Diagram 1: Server, VIP IP Address, Network connections, Switches and Clients
Hello There!
We have an IBM x3650 M3, Dual NIC. We have Windows Server 2008 R2. In this Window we will have services like:
- Proxy: using ForeFront 2010
- FTP: Using IIS
- IIS
- DHCP
- DNS
- Active Directory
- Any other Windows based service
Please, see the attached diagram. The server will have a VIP (Virtual IP Address) of 172.16.0.10/24. All remote clients will point to this VIP. We will have two switches from Alcatel, either model OS6450 or OS6850. We will have an UPLINK between them as they will be two separate modules (although if you recommend we can setup a stack as well). So if Switch 1 dies all traffic will continue via Switch2 and vice versa. "Simple" fault tolerance.
We will focus only on one server and one service for now (e.g: Proxy or FTP). How can we implement fault tolerance here? What configuration should I use?
I have done some research and came to two solutions: (1) NIC TEAMING (2) Windows NLB
I understand that with (1) NIC Teaming you can setup a nic team using nic vendor drivers. As I understand we will have 1 IP Address and 1 MAC Address. Am I right? The next step is to configure LACP on Switches, right? The problem with this LACP is that the only situation found is when both Server's NIC are connected directly to only ONE switch. On CISCO, we would have something like this:
source: How to properly setup a server "teaming" across multiple NIC's in windows server 2008?
If your NIC driver supports LACP, use is on the switch as well. Otherwise, you'll have to stick with a static trunk on the switch. Here is a config example for Cisco:
Switch# conf t
Switch(config)# int g0/1
Switch(config-if)# channel-group 1 mode on
Switch(config-if)# exit
Switch(config)# int g0/2
Switch(config-if)# channel-group 1 mode on
Switch(config-if)# end
For LACP, you would do something like this:
Switch# conf t
Switch(config)# int g0/1
Switch(config-if)# channel-proto lacp
Switch(config-if)# channel-group 1 mode act
Switch(config-if)# exit
Switch(config)# int g0/2
Switch(config-if)# channel-proto lacp
Switch(config-if)# channel-group 1 mode act
Switch(config-if)# end[/code]
The problem is we will have two SEPARATE switches and with an UPLINK between them. That is a very different situation. What can I setup here?
With (2) Windows NLB I understand that is a very complicated issue. For example:
http://www.remotextensions.com/how-to-configure-network-load-balancing-nlb-in-multicast-mode/
The first problem is with switch flooding: we have to setup a NLB in Multicast and we have to fix an ARP IP entry and the MAC Address on the interfaces where the server will be connecting to.
STATIC ARP RESOLUTION Cisco Global command mode: arp [ip] [cluster multicast mac] ARPA arp 192.168.1.100 03bf.c0a8.0164 ARPA
STATIC MAC RESOLUTION Cisco Global command mode For example: mac-address-table static [cluster multicast mac] [vlan id] [interface] mac-address-table static 03bf.c0a8.0164 vlan 1 interface GigabitEthernet1/1 GigabitEthernet1/2 GigabitEthernet1/15 GigabitEthernet1/16
So. What can I use here in my situation? I would like to go simple with NIC Teaming. Is it possible? How can I do that?
Ps: see the following diagram:
http://s22.postimg.org/cnovh1ekx/REDUNDANCY_IN_BRIDGE_MODE_Copy2.png
https://i.stack.imgur.com/X6AZj.png
Hello!
We have tried the bridge mode! Unfortunately the server we tried nics does not support NIC Teaming so we tried the bridge between both NICS. Please, see the attached diagram. If I am correct, the server behaves like a "switch". The redundancy worked because the Spanning Tree on the real switch blocked one of the ports: you can see in the switch output that port 1/1 is on "BLK" state. We then performed a simple test:
(1) With both cables connected, port 1/1 is blocked by STP and port 1/2 is in FORWARD state; (2) Disconnected cable on port 1/1 and watched. The ping continued as expected because port 1/1 was already blocked; (3) Plug the cable back on port 1/1. After some seconds the ping returned (the Spanning tree took some seconds to became stable again); (4) Unplug cable on port 1/2. Again, after some seconds the ping returned (the Spanning tree took some seconds to became stable again); (5) Plug back the cable on port 1/2.Again, after some seconds the ping returned (the Spanning tree took some seconds to became stable again) and we are back to initial state: port 1/1 blocked and port 1/2 in forward state.
So what do yo think of the bridge mode with redundancy provided by the STP on the real switch?
ps: we will try a redundancy with VMWare on another server, using the vswitches. I will post it back when we have the results. thanks!
Edit: 24/10/2014 - 14:21
Ps: see the following diagram:
http://s22.postimg.org/cnovh1ekx/REDUNDANCY_IN_BRIDGE_MODE_Copy2.png
https://i.stack.imgur.com/X6AZj.png
Hello!
We have tried the bridge mode! Unfortunately the server we tried nics does not support NIC Teaming so we tried the bridge between both NICS. Please, see the attached diagram. If I am correct, the server behaves like a "switch". The redundancy worked because the Spanning Tree on the real switch blocked one of the ports: you can see in the switch output that port 1/1 is on "BLK" state. We then performed a simple test:
(1) With both cables connected, port 1/1 is blocked by STP and port 1/2 is in FORWARD state; (2) Disconnected cable on port 1/1 and watched. The ping continued as expected because port 1/1 was already blocked; (3) Plug the cable back on port 1/1. After some seconds the ping returned (the Spanning tree took some seconds to became stable again); (4) Unplug cable on port 1/2. Again, after some seconds the ping returned (the Spanning tree took some seconds to became stable again); (5) Plug back the cable on port 1/2.Again, after some seconds the ping returned (the Spanning tree took some seconds to became stable again) and we are back to initial state: port 1/1 blocked and port 1/2 in forward state.
So what do yo think of the bridge mode with redundancy provided by the STP on the real switch?
ps: we will try a redundancy with VMWare on another server, using the vswitches. I will post it back when we have the results. thanks!
