Network Load Balancing (NLB) in Windows Server 2008
Publish Date: 2/14/2008
We throw ‘clustering’ around a lot at Microsoft. There are a few different technologies that we refer to as clustering, but they all serve very different roles:
- HPC/Compute Cluster Server
- Failover Clustering
- Network Load Balancing
We’ve provided a fair amount of info about the first one, we’ve touched on (and will cover more about) the second one, but we’ve never really talked about NLB here on Edge. I thought I’d change that this week.
Wait, is this new? Not really. It’s been around in Windows Server for a long time. There are a couple features that are new for Server 2008 though:
Support for IPv6
- A new NLB cluster creation Wizard instead of a control panel app
- Better security
What does it do? Network Load Balancing is a way to configure a pool of machines so they take turns responding to requests. It’s most commonly seen implemented in server farms: identically configured machines that spread out the load for a web site, or maybe a Terminal Server farm. You could also use it for a firewall(ISA) farm, vpn access points, really, any time you have TCP/IP traffic that has become too much load for a single machine, but you still want it to appear as a single machine for access purposes.
How does it work? It’s pretty straightforward. After you install NLB on a server, you add two or more machines to a NLB Cluster. The machines are configured with 2 IP addresses: their own private unique one, and a second one that is shared by all the machines in the cluster. The machines all run an algorithm that determines whose turn is next at responding to requests. They also exchange heartbeats with one another, so they all know if one server goes down and won’t allocate any more requests to him. You can have up to 32 machines in a cluster.
You can do some smart stuff with regards to how requests are allocated too. You can set up affinity so that requests from one subnet will be responded to from Server A whenever possible, and that other subnets prefer Server B. Maybe you want 80% of all incoming requests to be handled by Server A, with the rest going to server B. You can do that too.
There are a few other things you can do with affinity:
- Single affinity: connections initiated by a given ip address are handled by the same server in the cluster until cluster membership changes. This is useful for those applications that maintain sessions across multiple connections (e.g. E-commerce applications). Note that SSL connections will need single affinity to avoid re-negotiation at every attempt.
- No affinity: connections are load-balanced based on originating address and port. This is more efficient, as connections from the same client can be routed to several hosts.
- VPN and IPSec affinity: vpn and ipsec sessions will be preserved even if cluster membership changes.
- Class C affinity: useful when internet clients access the cluster through proxies that expose the same class-C addresses. Load balancing is based on the class-C subnet portion of the incoming address.
How do I install it? I’ll give you three ways:
- From Server Manager, just click Add Feature and then select Network Load Balancing
- From a command line, type “ocsetup NetworkLoadBalancingFullServer”
- Use ServerManagerCmd! From a command line, type “servermanagercmd –install nlb”
Is there somewhere I can get more information?Of course:
NLB on TechNet
The Clustering/NLB Team Blog
Hiroshi for their contributions to this post.)