Module 10

Implementing Network Load

Balancing
Module Overview

Overview of NLB
Configuring an NLB cluster
• Planning an NLB implementation
Lesson 1: Overview of NLB

What is NLB?
How NLB works
How NLB works with server failures and recovery
• NLB features in Windows Server 2016
What is NLB?

• Scalable high-availability technology

• Support 2-32 Nodes

• Balances traffic based on node utilization:

• New traffic is directed to the node that is being utilized the least,
• You can configure NLB to preference some nodes over others
• Use with stateless applications such as:
• Web tiers of multi-tier applications
• Not matter which web server a client connects

• Is failure-aware (Can only detect server failure)

• Do not use with stateful (persistent connection )
applications such as:
• Traditional file servers
• Database servers
How NLB works

Accept? NLB host

Dedicated IP: 10.1.1.2
No Virtual IP: 10.1.1.1

Accept? NLB host

Dedicated IP: 10.1.1.3
No Virtual IP: 10.1.1.1

NLB host
Accept? Yes Dedicated IP: 10.1.1.4
Virtual IP: 10.1.1.1
Client

NLB host
Accept? Dedicated IP: 10.1.1.5
Virtual IP: 10.1.1.1
No
How NLB works with server failures and recovery

• NLB cluster heartbeats transmit every second

between nodes in a cluster
• Convergence occurs when:
• A node misses five consecutive heartbeats, at which
time it is automatically removed from an NLB cluster
• A node that was member of a cluster returns to
functionality
• An administrator adds or removes a node manually

•Conflict Between Failover Cluster and NLB

Features
NLB features in Windows Server 2016

• Use 35 NLB Windows PowerShell cmdlets to

manage all aspects of NLB configuration:
• Use NlbCluster noun to manage the cluster
• Use NlbClusterNode noun to manage individual nodes
• Other NLB features:
• Does not require any hardware changes
• Does not require any application software changes
• Hosts can be part of multiple clusters
• Can add/remove hosts without affecting the rest of the
cluster (Recommended DrainNode)
•Get-command –module NetworkLoadBalancingClusters
Lesson 2: Configuring an NLB cluster

Deployment requirements for NLB

Demonstration: Deploying NLB
Configuration options for NLB
Demonstration: Configuring NLB affinity and port
rules
• Network considerations for NLB
Deployment requirements for NLB

• Ensure that all hosts are on the same subnet

• Convergence successfully the latency between
nodes not exceeds 250 ms
• Configure all adapters as either unicast or
multicast
• Use only the TCP/IP protocol on adapters
• Configure all adapters that you use in NLB with
static IP address
• Geographically-dispersed NLB clusters
• Deploy an NLB cluster at each site
• DNS round robin to distribute traffic between
sites
Configuration options for NLB

• Port rules determine how traffic is directed to

cluster nodes depending on TCP or UDP port
• To distribute requests across nodes in the cluster,
configure one of the following filtering modes:
• Multiple hosts (Balance Port 443 across all the nodes)
• Single host (direct all incoming on port 5678 to single
host)
• Disable port range (Block request to specified ports)

• Affinity (client need connect to same host) settings

determine how reconnection occurs:
• None / Single (High Priority Node)/ Class C
Configuration options for NLB
Network considerations for NLB
• Unicast:
• Suitable for clusters that have multiple network adapters
• Nodes use the same unicast MAC address
• One adapter is used for dedicated cluster communications.
• Implement VLANs to Prevent Switch Flooding
• Multicast:
• Suitable for NLB clusters that have single network adapters
• Network devices must support multicast MAC addresses
• Original Node MAC and Same Multicast MAC to all Nodes
• The MAC address table for the switch requires static entries that map each
port to the NLB Multicast MAC address
• IGMP (Internet Group Management Protocol) multicast:
• Improves switch performance
• Requires a network switch that supports this functionality
• Prevent Switch Flooding
• Switches can automatically build their MAC address tables.
Lesson 3: Planning an NLB implementation

