none
UAG NLB Unicast on HyperV R2 and multiple VIP RRS feed

  • Question

  • Hi there,

    We have configured a new UAG array (update 1 and TMG SP1) consisting of two members with NLB enabled in Unicast mode. Both are VM's on HyperV R2 with MAC address spoofing enabled. We use multiple trunks and configured multiple VIP's for them in NLB. Both members only have one DIP on the external adapter. The issue we have is that for the first configured VIP which is also used as the source MAC, we are unable to use this VIP for a trunk. We can configure everything and activate the config andso but the trunk keeps unreachable on that specific VIP. All other VIP's are working fine and the VIP in question is in the middle of a routed subnet so routing can't be an issue here. Also in NLB manager or in web monitor the array is synced and converged.

    Tuesday, July 13, 2010 12:31 PM

Answers

  • I would suggest setting up a network-monitor capture on both sides to analyze which traffic is being received. You should also look at the TMG Monitoring tab to see if there's any traffic from outside being denied - perhaps you have configured the address incorrectly, and TMG is denying the traffic.
    Ben Ari
    Microsoft CSS IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Monday, July 26, 2010 10:04 PM
    Monday, July 26, 2010 10:03 PM

All replies

  • Pretty sure I have used that scenario and not had any problems...how is the networking layer configured?


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Tuesday, July 13, 2010 11:47 PM
    Moderator
  • We use a separate VLAN for this subnet (/28) from which the tag is configured in HyperV under trunking. Port based VLAN on HP Procuve switches.
    Wednesday, July 14, 2010 1:07 PM
  • I would suggest setting up a network-monitor capture on both sides to analyze which traffic is being received. You should also look at the TMG Monitoring tab to see if there's any traffic from outside being denied - perhaps you have configured the address incorrectly, and TMG is denying the traffic.
    Ben Ari
    Microsoft CSS IAG Support
    Sammamish, WA
    • Marked as answer by Erez Benari Monday, July 26, 2010 10:04 PM
    Monday, July 26, 2010 10:03 PM
  • We finally solved the issue by disabling ip routing on the switches (L3 > L2) and adding a device for L3 routing. It's now working fine with VLAN trunking on HyperV.
    Thursday, July 29, 2010 2:36 PM
  • Great!

    Good to hear you got it working and thanks for the follow up!

    Tom


    MS ISDUA/UAG DA Anywhere Access Team
    Friday, July 30, 2010 1:01 PM
    Moderator