Archive for the ‘Windows 2012 NLB’ Category

Create a New Network Load Balancing NLB Cluster On Windows Server 2012 R2 #Winserv #nlb

Still I thought NLB is so common that there is no point here to create a blog. but recently I see a lot of misconfigurations of NLB or people trying to do the easy way and not listen to the guidelines. So this blog is all about NLB only in the private cloud you can’t extend this to Azure even if you have a S2S.

So I have two servers in my private cloud.  MVPNLB001 and MVPNLB002 Both Machines have two NIC’s one for LAN and the other is for the NLB actions.

and yes it can be with one but with two is it much easier and fault tolerant. Less errors and less administration.

Both domain joined and ready for Setup of my basic IIS.

First we setup IIS with the Management tools

image

Install-WindowsFeature -Name Web-Server Or Add-WindowsFeature Web-WebServer –IncludeAllSubFeature to get all the features

Install-WindowsFeature -Name Web-Mgmt-Tools
Add-WindowsFeature NET-Framework-45-ASPNET

Get-WindowsFeature nlb*

 

image

add-WindowsFeature –Name NLB

add-WindowsFeature RSAT-NLB

Now we are ready to configure the NLB. We can do this With powershell but the GUI also Works.  ( I show both )

image 

 

The First Step will be Create a New NLB Cluster. As I do like things clear and therefor I start with rename the NIC names

Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"

Rename-NetAdapter -Name "Ethernet" -NewName "LAN"

imageimage

Open the NLB Manager and select Cluster NEW

imageimageimageimageimage

Or use powershell

Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"

New-NetIPAddress -IPAddress 10.255.255.93 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24

In this case we renamed the adapter and give the nic a static IP.

The next steps Will be creating the NLB with his own IP and Remove the default port rule and use only ports that I want say port 80

imageimageimage

Well that was easy Creating the NLB Next step will be delete the port rule and create a 80 port rule 

imageimage

We will remove the default line and just create a rule for one port that I need in this case port 80

Network Load Balancing parameters

http://technet.microsoft.com/en-us/library/cc778263(v=ws.10).aspx

 

 

These steps can be done in just a few more PowerShell lines ( I use variables see below the post for the complete script )

#Creating new cluster
Write-Host "Creating NLB Cluster…" -ForegroundColor yellow
New-NlbCluster -ClusterName $ClusterFqdn -InterfaceName $InterfaceName -ClusterPrimaryIP $ClusterPrimaryIP -SubnetMask $ClusterPrimaryIPSubnetMask -OperationMode $OperationMode

#Removing default port rule for the new cluster
Write-Host "Removing default port rule…" -ForegroundColor yellow
Get-NlbClusterPortRule -HostName . | Remove-NlbClusterPortRule -Force

image

But now what we have only One Server and we need to add the other node or nodes.

imageimage

With two more confirmations screens you are done and have a Configured NLB on One 1 IP listening on port 80

Suppose you have multiple websites and all running on different IP or hostnames just add a cluster IP

imageimageimage

Now that the NLB is created We can do some testing

Now to get this to work with IIS

image

That is right page not found. Check the DNS see if the record is created. and make sure the website IIS is running on this IP

Go to the IIS manager and check the website bindings, default it is listening on all IP but this is not the behavior that I want I want a NLB. So we need to set the website on the NLB IP configured earlier.  When Having multiple IP on the NLB pick the right IP!

imageimageimageimage

Remember this you need to do this on all the Webservers!

image

 

A complete script to automate all these steps and add a second node. only the IP is fixed in the script and can be set as variable but this is up to you.

use this at free will. I created small steps so you can use also little steps if you need this or just give you an Idea.

