Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
523
Views
0
Helpful
1
Replies

Windows Network Load Balancing - Cisco 2911/Cisco 2960

TrevorNWatson1
Level 1
Level 1

‎10-02-2015 09:28 AM - edited ‎03-05-2019 02:26 AM

Hello,

We are currently attempting to set up NLB on a new Windows Server 2012 R2 server (second server to come soon) and are having some issue accessing our websites from outside. 

 

Our configuration is External IP -> Cisco 2911 Router (192.168.5.1) -> Cisco 2960 Switch (192.168.5.2) -> All our servers

 

The NLB is configured for ICMP multicasting.

 

We have configured the one server (192.168.5.21) with the main IP address of the NLB as 192.168.5.110.  This has 4 other addresses (192.168.5.111 -> 192.168.5.115) and the "direct ip" of 192.168.5.211. 

 

If we point our external traffic directly to the server's address at 192.168.5.21 the sites are served with no issue (but obviously, no load balancing).

 

ip nat inside source static tcp 192.168.5.21 8081 208.xx.x.xxx 8081 extendable
ip nat inside source static tcp 192.168.5.21 8085 208.xx.x.xxx 8085 extendable
ip nat inside source static tcp 192.168.5.21 8087 208.xx.x.xxxx 8087 extendable
ip nat inside source static tcp 192.168.5.21 8088 208.xx.x.xxxx 8088 extendable

 

We'd like to point them all at 192.168.5.110 for the NLB

We've added the ARP entry to point 192.168.5.110 to the proper MAC address

Internet  192.168.5.110           -   0100.5e7f.056e  ARPA

and are able to ping the IP address

#ping 192.168.5.110
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.110, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

But don't have ARP entries for the other IP addresses (and can't ping them).

The following entries were configured by one of the techs on the switch while attempting to get this to work.

mac address-table static 0100.5e7f.056f vlan 1 interface GigabitEthernet0/17 GigabitEthernet0/18 GigabitEthernet0/19 GigabitEthernet0/20
mac address-table static 0100.5e7f.056e vlan 1 interface GigabitEthernet0/17 GigabitEthernet0/18 GigabitEthernet0/19 GigabitEthernet0/20
mac address-table static 0100.5e7f.0571 vlan 1 interface GigabitEthernet0/17 GigabitEthernet0/18 GigabitEthernet0/19 GigabitEthernet0/20
mac address-table static 0100.5e7f.0570 vlan 1 interface GigabitEthernet0/17 GigabitEthernet0/18 GigabitEthernet0/19 GigabitEthernet0/20

 

Just to re-state, we can ping the main IP address (192.168.5.110), serve the sites on the actual IP address (192.168.5.21), but cannot see or serve the sites on the NLB address or ping any of the nodes.

 

Thank you in advance,

 

Trevor Watson

 

Labels:
0 Helpful
1 Reply 1

TrevorNWatson1
Level 1
Level 1

‎10-02-2015 10:00 AM

One other thing for debugging.

Using telnet from the switch to the IP addresses (192.168.5.21 and 192.168.5.110), I get a 404 error (from IIS, which means it's hitting a Windows box at least) when trying to get a page.  However, attempting to access the site from outside, I just don't get anything.

 

Thanks again.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card