none
NLB ist not starting RRS feed

  • Question

  • Hi,

    we are trying to implement UAG DA with SP1 on a VMWare ESX 4.0 U1 Platform (E1000 NIC drivers). We have installed 2 W2K8 R2 Servers (with NLB Fix regarding ISATAP) and tried to configure Multicast NLB (which should be supported in SP1 - regarding to Tom Shinder and Jason Jones). However the problem is, that after configuring NLB the NLB driver does not start correctly. You can start it on one server but if you start it on the other (through TMG Management console) both NLB drivers get stopped. In the Event Log you can see error messages like:

    "The administrator has requested to stop Network Load Balancing on the local computer"

    I have the suspicion that VMware is the cause, e.g. the E1000 NIC driver.

    Any ideas?

    Best regards

    Thomas

    Wednesday, May 4, 2011 9:57 AM

Answers

  • The problem is obviously solved.

    I re-created the Array, this time I entered the domain name as NetBIOS name and not as before as DNS name.

    After re-activating NLB everything works as expected ;-)

    Best regards

    Thomas

    P.S.: This little difference did cost us days of troubleshooting - this really sucks :((((((

    Thursday, June 23, 2011 4:07 PM

All replies

  • What TMG rollups have you applied?

    Are you running Windows SP1?

    Do you get the same problems with unicast mode?

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, May 4, 2011 10:09 AM
    Moderator
  • Also, what errors do you get in the TMG console?
    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Wednesday, May 4, 2011 10:17 AM
    Moderator
  • Hi Jason,

     

    yes, W2K8 R2 SP1 is installed. However the problem did occur originally without SP1. Installing it was only a test to see if it changes anything. We have not tested Unicast NLB yet as we cannot use it (distributed environment) and would need to re-configure the network in order to do so.

    Currently TMG SP1 UPdate 1 with Rollup Fix 3 (KB2498770), Version 7.0.9027.441 is installed.

    In the TMG console you see only NLB Stopped Manually "The administrator has requested to stop Network Load Balancing on the local computer" & Local NLB configuration change "The Firewall service identified changes to the local Network Load Balancing state. Stopping and starting Network Load Balancing on the local computer is supported only through Forefront TMG Management. Any local changes will be overridden."

    In the UAG Web Monitor you see NLB Status Unknown and Synchronisation Status Error. You cannot apply any option there.

     

    Best regards

    Thomas

    Wednesday, May 4, 2011 10:33 AM
  • Another thing: might it be caused by group policies? I will do another test with VMXNet3 drivers, maybe that changes anything.
    Wednesday, May 4, 2011 10:45 AM
  • Hi Thomas,

     

          Can you let me know your vSwitch configuration as this can have a big impact on NLB....

     

    Thanks,


    James.

    Wednesday, May 4, 2011 10:57 AM
  • Hi James,

     

    in VMWare no changes were made on the vSwitch default configuration, i.e. Promiscious mode not allowed, MAC address changes allowed, Adress spoofing allowed.

     

    Best regards

    Thomas

    Wednesday, May 4, 2011 11:06 AM
  • That should be OK then.... It may be that you need to manually add ARP entries onto the switches they are plugged into (http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006525)

    This is based on Cisco but if you have different switches it will probably still be applicable. Have you changed the NIC to VMXNet3 yet and did this make any difference?

    Thanks,

    James.

    Wednesday, May 4, 2011 2:13 PM
  • Hi James,

    that's already done. The L3 device is a firewall. Dynamic ARP is working fine on it, i.e. it gets the correct ARP entries (Multicast MAC for all VIPs). We have also statically configured the MAC in the Cisco Forwarding Table otherwise this would induce switch flooding (that would not be a general problem though). The problem is not with accessibility than a general one, i.e. NLB is not starting at all.

    Best regards

    Thomas

    Wednesday, May 4, 2011 2:18 PM
  • Just another information:

    When using VMWare VSphere 4.1.0 with 2 VXNet3 NICs NLB Multicast works like a charm ;-)

    This leads me to the conclusion that the E1000 driver is causing the issue (certainty of 99%)

    Thursday, May 19, 2011 12:55 PM
  • Thanks for the update!
    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    Thursday, May 19, 2011 12:56 PM
    Moderator
  • Hi Jason,

    you're welcome!

    Cheers

    Thomas

    P.S.: We should have a pint sometime, let me know when you are in Germany (I guess I won't come to Bournemouth in the near future ;-))

    Thursday, May 19, 2011 1:00 PM
  • The problem is obviously solved.

    I re-created the Array, this time I entered the domain name as NetBIOS name and not as before as DNS name.

    After re-activating NLB everything works as expected ;-)

    Best regards

    Thomas

    P.S.: This little difference did cost us days of troubleshooting - this really sucks :((((((

    Thursday, June 23, 2011 4:07 PM
  • Hello Thomas,

    I am on my third rebuild of the UAG servers & Array and everytime I have had this issue where NLB fails to start and the nodes loose connection with eachother.  I am running UAG 2010 SP1 Update - 1.  I haven't installed any TMG hotfixes yet as I didn't know if it was kosher to do so or not.   I am a about to look for updated NIC drivers and just wanted clarification as to where you entered the domain name in the configuration.  If you could reply with the specific spot where you made this change I would be really grateful.  I have been struggling with this install for 2 weeks now.

    Thanks,

     

    Ryan.


    - Ryechz
    Thursday, September 29, 2011 8:30 PM
  • Just want to add something to this.

    UAG SP1 NLB with Multicast on Vmware works now but only with VMXnet3.

    E1000 is a no go for NLB with Multicast.

    Thanks

    Wednesday, April 4, 2012 9:17 PM