Posted by: Sulaiman Syed
ARP, arp table, CAS, Cisco, HTS, mac-address table, microsoft, NLB, static, VMware
With the introduction of Exchange project, and the new e-mail system, there was a need to load balance Client Access Servers (CAS), and Hub Transport Servers (HTS) to serve the KFUPM community. The Load Balancer is done in software using the Microsoft NLB service.
The design requires the CAS and HTS to be load balanced, currently there are three (3) of each. The servers need to communicate with other vlan 140 servers for various reasons such as replications, authentications, etc.
The Consultant used NLB with Multicast-IGMP. This mode has its own disadvantages. It actually Map Unicast IP address to a Multicast Mac address within the ports. Microsoft TechNet has the NLB details. With this method, there is some work that needed to be done by the network engineers. Since the Servers were virtual, the required changes were not following the standard norms that can be applied for the physical servers. Referring to VMware Knowledge Base will highlight the changes required in Cisco Switches.
1- Change in ARP table associated the IP to the MAC address.
This was done in both distributions switched.
arp 10.140.8.74 0100.5e7f.084a ARPA
arp 10.140.8.75 0100.5e7f.084b ARPA
2- Change in the MAC address table to associate the MAC with the interfaces
Access switch 1 (all ports connected to ESX host directly)
mac address-table static xxxx.xxxx.xxxx vlan xx interface GigabitEthernet0/16 GigabitEthernet0/10 GigabitEthernet0/9 GigabitEthernet0/8 GigabitEthernet0/7
Distribution Switch (all ports that connected to switches connected to ESX hosts)
mac-address-table static xxxx.xxxx.xxxx vlan xx interface interface Port-channel5 GigabitEthernet1/0/4 GigabitEthernet1/0/3 GigabitEthernet1/0/7
mac-address-table static xxxx.xxxx.xxxx vlan xx interface interface GigabitEthernet1/0/24 GigabitEthernet1/0/23 GigabitEthernet1/0/4 GigabitEthernet1/0/3 GigabitEthernet1/0/7
Access Switch (All ports going to distributions switch, since no ESX is present)
mac-address-table static xxxx.xxxx.xxxx vlan xx interface GigabitEthernet1/0/23 GigabitEthernet1/0/24
As a conclusion, although we have done this work on all switches. This is really not the way. As a recommendation the NLB Design should be changed, since there a lot of manual entries that needed to be worked on the switch. Failures to do so might lead to an outage of service.