<>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

#Set IP for NLB
Write-Host "Set NLB IP and change Network adapter" -ForegroundColor yellow
Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"
New-NetIPAddress -IPAddress 10.255.255.93 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24

#Set ExecutionPolicy
Write-Host "Set ExecutionPolicy" -ForegroundColor yellow
Set-ExecutionPolicy -scope LocalMachine RemoteSigned –force

#Add-WindowsFeature
Write-Host "Add-WindowsFeature NLB" -ForegroundColor yellow
add-WindowsFeature NLB
add-WindowsFeature RSAT-NLB

#Variables for creating the new cluster
Write-Host "Variables for creating the new cluster" -ForegroundColor yellow
$ClusterFqdn = Read-Host "Enter NLB cluster Name FQDN"
$InterfaceName = Read-Host "Enter interface name for NLB-adapter"
$ClusterPrimaryIP = Read-Host "Enter cluster primary IP"
$ClusterPrimaryIPSubnetMask = Read-Host "Enter subnetmask for cluster primary IP"

Write-Host "Choose cluster operation mode"
Write-Host "1 – Unicast"
Write-Host "2 – Multicast"
Write-Host "3 – IGMP Multicast"
switch (Read-Host "Enter the number for your chosen operation mode")
{
1 {$OperationMode = "unicast"}
2 {$OperationMode = "multicastcast"}
3 {$OperationMode = "igmpmulticast"}
default {Write-Warning "Invalid option, choose ‘1’, ‘2’ or ‘3’";return}
}

#Creating new cluster
Write-Host "Creating NLB Cluster…" -ForegroundColor yellow
New-NlbCluster -ClusterName $ClusterFqdn -InterfaceName $InterfaceName -ClusterPrimaryIP $ClusterPrimaryIP -SubnetMask $ClusterPrimaryIPSubnetMask -OperationMode $OperationMode

#Removing default port rule for the new cluster
Write-Host "Removing default port rule…" -ForegroundColor yellow
Get-NlbClusterPortRule -HostName . | Remove-NlbClusterPortRule -Force

#Adding port rules

Add-NlbClusterPortRule -Protocol Tcp -Mode Multiple -Affinity Single -StartPort 80 -EndPort 80 -InterfaceName $InterfaceName | Out-Null
Write-Host "Added port rule for http (tcp 80)" -ForegroundColor yellow

Add-NlbClusterPortRule -Protocol Tcp -Mode Multiple -Affinity Single -StartPort 443 -EndPort 443 -InterfaceName $InterfaceName | Out-Null
Write-Host "Added port rule for https (tcp 443)" -ForegroundColor yellow

#Adding additional cluster nodes based on user input
Write-Host "Give Second NLB host" -ForegroundColor yellow
$Node2Fqdn = Read-Host "Enter 2e NLB node"

#Set Network Adapter
Enter-PSSession -ComputerName $Node2Fqdn
invoke-command -computername $Node2Fqdn -scriptblock { Rename-NetAdapter -Name "Ethernet 2" -NewName "NLB"}
invoke-command -computername $Node2Fqdn -scriptblock { New-NetIPAddress -IPAddress 10.255.255.92 -InterfaceAlias "NLB" -AddressFamily IPv4 -PrefixLength 24}
Write-Host "Placed NLB IP and changed NIC to NLB" -ForegroundColor yellow
exit-PSSession

#Add-WindowsFeature
Write-Host "Add-WindowsFeature NLB" -ForegroundColor yellow
Enter-PSSession -ComputerName $Node2Fqdn
invoke-command -computername $Node2Fqdn { add-WindowsFeature NLB}
invoke-command -computername $Node2Fqdn { add-WindowsFeature RSAT-NLB}
exit-pssession

#Add Remote Node To NLB
Write-Host "Adding cluster node $Node2Fqdn" -ForegroundColor yellow
Get-NlbCluster | Add-NlbClusterNode -NewNodeName $Node2Fqdn -NewNodeInterface NLB

 

Have fun

Robert Smit

Twitter : @clustermvpTwitter : @clustermvp

http://robertsmit.wordpress.com/

Windows 2012 Clustering : Network Load Balancing (NLB) ,How To , Step by Step

Now that Windows 2012 is here and you want to test if the OS is as good as you want and see if the application is still running on windows 2012.

In this case We build a NLB website easy with just the basic steps any one can do this.

First we add the roles and features to the servers that we are going to use for the NLB.