Designing applications and storage support for NLB

Considerations for deploying an NLB cluster on
virtual machines
Considerations for securing NLB
Considerations for scaling NLB
• Considerations for upgrading NLB clusters
Designing applications and storage support for NLB
• Each node in an NLB cluster should have the
same configuration
• Each node needs access to the same consistent
application data
• Use IIS shared configuration to ensure that web
application configuration is consistent across NLB
nodes
• Use CSVs to host shared application and
configuration data for NLB applications
• Allow multiple hosts to have access to application data
and configuration information
• NLB hosts do not typically need local storage
redundancy
Considerations for deploying an NLB cluster on
virtual machines

• NLB cluster to use the unicast mode, and then

deploy each VM with multiple network adapters
for cluster traffic and node management traffic
• Enable MAC address spoofing on the Adapter
Settings in Each VM NLB Node
• Configure the NIC teaming to ensure that VM are
able to maintain access to the network
• Deploy NLB cluster nodes as highly available VM
in WFC Hyper-V Role and configure Service and
VM health monitoring
• Can use VLAN tags as a method of partitioning
cluster traffic from node management traffic.
 Service and VM health monitoring

The event ID 1250 is logged to the cluster, telling that the VM is in a critical
state. This is detected during some health check interval in the cluster, and the
actions can take place

NetFirewallRule -DisplayGroup "Virtual Machine Monitoring" -Enabled $True

Considerations for securing NLB
• Use NLB cluster port rules to discard traffic not related to
cluster applications
• Use firewall rules to drop traffic not related to cluster
applications or node management
• Configure applications to respond only to traffic that is
addressed to the cluster
• Use SANs or Multi Domain Certificate to create
certificates that support the application name and node
names
• Use Privileged Access Management to implement JIT
administration
• Users request permissions to perform administrative tasks on a
server and are automatically granted for a temporary period.
Considerations for scaling NLB
• NLB clusters can have up to 32 nodes
• Use DNS round robin to distribute traffic between NLB
clusters
Client in
Sydney

Client in
Netmask Brisbane DNS round robin
ordering

Cluster in Cluster in Cluster in

Sydney Melbourne Canberra
Considerations for upgrading NLB clusters

NLB clusters can run with different operating

systems:
• Windows Server 2012 R2 NLB clusters can interoperate with:
• Windows Server 2008 & Windows Server 2008 R2
• Windows Server 2012 & Windows Server 2012 R2
• Piecemeal upgrade:
• Add Windows Server 2016 cluster nodes
• Remove nodes running earlier operating systems
• Upgrade clusters:
1. Remove node from NLB cluster
2. Upgrade to Windows Server 2016
3. Rejoin node to NLB cluster
Lab: Implementing NLB

Exercise 1: Implementing a Network Load Balancing

(NLB) cluster
Exercise 2: Configuring and managing the NLB cluster
• Exercise 3: Validating high availability for the NLB cluster

Logon Information
Virtual machines: 20740C-LON-DC1
20740C-LON-SVR1
20740C-LON-SVR2
User name: Adatum\Administrator
Password: Pa55w.rd

Estimated Time: 45 minutes

Lab Scenario

Adatum Corporation is an engineering and manufacturing

company. The organization is based in London, England,
and is quickly expanding into Australia. As the company
expands, the need for scalable web applications has
increased. To address this need, you need to develop a
pilot program to test the deployment of NLB on hosts that
are running the Windows Server 2016 operating system. 
Because you intend to automate the process of deploying
Windows NLB clusters, you will use Windows PowerShell to
perform many of the cluster setup and configuration tasks.
You also will configure port rules and affinity, which will
allow you to deploy multiple load-balanced web
applications on the same NLB clusters.
Lab Review

How many additional nodes can you add to the

LON-NLB cluster?
What steps would you take to ensure that
LON-SVR1 always manages requests for web traffic
on port 5678, given the port rules that were
established by the end of this set of exercises?
• What is the difference between a Stop and a
Drainstop command?
Module Review and Takeaways

Review Questions
Real-world Issues and Scenarios
• Common Issues and Troubleshooting Tips