Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Loss of Internal connection with ISA2006 EE and NLB
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Loss of Internal connection with ISA2006 EE and NLB - 4.Aug.2008 3:38:54 PM
|
|
|
billyclark
Posts: 5
Joined: 20.Oct.2006
From: Glasgow, Scotland
Status: offline
|
Hi,
I am testing a proposed configuration and am having trouble with NLB.
The testing is being carried using virtual servers running on Microsoft Hyper-V.
Two ISA 2006 EE SP1 running on W2003 SP2 with KB948496 installed (Windows Server 2003 Scalable Networking Pack fix)
Both ISA are configured as CSS with ISA1 as primary and ISA2 as secondary.
Both ISA have and internal, external and cluster connections.
There is a single W2008 DC/DNS server on the internal network and everything works as expected WITHOUT NLB.
When NLB is enabled the DC loses contact with both the ISA servers on their internal IP and the cluster address.
There was another ISA installed previously as the CSS on the internal network but it too lost connection with the ISA servers when NLB was configured so I don't think this is peculiar to W2008.
The ISA servers then cannot resolve DNS and everything eventually falls apart as neither ISA can resolve the DNS of their CSS.
Have tried changing the gateway on the DC to the IP of the cluster and physical ports without success.
There are no errors logged on the DC.
Does anyone know if there is something peculiar with the Hyper-V virtual network switch that would prevent NLB or does anyone have some pointers where to look for troubleshooting advice.
Thanks in advance.
Billy Clark
|
|
|
|
|
RE: Loss of Internal connection with ISA2006 EE and NLB - 19.Aug.2008 8:47:17 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Most likely a name resolution issue. Check the DNS entries for the firewall array members in the DNS database and remove the entries that do not map correctly to the names and IP addresses that should be used for the firewall array.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Loss of Internal connection with ISA2006 EE and NLB - 7.Sep.2008 3:52:35 AM
|
|
|
billyclark
Posts: 5
Joined: 20.Oct.2006
From: Glasgow, Scotland
Status: offline
|
Hi Tom,
Thanks for your reply and sorry for the delay.
I set DNS to show the internal connection, prevented the external connection from registering and added a hosts file on each ISA pointing to the cluster connection.
Same result I'm afraid.
Unfortunately due to another issue I have had to remove the virtual machines I was using for testing.
I will recreate them shortly and post to confirm the issue remains.
Thanks
Billy
|
|
|
|
|
RE: Loss of Internal connection with ISA2006 EE and NLB - 8.Sep.2008 8:21:03 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Billy,
Keep in mind that VM support for NLB varies with the virtualization provider. For example, VMware doesn't support multicast mode NLB.
HTH,
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Loss of Internal connection with ISA2006 EE and NLB - 19.Oct.2008 6:55:22 AM
|
|
|
adimcev
Posts: 44
Joined: 19.Oct.2008
Status: offline
|
I think Tom wanted to say unicast mode. Multicast mode works with VMware. I've used it with ISA 2006 EE in VMware Workstation when they made available for ISA NLB multicast mode.
It would be interesting to write something about some ISA and VMware ESXi and Hyper-V Server 2008(both free now) labs(I'm thinking about that).
It may help people speeding up their testing and deployments phases, as they can create more complex topologies using those two hypervisors.
If they use whiteboxes(I've noticed that a lot of people want to do that due to hardware costs, as these boxes will not serve as any mission critical purposes), looks like the advantage is on Hyper-V's side, at least compared to ESXi 3.5(with the future 4.0 we will see). I got up and running Hyper-V Server 2008 in a few minutes on a ICH10R platform, while it took me a while to edit the VMware cd (to get ESXi see my hdds), wrapped it again and install ESXi on that machine.
Adrian
_____________________________
Blog: http://www.carbonwind.net/blog
Get Our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
|
RE: Loss of Internal connection with ISA2006 EE and NLB - 20.Oct.2008 8:52:06 AM
|
|
|
tshinder
Posts: 47439
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Adrian,
Thanks for the correction! Yes, I meant to say unicast mode. Multicast has always worked in VMware :)
Thanks!
Tom
_____________________________
Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/
GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