Select the Features “ Network Load Balancing ” only this you need for NLB

 

 

clip_image002

After this I look at my NIC’s most important that you use two nic’s in a VM this is easy in a physical box now days there are at least 2 nic’s in the server. use them.

I gave the Nic’s an IP that is not in the same subnet as the production lan, and also you can use a different VLAN for the NLB traphic but if you want to use it on your lan than you need routing !

NLB node 01

clip_image004 clip_image006 For Quick see what my nic is doing I give them names

clip_image008  clip_image010

Now that I added the features I can open the MMC and right click to create a new cluster

image now that we create a new cluster We type in the IP adress of the first NLB node name

clip_image014 There are two IP addresses , one public IP and One NLB IP

Remember this is not the Cluster NLB IP but the node IP , Select the IP and choose Next

 

clip_image016  clip_image018

Now we can create the cluster IP choose ADD and fill in the IP address that will be used for the CLUSTER NLB

clip_image020 clip_image022

You can use multiple IP’s the work in the NLB , that way you can run multi sites on one NLB management but all on different IP’s / FQDN names / DNS. and on different ports. or settings

clip_image024 Now I choose a FQDN for the NLB cluster name

clip_image026 clip_image028 clip_image030

I don’t want to balance all the ports , just the ports that I need in this case port 80.

clip_image032 clip_image034 Now that the cluster is ready  ( one node ) we can do the properties of the cluster

image clip_image038

I add a second IP to the cluster

clip_image040 clip_image042

clip_image044 clip_image046

as you can see I use a different port for this IP

clip_image048 clip_image050

clip_image052 Now that I have two IP’s and on different ports I’m ready to go.

image Now a second nlb node

clip_image056clip_image058clip_image060

 

Now that the clusternode is joined you can see here the cluster nlb IP’s

clip_image062 clip_image064

clip_image066 

Both nodes are now joined to the nlb cluster and we can build a nlb website

image clip_image068

 

image as you can see the site runs only on port 80.

 

Now your NLB cluster is ready for productions

DirectAccess Windows 2012 High availability NLB Cluster

Windows Server | DirectAccess | Remote Access | VPN

DirectAccess is a feature in the Windows 7 , Windows Server 2008 R2 and Windows Server 2012 operating systems that gives users the experience of being seamlessly connected to their corporate network any time they have Internet access.

With DirectAccess, users are able to access corporate resources (such as e-mail servers, shared folders, or intranet web sites) following common security standards, anytime they have an internet connection.

The new thing here is that in windows 2012 you can use a single nic.

In my previous blog I showed the configuration but now I want to NLB the DirectAccess Server.

clip_image002 again my basic setup is here just on one server configured and the second node is stand by. Keep in mind Remote access must be installed on both machines and the NLB option must be installed.

image In the configuration menu you can choose enable load balancing.

 

clip_image004 clip_image006

The wizard shows me that I can choose Windows NLB or a hardware NLB solution.

Yes Ill take the WNLB. and as you can see you don’t need to setup UAG and NLB this and then direct access no go strait to the Remote access console and do your thing.

In this case I use an Edge directaccess option.

image

Fill in the IPv4 address that will be used as the external VIP by the Network Load Balancing feature. this address must be on the same IP subnet that dedicated external address of Windows 2012 servers.

image The Internal IP is just as you do a internal NLB option.

now that the NLB is ready just on one node

image We can add a second node to the NLB farm and have our DirectAccess highly available

To add the Second node just do add or remove node.

image On firewalls or other products that has multiple NIC’s I make sure that the naming is correct nic name = internet has internet access . or red or green but don’t leave this default now I can easy see what nic I need.

imageimage 

Just to remember If you use a self signed certificate you can’t use NLB so a root CA must be in place.

image after the commit my NLB is in place an overview is there with the NLB servers in it.

image

 

there are more PowerShell options that you can use.

Get-RemoteAccessHealth –cluster

Get-DAserver

more on Direct Access

Or on powershell

Direct Access Client Cmdlets in Windows PowerShell

Posted June 23, 2012 by Robert Smit in Direct Access, Windows 2012 NLB

  • Tag