How to configure NLB not using ISA NLB integration
- Hi,Currently we are using ISA with NLB integration. But now we need to change the NLB affinity from single affinity to no affinity. Therefore we disabled the NLB integration in ISA and try to configure NLB using NLB manager.But we can only configure one node NLB. We got "Could not locate NLB on the specified computer" when connecting to other node. Is there any suggestion to configure ISA NLB with no affinity?
Answers
- This is not supported.
ISA Integrated NLB can only be managed through ISA management.
Jim Harrison Forefront Edge CS- Marked As Answer byNick Gu - MSFTMSFT, ModeratorMonday, October 19, 2009 3:38 AM
- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorThursday, October 15, 2009 9:05 AM
- Hi all,I know that using ISA Integrated NLB is a better way to manage NLB in ISA. But I required to have some changes which does not supported by ISA Integrated NLB, therefore I need to use NLB manager...Finally, I followed a KB articale: http://support.microsoft.com/default.aspx/kb/929102 to allow RPC traffic between my ISA array member and it solve my problem.Thank you for your kindly support
- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorWednesday, October 21, 2009 3:45 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorWednesday, October 21, 2009 3:45 AM
All Replies
- This is not supported.
ISA Integrated NLB can only be managed through ISA management.
Jim Harrison Forefront Edge CS- Marked As Answer byNick Gu - MSFTMSFT, ModeratorMonday, October 19, 2009 3:38 AM
- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorThursday, October 15, 2009 9:05 AM
- Thanks for your reply.I have disabled ISA Integrated NLB, can I manage Windows NLB using NLB manager?
Hi,
Thank you for your post.
If integrated NLB mode is not enabled for an array, NLB can be configured for the operating system using Windows-based NLB tools. However, if you choose to configure NLB without ISA Server NLB integration, none of the specific benefits of ISA Server load balancing will be available.
If you configure NLB using ISA Server integration, and then disable integrated NLB mode, the existing Windows NLB settings remain configured on each array member. You can use Windows NLB tools on each array member computer to further modify these NLB configuration settings.
For more information, please refer to the following article:
http://technet.microsoft.com/en-us/library/bb794741.aspx
Regards,
Nick Gu - MSFT- Hi Nick,Thanks for your support. I tried to use NLB manager after disabled NLB integrated mode. But I can only connect to one node of the NLB with error message "Could not locate NLB on the specified computer". Is there any suggestion to use NLB manager to configure two node?Thanks.
Hi,
Thank you for your update.
According to your description, I understand the problem you are experiencing is unable to add the other node when running NLBMGR.EXE on the ISA Server.
As far as I know, this is by design in an ISA 2004 Enterprise Edition array due to the locked down communication. The RPC traffic needed by NLB manager is not allowed. You need to create the following four rules. The first two will handle NLB manager traffic and the last two are replacing system policy rules (2 and 34) that are enforcing strict RPC compliance (preventing DCOM) with no way of turning it off.
Rule 1 above uses a computer set called NLBmgr Array Servers that only contains the IPs of the NLB cluster nodes. You can use Array Servers if they are all using NLB.
Rule 2 used a custom protocol definition (all high ports 1025-65535) to make sure NLB manager can communicate.
Rule 1,3 and 4 have RPC as allowed protocol. It has been configured not to enforce strict RPC compliance.
Make sure you disable system policy rule 2 and 34. After you have created the NEW rules that replace them. Check properties on any of the system policy rules 1, 6, 15 or 22 (these belong to the same Active directory configurations group). Make sure you clear the "Enforce strict RPC compliance" check box.Regards,
Nick Gu - MSFT- Hi Nick,You give me a clear picture on this problem. Thanks. You mentioned there are 4 rules I have to create. But is there more information that can help me to create the rules?Thanks.
Hi,
Thank you for your update.
Just like Jim said, Configuring NLB outside the ISA management is not recommended. Actually, you should use ISA Integrated NLB through ISA management.
Regards,
Nick Gu - MSFT- Hi all,I know that using ISA Integrated NLB is a better way to manage NLB in ISA. But I required to have some changes which does not supported by ISA Integrated NLB, therefore I need to use NLB manager...Finally, I followed a KB articale: http://support.microsoft.com/default.aspx/kb/929102 to allow RPC traffic between my ISA array member and it solve my problem.Thank you for your kindly support
- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorWednesday, October 21, 2009 3:45 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorWednesday, October 21, 2009 3:45 AM
