0

I'm doing a LAB about NLB(Network load balancing) on Windows Server 2008 - Unicast mode.

But I can't understand how the packet travel across the Network...

http://technet.microsoft.com/en-us/library/bb742455.aspx

http://technet.microsoft.com/en-us/library/cc782694.aspx

In this reference. They said that:

If the cluster hosts are attached to a switch instead of a hub, the use of a common MAC address would create a conflict since layer-two switches expect to see unique source MAC addresses on all switch ports. To avoid this problem, Network Load Balancing uniquely modifies the source MAC address for outgoing packets; a cluster MAC address of 02-BF-1-2-3-4 is set to 02-h-1-2-3-4, where h is the host's priority within the cluster (set in the Network Load Balancing Properties dialog box). This technique prevents the switch from learning the cluster's actual MAC address, and as a result, incoming packets for the cluster are delivered to all switch ports. If the cluster hosts are connected directly to a hub instead of to a switch, Network Load Balancing's masking of the source MAC address in unicast mode can be disabled to avoid flooding upstream switches. This is accomplished by setting the Network Load Balancing registry parameter MaskSourceMAC to 0. The use of an upstream level three switch will also limit switch flooding.

If the cluster is connected to a switch, incoming packets are sent to all the ports on the switch, which can cause switch flooding.

There are two PCs:

PC1: 192.168.2.1

PC2: 192.168.2.2

Virtual Cluster IP : 192.168.2.100

After I installed NLB, MAC address of PC1 and PC2 were changed to : 02-BF-1-2-3-4 (they got the same MAC)

I try ping to 192.168.2.100, both PC1 and PC2 receive ICMP request ?

but how Switch sent incoming packets to all the ports?,

because Switch expect to see unique source MAC ?

then each Port are mapped to an unique MAC

==> so, how Switch sent incoming packets to all the ports?

Hung Doan
  • 103
  • 4

1 Answers1

1

A switch learns what MAC addresses are connected to each port by looking at the source MAC of packets coming into it. If a packet comes in on port 1 with a source of AA:BB:CC:DD:EE:FF, it knows that any packets destined for that MAC address can go out through port 1.

If a switch receives a packet for a MAC address, and it doesn't know what port that MAC address is connected to (for example if it's just been powered on), it will send the packet out through every port. Basically it broadcasts the packet in the hope that the correct machine will get it and all others will ignore it.

Unicast NLB makes use of this 'feature' by making sure the switch never sees a packet with a source MAC that matches the MAC address used for the virtual IP address - ARP requests for the virtual IP will receive a reply containing MAC address X, but when actually talking to the cluster using the virtual IP, replies coming from the cluster will have a source MAC that has been altered as mentioned above in your quote.

It's for this reason you should be careful when using Unicast NLB to try and make the broadcast domain that NLB is enabled on as small as possible. If you enable NLB on adapters that are connected to a large network, all NLB traffic will be flooding across the entire network.

USD Matt
  • 5,381
  • 15
  • 23
  • really thanks for your quick Answer. It's all clear now. I'm going to deploy it to the Internet(Web-server port 80, and SSL)? Can I set public-IP to NLB Cluster?. Or I have to change to multicast, or I have to create a small NLB network, then I NAT public-IP to that network. – Hung Doan Apr 26 '13 at 10:40