RE: Windows 2008 R2 NLB

[Michael B. Smith]

There is probably a simple howTO out there for this, but this is an excerpt 
from a High-Availability Exchange class I teach, that gives the "500 foot view" 
of how to set this up, granted it's based on Hyper-V. It should be enough to 
get you going:

Configuration Documentation
                All servers running Server 2008 R2 Enterprise (evaluation)
                Exchange 2010 RTM + UR3 (evaluation)
                CAS+HT installed on Mail01, Mail02
                MB installed on MBX01, MBX02
                No UM, no Edge
                No Internet
                AD01                                     172.16.3.5
                Mail01                                   172.16.3.10
                Mail02                                   172.16.3.15
                MBX01                                  172.16.3.20
                MBX02                                  172.16.3.25
                mail.smithcons.com        172.16.30.30
                TEC-DAG                              172.16.3.100
Domain Setup
                Boot AD01
                Add mail.smithcons.com to DNS on AD01 - 172.16.30.30
NLB Preparation
                Add new NIC to Mail01, Mail02
                Mark all NICs on Mail01, Mail02 for MAC Spoofing
                Boot Mail01, Mail02
                Verify that all "Automatic" services have started on Mail01, 
Mail02
Install NLB Cluster
                Add NLB Feature
                Configure NICs:
                                Mail01 - 172.16.30.10
                                Mail02 - 172.16.30.15
                                No gateway, no DNS, no WINS
                Rename lower-numbered Local Area Connection (LAC) to 
CorporateNetwork
                Rename other LAC to NLBNetwork
                Update binding order to put CorporateNetwork first
                Create NLB cluster on Mail01
                                Use NLB network
                                172.16.30.30
                                mail.smithcons.com
                Allow cluster to converge
                Add Mail02 to cluster
                Allow cluster to converge
                ...resolve inevitable issues
Test NLB Cluster
                https://mail01/owa
                https://mail02/owa
                https://mail.smithcons.com/owa
                Drainstop both servers, illustrate cluster no longer works, 
individuals do
                Resume servers
Configure NLB for HT
                Discuss round-robin vs. NLB for HT
                Discuss issue with doing LB of internal SMTP
On the Default receive connector on each HT, change to use CorporateNetwork IP 
and the non-load-balanced IP from the NLBNetwork
Create a new receive connector on each HT, for the load-balanced IP as Custom, 
port 25
Set Permission Groups for each new receive connector to "Anonymous Users"
Remove Anonymous Users from the Default receive connector on each HT
Mark that the new receive connectors can relay email to any internal user:
                Get-ReceiveConnector "Incoming SMTP NLB" |
                                Add-AdPermission -user "NT Authority\Anonymous 
Logon"
                                                -ExtendedRights 
ms-Exch-SMTP-Accept-Any-Recipient
Remove the default IP port configuration from the cluster and add port 25 and 
optionally 587
Show that it works (drainstop, etc.etc.)
Configure NLB for CAS
                Add ports 80, 443, 110, 143
                Import SSL certificate using Certificates MMC
                Get-ExchangeCertificate to obtain thumbprint
                Enable-ExchangeCertificate -thumb ### -Services IIS, SMTP
                Set-OutlookProvider EXPR -CertPrincipalName 
'msstd:*.smithcons.com'
                Restart-Service MSExchangeTransport
                Iisreset /noforce
                Configure profile for Outlook 2007 on AD01; illustrate


Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Monday, February 28, 2011 2:35 PM
To: NT System Admin Issues
Subject: Windows 2008 R2 NLB

I am trying to setup an NLB cluster in Windows Server 2008 R2 and having some 
difficulties.  I am trying to use the same methodology that I have before with 
Windows 2003, without success.  It appears that there are several changes in 
2008 that affect NLB.  I am using 2 NICs that are on different subnets, the 
second of which does not have a gateway.  The second NIC is the one that has 
the NLB attached.  I have found info on turning on forwarding but that did not 
resolve it.

It looks like you can actually setup an NLB in 2008 with only one NIC, and I 
even found an article where the person was putting both NICs on the same 
subnet, which I thought was a no-no.  Basically, what I need is some 
information on best practices regarding how to setup each NIC (same or 
different subnet, gateway or not, which NIC to use to create the NLB).

Bill Mayo

P.S. I am also working in vSphere, which I understand adds some issues with 
unicast, but I think if I can figure out the correct way to setup the NICs I 
can handle that.  If anyone has any all-in-one info on 2008 R2 NLB in vSphere, 
that would be even better.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin