Window| Strategy | With the development of information construction in various industries, people put forward higher requirements for the processing ability and high availability of the network server. Especially in highly information-based enterprises, the key network services have become an important part of enterprise generation process, interruption of service means the interruption of production and the loss of opportunity.
Load balancing can not only solve the performance limit of single server effectively, but also can realize the fast transfer of fault, guarantee the high availability of service and flexible extensibility. As a result, load balancing is a required course for every network administrator. This article mainly describes the application of windows2003 in Network Load Balancing (Network Load Balancing).
Windows load balancing relies primarily on building a network load-balancing cluster to support load balancing for servers such as Web, FTP, Proxy, VPN, Windows Media, Telnet, and so on.
The principle of load balancing
NLB is actually a series of servers that provide the same services listening for service requests and allowing multiple application instances to run at the same time. The core of NLB is the Wlbs.sys filter driver that sits between the network adapter driver and the network layer. NLB distributes each IP packet to all cluster nodes and makes a unified decision about the packet's source address, destination address, Transport layer protocol, port, configuration parameters of the cluster, and the algorithm to be processed by one node while the other node discards the packet.
The concept of load balancing
Before you configure load balancing, you need to understand several key concepts.
Cluster IP address and subnet mask: The virtual IP address of the cluster is the "external" address that is represented in front of the customer.
Private IP configuration and subnet mask: The local IP address of each node of the cluster, uniquely identifying the nodes of the cluster.
Full Internet Name: A DNS name that can access this cluster, such as cluster.it.com.cn.
Cluster operation mode: detailed in the choice of the scenario.
Port rule: The new feature in Windows2003, which refines the control particles, can block the traffic of a particular application in a node, which is not possible in Windows2000.
Priority (single host identifier): range between 1-32 (32 is the maximum number of nodes for a cluster). This value determines how to handle incoming network traffic that is not contained in any of the port rules defined for the cluster. Hosts with the highest priority (the lowest priority) will handle all such traffic.
Requirements for load Balancing
The requirements of the operating system NLB is available in all versions of the WINDOWS2003 system. Clusters can be compatible with previous Windows Server operating systems (such as 2000,nt4.0).
Requirements for Network architecture
NLB can be run on a server connected to FDDI (Fiber Distributed Data Interface), Ethernet, and Gigabit Ethernet, but not on the token ring (token loop) network.
Requirements for network adapters
All network adapters must be in the WINDOWS2003 hardware Compatibility List. Under normal circumstances, the server's network card will meet the requirements.
Requirements for switches and routers
When you plan to use VLANs to prevent the exchange of data floods, you must ensure that the switch supports VLAN settings; When using multicast, some routers do not support the mapping of a unicast IP address to a multicast MAC address and need to be set manually.
Requirements for communication protocols
network adapters that are bound to the cluster can only install the TCP/IP protocol, and you must assign statically and do not support DHCP.
Requirements for Applications
It must first be TCP or UDP traffic, and determine that the current application or service must support NLB.
Design of Load Balancing
Because Network Load Balancing does not allocate traffic based on CPU and memory utilization, and performance does not change linearly as the number of nodes increases (because the resulting network overhead and CPU overhead increase as the scale increases), it is critical to properly design and plan load balancing.
The implementation of the cluster requires communication within the cluster (such as heartbeat information and aggregation communication) and data transfer for management and content replication. This part of the communication consumes the network's available bandwidth. To overcome the limitations of a single NIC, you can use a dual NIC, one for load clients, and another for transmission of internal communications, management, and content data.
The choice of cluster operation mode is an important step in design. Unicast mode means that each node's network adapter is assigned a virtual Mac (made up of 02-BF and cluster IP addresses to ensure the uniqueness of this Mac). Because all the network adapters that are bound to the cluster have the same Mac, there is no communication between the nodes in the case of a single NIC, which is one of the reasons for recommending a dual NIC configuration. In order to avoid data flooding of the switch, it should be combined with VLAN.
In multicast mode, the network adapter also allocates a multicast MAC address shared by each node while retaining the original MAC address. Therefore, even the single network card node can be normal communication between. However, the bandwidth consumption of single NIC, competitive network adapter and other shortcomings still exist.
In addition, some routers (especially Cisco products) do not support the automatic creation of unicast IP addresses and multicast mac ARP mappings, which require manual configuration. IGMP multicast (which can only be selected when multicast is selected), in addition to inheriting the benefits of multicasting, NLB sends an IGMP message every 60 seconds, allowing multicast packets to be sent only to this correct switch port, avoiding the production of switch data floods.
Port rules are a new feature of windows2003. NLB provides 3 filtering modes for banning, multihomed load balancing, and special handling of a single host for port rules. Among them, the multi-host filtering mode provides a true sense of load balancing, and can be based on the actual processing capacity of the node to allocate load.
The maximum number of nodes for a single cluster is 32, and if it is not enough, you can use the Round-robin Domain Name service to map the request to multiple clusters (but it also introduces a single point of failure DNS unless DNS redundancy).
Installation and configuration of load balancing
WINDOWS2003 introduces Network Load Balancing Manager (Control Panel-> management tools) to make load balancing installation and configuration simpler. The manager can easily implement cluster setup, deletion, node addition, deletion, modification and fault detection.
Run Network Load Balancing Manager, select cluster-> new, eject the Cluster Parameters dialog box, and configure as needed. As follows:
Next, you are prompted to add additional cluster IP, and if you do not need to, you can simply press "next" to configure the port. As an example of a Web cluster configuration, the typical port configuration is shown in the following illustration: If the session state is not saved on the cluster, then the similarity selection is not available, otherwise single or Class C is selected.
After that, specify a host connection and select an available network interface for setting host parameters:
Click "Finish" and the manager will automatically connect to the host for configuration to create a new cluster. You can double-click the log entry to find out what configuration the NLB manager has.
Although using NLB Manager is a Microsoft recommended method, using the NLB.EXE command line still has its unique advantages: Quick response and easy batch processing. Therefore, mastering the NLB command is also a requirement for rapid deployment.
Security Considerations for Load Balancing
The remote management characteristics of the cluster allow administrators to use NLB.EXE to manage clusters on remote computers. However, enabling this feature poses a security risk, such as password disclosure and DOS (Denial of service attacks). If enabled, make sure that passwords are complex enough and that access policies are configured on the firewall as needed (such as blocking UDP ports 1717 and 2504).
Summarize
Load Balancing load balancing is a comprehensive technology, which is often accompanied by the application of other technologies in the process of implementation. For example, the combination of Network Load Balancing clusters and server clusters is a good idea even associated with storage area networks or network-attached storage.