locked
IP Address for Active Cluster Node RRS feed

  • Question

  • Hi all,

    I'm re-designing our firm's main logon script and one of which purposes is to report the IP Address it uses to authenticate against AD.

    Like many have done before, I used Win32_NetworkAdapterConfiguration and it's all good.  However, when it comes to the Active Node in a cluster, there are two IP Addresses associated with the same NIC:

    Active Cluster IPs

    Using ipconfig.exe yields the same result:

    Cluster IPs

    Now, it's not hard to find out which is the actual IP Address of the node and which one is for the (Cluster Name Object), using the Route Table or probe DNS.  However, from the logon script perspective, what can I change to accommodate this special case??  I guess I can change the script to probe DNS for its own IP Address but that's a bit overbearing on the network and it actually doesn't work in the round robin scenario.

    Any thoughts?

    Thursday, October 8, 2015 11:05 PM

Answers

  • I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 3:42 AM
  • Hi Joe,

    You can use this to collect and find the data, as you can see you can visually tell which is the cluster IP.

    Use some logic and you are good to go.

    #These are the actual IPs of the Host, not the cluster IP
    PS> Get-ClusterNetworkInterface | select Node,Ipv4Addresses
    
    Node                                                        Ipv4Addresses
    ----                                                        -------------
    HOST-1                                                {192.168.10.5}
    HOST-2                                                {192.168.10.6}
    
    
    #This is the IP from the active host
    PS > Get-CimInstance Win32_NetworkAdapterConfiguration |?{$_.Index -eq 23}| select Desc*,IPaddress
    
    Description                                                 IPaddress
    -----------                                                 ---------
    Ethernet Adapter #2                         {192.168.10.7, 192.168.10.16, fe80::....}

    Extracting the IP:

    $Get the data in variables
    $node = Get-ClusterNetworkInterface ...
    $clus = Get-CimInstance Win32_NetworkAdapterConfiguration ...
    
    #Check the values
    PS > $node.IPv4addresses
    192.168.10.5
    192.168.10.6
    
    PS > $clus.IPaddress
    192.168.10.7
    192.168.10.6
    fe80::.....
    
    #Looking at this you know the Cluster IP is 192.168.10.7
    
    #Code to extract the IP
    PS > foreach($IP in $clus.IPaddress) {if (-not($IP -in $node.IPv4addresses) -and (-not([ipaddress]"$I
    P").IsIPv6LinkLocal)){$Ip}}
    192.168.10.7

    Refernces:

    PowerShell Tip: Validating IP Address as a Parameter


    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


    Friday, October 9, 2015 6:27 AM

All replies

  • I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 3:42 AM
  • The cluster name object is what's used to authenticate against the DC. You can then use the Get-ClusterResources PowerShell cmdlet to retrieve the IP address of the core cluster resource in the WSFC

    Edwin Sarmiento SQL Server MVP | Microsoft Certified Master/Solutions Master
    Blog | Twitter | LinkedIn
    Learn SQL Server High Availability and Disaster Recovery


    Friday, October 9, 2015 5:11 AM
  • Hi Joe,

    You can use this to collect and find the data, as you can see you can visually tell which is the cluster IP.

    Use some logic and you are good to go.

    #These are the actual IPs of the Host, not the cluster IP
    PS> Get-ClusterNetworkInterface | select Node,Ipv4Addresses
    
    Node                                                        Ipv4Addresses
    ----                                                        -------------
    HOST-1                                                {192.168.10.5}
    HOST-2                                                {192.168.10.6}
    
    
    #This is the IP from the active host
    PS > Get-CimInstance Win32_NetworkAdapterConfiguration |?{$_.Index -eq 23}| select Desc*,IPaddress
    
    Description                                                 IPaddress
    -----------                                                 ---------
    Ethernet Adapter #2                         {192.168.10.7, 192.168.10.16, fe80::....}

    Extracting the IP:

    $Get the data in variables
    $node = Get-ClusterNetworkInterface ...
    $clus = Get-CimInstance Win32_NetworkAdapterConfiguration ...
    
    #Check the values
    PS > $node.IPv4addresses
    192.168.10.5
    192.168.10.6
    
    PS > $clus.IPaddress
    192.168.10.7
    192.168.10.6
    fe80::.....
    
