn’t support Multi Mac addresses over Unicast IP's , special configuration might be needed for routers.
The IP addresses starting from : 188.8.131.52 to 184.108.40.206 (class D) are reserved for multicast networks. e.g. 192.168.0.158 is an address that belong to Unicast network.
in point 9, do you mean to create a DNS record for the cluster name or create computer account with the cluster name?
create a DNS record for the cluster name and IP which you entered in step 6, this will instruct the DNS to redirect requests to your NLB servers
this really helped me out with the configuration but after finishing the configuration I noticed a huge increase in loading times, I have a sharepoint farm with 2 front end servers and 1 sql server, I have 2 NICs so I am using unicast mode, the port rules are the same as you showed here with the exception of being limited only to port 80, hope you can give me any advice.
Thaks in advance
You mean huge time in loading sharepoint pages ?
If this is the case try to dedicate an app pool for the web application that hosts your contentDBs other than the pool dedicated for central admin and service applications .. Consider increasing the RAMs on the WFE servers..
Sorry for the late reply :(
Hi, I was wondering about this bullet point:
Private(dedicated) IPs and Cluster IP must be on the same Subnet Mask (Network) to function properly.
Do you have any official / MSDN links that explicitly mention that this is not possible?
We ran out of IPs in the subnet for a SharePoint farm were we wanted to set a NLB. We set the Cluster IP from another subnet and we are able to ping the Virtual IP from within the nodes, but other than that clients in neither subnet can ping the Cluster (Virtual) IP. I was wondering if perhaps by setting ARP proxy settings we could get around this restriction
Thanks for your great article!
In your opinion, provided we may add more web front-end or application servers, should this NLB be managed by SharePoint experts or Infrastructure technicians ?
it could be the infrastructure admins not SharePoint admins , however some organizations don't have the the luxury of resources in this case SharePoint admins might do it :)
On which server do I need to install NLB feature and add these WFE s that you mentioned above?
NLB feature should be enabled and configured on all the web front end servers