External Network Failover in Standalone Array
-
Friday, February 08, 2013 4:40 AM
Hello,
I'd like to configure my two Forefront TMG 2010 Servers that are currently in a Standalone array so that the second server properly takes the load if the first server goes down. I'm trying to implement failover by using NLB on the external network, but the servers don't seem to be accepting requests on the NLB IP. I'm currently using Multicast mode for NLB. Here's a rough overview of my network topology:
Internet --- Modem --- Cisco 800 Router --- TMG VM1 & TMG VM2 --- Internal Network
Both TMG VMs have their own External IPs. I'm forwarding ports on the Router to the NLB IP of the TMG Array. If I try to ping the NLB IP from the Router I get nothing, but if I ping their individual IPs I can get a response. Am I doing this correctly?
Any insight on how I can get this working would be greatly appreciated.
Thanks!
Cory Gehr
- Edited by Cory Gehr Friday, February 08, 2013 4:44 AM
All Replies
-
Friday, February 08, 2013 6:06 AM
Hi,
are you using Hyper-V or VMware for the VM with TMG? You have to deal with special Multicast considerations in VM environments. For example in a Hyper-V Environment you must enable the spoofing of MAC addresses in the Virtual NIC properties:
http://blogs.msdn.com/b/clustering/archive/2010/07/01/10033544.aspx
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006580regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.nt-faq.de
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Thursday, March 07, 2013 7:55 AM
-
Friday, February 08, 2013 6:12 AMI'm using a Hyper-V environment. I applied that setting in the Virtual Machines and rebooted them but this doesn't seem to correct the problem.
Cory Gehr
-
Friday, February 08, 2013 11:03 AM
We had this problem as well. VIPs on an NLB with multicast. We even had an CCIE take a look at it. Nothing left to do to change the NLB to unicast mode. Then it worked without issues.
regards
richard
-
Friday, February 08, 2013 2:56 PMI'd like to avoid that as much as possible since I really don't the ability to easily create an intra-array network, unless I can somehow easily do that between two Forefront servers.
Cory Gehr
-
Thursday, February 14, 2013 7:29 AMModerator
Hi,
Thank you for the post.
Please refer to this blog to add a static ARP table entry and see if it works:http://blogs.technet.com/b/networking/archive/2009/01/15/unable-to-connect-to-windows-server-2008-nlb-virtual-ip-address-from-hosts-in-different-subnets-when-nlb-is-in-multicast-mode.aspx
Regards,
Nick Gu - MSFT
- Marked As Answer by Nick Gu - MSFTMicrosoft Contingent Staff, Moderator Tuesday, February 19, 2013 4:16 AM
.png)
