locked
IP Address for Active Cluster Node RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi all,

    I'm re-designing our firm's main logon script and one of which purposes is to report the IP Address it uses to authenticate against AD.

    Like many have done before, I used Win32_NetworkAdapterConfiguration and it's all good.  However, when it comes to the Active Node in a cluster, there are two IP Addresses associated with the same NIC:

    Active Cluster IPs

    Using ipconfig.exe yields the same result:

    Cluster IPs

    Now, it's not hard to find out which is the actual IP Address of the node and which one is for the (Cluster Name Object), using the Route Table or probe DNS.  However, from the logon script perspective, what can I change to accommodate this special case??  I guess I can change the script to probe DNS for its own IP Address but that's a bit overbearing on the network and it actually doesn't work in the round robin scenario.

    Any thoughts?

    Thursday, October 8, 2015 11:05 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.


    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 3:42 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Joe,

    You can use this to collect and find the data, as you can see you can visually tell which is the cluster IP.

    Use some logic and you are good to go.

    #These are the actual IPs of the Host, not the cluster IP
PS> Get-ClusterNetworkInterface | select Node,Ipv4Addresses

Node                                                        Ipv4Addresses
----                                                        -------------
HOST-1                                                {192.168.10.5}
HOST-2                                                {192.168.10.6}


#This is the IP from the active host
PS > Get-CimInstance Win32_NetworkAdapterConfiguration |?{$_.Index -eq 23}| select Desc*,IPaddress

Description                                                 IPaddress
-----------                                                 ---------
Ethernet Adapter #2                         {192.168.10.7, 192.168.10.16, fe80::....}

    Extracting the IP:

    $Get the data in variables
$node = Get-ClusterNetworkInterface ...
$clus = Get-CimInstance Win32_NetworkAdapterConfiguration ...

#Check the values
PS > $node.IPv4addresses
192.168.10.5
192.168.10.6

PS > $clus.IPaddress
192.168.10.7
192.168.10.6
fe80::.....

#Looking at this you know the Cluster IP is 192.168.10.7

#Code to extract the IP
PS > foreach($IP in $clus.IPaddress) {if (-not($IP -in $node.IPv4addresses) -and (-not([ipaddress]"$I
P").IsIPv6LinkLocal)){$Ip}}
192.168.10.7

    Refernces:

    PowerShell Tip: Validating IP Address as a Parameter

    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


    Friday, October 9, 2015 6:27 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.


    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 3:42 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    The cluster name object is what's used to authenticate against the DC. You can then use the Get-ClusterResources PowerShell cmdlet to retrieve the IP address of the core cluster resource in the WSFC

    Edwin Sarmiento SQL Server MVP | Microsoft Certified Master/Solutions Master
    Blog | Twitter | LinkedIn
    Learn SQL Server High Availability and Disaster Recovery


    Friday, October 9, 2015 5:11 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Joe,

    You can use this to collect and find the data, as you can see you can visually tell which is the cluster IP.

    Use some logic and you are good to go.

    #These are the actual IPs of the Host, not the cluster IP
PS> Get-ClusterNetworkInterface | select Node,Ipv4Addresses

Node                                                        Ipv4Addresses
----                                                        -------------
HOST-1                                                {192.168.10.5}
HOST-2                                                {192.168.10.6}


#This is the IP from the active host
PS > Get-CimInstance Win32_NetworkAdapterConfiguration |?{$_.Index -eq 23}| select Desc*,IPaddress

Description                                                 IPaddress
-----------                                                 ---------
Ethernet Adapter #2                         {192.168.10.7, 192.168.10.16, fe80::....}

    Extracting the IP:

    $Get the data in variables
$node = Get-ClusterNetworkInterface ...
$clus = Get-CimInstance Win32_NetworkAdapterConfiguration ...

#Check the values
PS > $node.IPv4addresses
192.168.10.5
192.168.10.6

PS > $clus.IPaddress
192.168.10.7
192.168.10.6
fe80::.....

#Looking at this you know the Cluster IP is 192.168.10.7

#Code to extract the IP
PS > foreach($IP in $clus.IPaddress) {if (-not($IP -in $node.IPv4addresses) -and (-not([ipaddress]"$I
P").IsIPv6LinkLocal)){$Ip}}
192.168.10.7

    Refernces:

    PowerShell Tip: Validating IP Address as a Parameter

    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


    Friday, October 9, 2015 6:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Joe,

    Another easy method.

    Ping the clustername.

    PS> Test-Connection sphost-clus -Count 1 | select __SERVER,Address,IPV4Address

__SERVER                           Address                            IPV4Address
--------                           -------                            -----------
HOST-2                            cluster1                             192.168.10.7

    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.



    • Edited by Satyajit321 Friday, October 9, 2015 6:40 AM
    Friday, October 9, 2015 6:40 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.


    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    That's very deep and informatic.  Thanks Mike :)  However when I checked the Cluster Config it's in fact the higher IP address that's the node's actual IP address.  What I don't know is if it truly uses that IP address as its "Source IP"........

    I've asked the Network guys to do a trace to confirm this.
    Friday, October 9, 2015 4:29 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    From HP:


    With TLB, the recovery mechanism provided is very similar to the NFT failover mode discussed in section titled, "Fail On Fault". In a two port TLB Team, the primary adapter receives all data frames, while the Non-Primary Adapter receives only heartbeat frames. Both adapters are capable of transmitting data frames. In the event of a failover, the Non-Primary Adapter becomes the Primary Adapter and assumes the MAC address of the Team. In effect, the two adapters swap MAC addresses. The new Primary Adapter now receives and transmits all data frames. If the old Primary Adapter is restored, it becomes a Non-Primary Adapter for the Team. It will now only receive heartbeat frames and be capable of transmitting data frames. If a Non-Primary Adapter fails in a two-port Team, the data frames being load balanced by the adapter are transmitted by the Primary Adapter. If a Non-Primary Adapter is restored, it remains Non-Primary, and the Team will resume load balancing data frames on that adapter. No MAC address changes are made when a Non-Primary Adapter fails or is restored.

    http://www.hp.com/sbso/bus_protect/teaming.pdf

    \_(ツ)_/

    Friday, October 9, 2015 4:46 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Please don't go off of my TLDR alone. :)

    while a given node is the "owner" of the cluster IP, it may use it for regular communication. In this sense, its no different than a multi-homed computer.


    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 4:58 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks very much Satyajit321.  Very systematic way to find out the actual cluster setting.

    However it seems to be an overkill for just a general logon script to look for this information, as it is usually a normal user logging onto a normal workstation.

    I'll probably just grab the first IPv4 Address found and tell the security guys to take the IP Addresses from cluster hosts with a grain of salt.

    Thanks very much for your input, worthy for an answer.

    Friday, October 9, 2015 7:12 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Please don't go off of my TLDR alone. :)

    while a given node is the "owner" of the cluster IP, it may use it for regular communication. In this sense, its no different than a multi-homed computer.


    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Very true.  It will take a packet trace to confirm which one wins.
    Friday, October 9, 2015 7:16 PM