    #Looking at this you know the Cluster IP is 192.168.10.7
    
    #Code to extract the IP
    PS > foreach($IP in $clus.IPaddress) {if (-not($IP -in $node.IPv4addresses) -and (-not([ipaddress]"$I
    P").IsIPv6LinkLocal)){$Ip}}
    192.168.10.7

    Refernces:

    PowerShell Tip: Validating IP Address as a Parameter


    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.


    Friday, October 9, 2015 6:27 AM
  • Hi Joe,

    Another easy method.

    Ping the clustername.

    PS> Test-Connection sphost-clus -Count 1 | select __SERVER,Address,IPV4Address
    
    __SERVER                           Address                            IPV4Address
    --------                           -------                            -----------
    HOST-2                            cluster1                             192.168.10.7


    Regards,

    Satyajit

    Please“Vote As Helpful” if you find my contribution useful or “MarkAs Answer” if it does answer your question. That will encourage me - and others - to take time out to help you.



    • Edited by Satyajit321 Friday, October 9, 2015 6:40 AM
    Friday, October 9, 2015 6:40 AM
  • I believe this really comes down to "how does windows pick an IP address" and less to do with identifying "what IP is used for auth to a DC", since whatever IP windows picks, is used for all outbound traffic, unless otherwise configured.

    see the ~8 rules mentioned here:

    http://blogs.technet.com/b/networking/archive/2009/04/25/source-ip-address-selection-on-a-multi-homed-windows-computer.aspx

    this is also a good read:

    http://blogs.technet.com/b/networking/archive/2008/11/20/balancing-act-dual-nic-configuration-with-windows-server-2008-nlb-clusters.aspx

    TL;DR: in most cases, the lower IP address is chosen.




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    That's very deep and informatic.  Thanks Mike :)  However when I checked the Cluster Config it's in fact the higher IP address that's the node's actual IP address.  What I don't know is if it truly uses that IP address as its "Source IP"........

    I've asked the Network guys to do a trace to confirm this.
    Friday, October 9, 2015 4:29 PM
  • From HP:


    With TLB, the recovery mechanism provided is very similar to the NFT failover mode discussed in section titled, "Fail On Fault". In a two port TLB Team, the primary adapter receives all data frames, while the Non-Primary Adapter receives only heartbeat frames. Both adapters are capable of transmitting data frames. In the event of a failover, the Non-Primary Adapter becomes the Primary Adapter and assumes the MAC address of the Team. In effect, the two adapters swap MAC addresses. The new Primary Adapter now receives and transmits all data frames. If the old Primary Adapter is restored, it becomes a Non-Primary Adapter for the Team. It will now only receive heartbeat frames and be capable of transmitting data frames. If a Non-Primary Adapter fails in a two-port Team, the data frames being load balanced by the adapter are transmitted by the Primary Adapter. If a Non-Primary Adapter is restored, it remains Non-Primary, and the Team will resume load balancing data frames on that adapter. No MAC address changes are made when a Non-Primary Adapter fails or is restored.

    http://www.hp.com/sbso/bus_protect/teaming.pdf


    \_(ツ)_/

    Friday, October 9, 2015 4:46 PM
  • Please don't go off of my TLDR alone. :)

    while a given node is the "owner" of the cluster IP, it may use it for regular communication. In this sense, its no different than a multi-homed computer.




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Friday, October 9, 2015 4:58 PM
  • Thanks very much Satyajit321.  Very systematic way to find out the actual cluster setting.

    However it seems to be an overkill for just a general logon script to look for this information, as it is usually a normal user logging onto a normal workstation.

    I'll probably just grab the first IPv4 Address found and tell the security guys to take the IP Addresses from cluster hosts with a grain of salt.

    Thanks very much for your input, worthy for an answer.

    Friday, October 9, 2015 7:12 PM
  • Please don't go off of my TLDR alone. :)

    while a given node is the "owner" of the cluster IP, it may use it for regular communication. In this sense, its no different than a multi-homed computer.




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Very true.  It will take a packet trace to confirm which one wins.
    Friday, October 9, 2015 7:16 PM