Procedure 11: Configuring and testing NLB

Follow this procedure to configure and test Network Load Balancing (NLB) for an array. NLB will be automatically configured in unicast mode and single affinity. Single affinity ensures that all network traffic from a particular client be directed to the same host. This procedure takes place on a computer in the main array, logged on as an array administrator.

Configuring NLB on the main array

To configure NLB on the main array

1. On one of the ISA Server computers, such as FW-A1, expand Arrays, expand Main , expand Configuration, and click Networks.

2. In the details pane, verify that the Networks tab is selected.

3. In the task pane, on the Tasks tab, click Enable Network Load Balancing Integration to start the Network Load Balancing Integration Wizard. On the Welcome page, click Next.

4. On the Select Load Balanced Networks page, select the networks for which NLB will be enabled. For example, if you are going to publish Web sites through ISA Server, you would want NLB on the External network, to balance traffic from the Internet. If you want to load balance requests from Internal clients, select Internal. In this exercise, you will configure NLB for the External network, so select External. Do not click Next.

5. Before you click Next, you have to set the virtual IP address for the External network. To set the virtual IP address, after you select the External network, click Set Virtual IP. In the Set Virtual IP Address dialog box, provide the IP address and subnet mask for the virtual IP address you will use. Note that this IP address must be a valid static IP address (that cannot be assigned by your DHCP server), and must belong to the network you are configuring. In this solution, use the IP address 157.54.1.4 and the subnet mask 255.255.0.0, and click OK. Click Next.

6. On the summary page, click Finish.

7. In the details pane, click Apply.

Testing NLB

To test the NLB configuration on the External network, you would have to publish a server on the Internal network to the External network. Publishing is not described in this walk-through. For information about Web publishing, see Publishing Web Servers Using ISA Server 2004 Enterprise Edition. (https://www.microsoft.com/) For an example of server publishing, see Publishing a SQL Server Computer with ISA Server 2004.(https://www.microsoft.com/) If you have a published server, follow these steps to test your NLB configuration.

To test the NLB configuration:

1. On an External client computer, connect to the published server.

2. On one of the firewall array servers, in ISA Server Management, expand Arrays, expand Main, and click Monitoring.

3. Select the Sessions tab, and locate the client session. (Client Host Name is a column to the far right of the display pane.)

   Note

   You can rearrange the columns by right-clicking any column, selecting Add/Remove Columns, selecting an item from Displayed columns, and clicking Move Up or Move Down.

4. Identify the server that is hosting the session. Remove that server from the array by stopping the Microsoft Firewall service on that computer. To stop the Firewall service, click the Services tab, right-click Microsoft Firewall, and select Stop service.

5. Return to the Sessions tab and find the client session. You will see that it moved over to another server because you stopped the Firewall service on the server that was hosting the session.

6. You can now start the Firewall service on the server for which you stopped it. To start the Firewall service, click the Services tab, right-click Firewall service, and select Start service.

[Topic Last Modified: 09/26/2007]