Load Balancing Virtual Servers, Pools, and Nodes (Windows SharePoint Services 2.0)
One virtual server (virtual IP address) was configured. It serves as the public Web site address (WWW 18.104.22.168:80). Only port 80 is open to help minimize the exposure of the server farm from the network level.
The two virtual servers are each associated with a load balancing pool. The public virtual server is associated with the load balancing pool that contains the front-end NIC addresses of front-end Web servers running Windows SharePoint Services. There are six front-end Web Servers, so six IP addresses were added to the load balancing pool and only port 80 is open for public access. All front-end Web servers have the same priority and ratio. Predictive (Node Address) is the load balancing method set on F5 BIG-IP controllers.
Even though the server farm configuration in this paper does not support SSL, the Internet Platform and Operations group tested SSL configuration in another Internet pre-production environment. If SSL is required, port 443 can be opened on the router and BIG-IP levels can be set to allow SSL traffic to come in. All other inbound ports should be blocked to help provide a high level of security.
Windows SharePoint Services does not support terminating SSL on a switch or router. The URL that Microsoft Internet Information Services (IIS) receives must be the actual URL of the resource. Otherwise, links on the pages rendered by Windows SharePoint Services will be incorrect.