Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Grahame Horner

2 Posts

10241

July 8th, 2005 08:00

PowerConnect 5316M - Network Load Balancing

We have a number of PE1855's installed in a chassis with two 5316M switches; two of these PE1855's are to used as perimeter firewall's; running Windows 2003 Enterprise server and ISA 2004.  I wish to network load balance the ISA firewall on both external and internal (embedded) NICs; using the windows multi-cast, however need to stop multi-cast packets going over the public network.
 
1. Is this possible;
2. What method
 

DELL-Randy

132 Posts

July 8th, 2005 18:00

Starting with Windows 2003, NLB offers a new mode -- Multicast with IGMP.  If your topology supports the IGMP protocol, it would be ideal to enable IGMP Snooping and Bridge Multicast Filtering on the PowerConnect 5316M, then configure the rest of the environment to support IGMP.  This will utilize the standard Multicast MAC address -- 01-00-5E-1-2-3.
 
Otherwise, the Multicast feature of NLB uses a multicast MAC address -- 03-BF-1-2-3-4 -- however, this multicast MAC address may not be learned or manually entered into the switch.  Unicast will utilize a virtual IP Address however, multiple MAC addresses -- 02-BF-1-2-3-4 -- are bound to the same virtual IP address.  In either instance, the Layer 2 switch will not be able to associate traffic with a single destination, thus will flood all traffic destined for the NLB cluster IP address.
 
Per numerous documents (a simple Google search will return numerous results), if NLB is to be implemented on a Layer 2 switch, it is recommended to have (2) network adapters in the systems participating in the NLB cluster -- 1 adapter for NLB, the other for standard communication.  Each NLB network adapter should uplink into a hub which in turn uplinks into a single switch port. 

Grahame Horner

2 Posts

July 9th, 2005 14:00

Thanks for the reply;
 
Q: If I add an NIC's module for the UNICAST tarffic for both internal and external network on both ISA servers (PE1855s) would this module connect to the two existing 5316m switches; or would I be required to add extra 5316m modules
 
 

DELL-Randy

132 Posts

July 11th, 2005 14:00

My apologies -- I am not certain I understand the inquiry properly.  In regards to Unicast mode for NLB -- unicast traffic will still be flooded.  Thus, each 5316M that has a NIC participating in the NLB cluster attached to it will forward the NLB traffic to all ports. 

In regards to standard Unicast traffic -- it would be ideal to utilize a separate NIC for this type of traffic as each 5316M switch that has a NIC participating in NLB will be flooded with the NLB traffic, thus consuming the bandwidth that should be reserved for standard Unicast traffic. 

In the instance of the 1855, each NIC will interface with the respective switch -- NIC 1 interfaces with Switch-1, NIC 2 interfaces with Switch-2.  Having NIC 1 dedicated to NLB and having NIC 2 dedicated to the rest of the network will essentially segment the NLB traffic (Switch-1) from the standard network traffic (Switch-2).  It is now up to the configuration of your topology to ensure the traffic is not flooded from the 1855 to the rest of the network. 

Was this post helpful?

View All

No Events found!

Top