Solved

NLB Unicast vs. Multicast / flooding solutions

Posted on 2010-09-17
5
3,281 Views
Last Modified: 2012-05-10
Hi guys, my question is for solution #3 at the bottom regarding flooding solutions. it states to use a hub. Is it ok to use a switch instead? what is the difference?

Thanks.


February 21 - NLB Unicast vs. Multicast – Russ Kaufmann

As usual, confusion motivates me to blog some more. In this case, I have blogged this because I was confused, and I am pretty sure that I have it straight now. Comments may prove me wrong.

When designing, planning, testing, and implementing Network Load Balancing (NLB) Clustering, a choice has to be made regarding unicast vs. multicast. There are a few differences, but the main difference is in the way MAC addresses are implemented.

 

Unicast - Each NLB cluster node replaces its real (hard coded) MAC address with a new one (generated by the NLB software) and each node in the NLB cluster uses the same (virtual) MAC. Because of this virtual MAC being used by multiple computers, a switch is not able to learn the port for the virtual NLB cluster MAC and is forced to send the packets destined for the NLB MAC to all ports of a switch to make sure packets get to the right destination.

 

So, basically, the way NLB traffic is handled is kind of like this:

 

1. An inbound packet for IP address w.x.y.z (NLB Virtual IP) arrives

2. The ARP request is generated and is sent across all ports of the switch since there is no mapping at this point

3. All of the NLB cluster nodes respond with the same MAC

4. The switch sends the traffic to all ports because it is not able to tell which is the proper port and this leads to switch flooding

 

If an NLB cluster node is using unicast, NLB isn't able to tell each node apart as they all have the same MAC. Since each NLB cluster node has the same MAC, communication between NLB cluster nodes is not possible unless each NLB cluster node has an additional NIC with a unique MAC.

 

Multicast - NLB adds a layer 2 MAC address to the NIC of each node. Each NLB cluster node basically has two MAC addresses, its real one and its NLB generated address. With multicast, you can create static entries in the switch so that it sends the packets only to members of the NLB cluster. Mapping the address to the ports being used by the NLB cluster stops all ports from being flooded. Only the mapped ports will receive the the packets for the NLB cluster instead of all ports in the switch. If you don't create the static entries, it will cause switch flooding just like in unicast.

 

Flooding Solutions:

1. Hook all NLB devices to a hub and then connect it to a port on the switch. Since all NLB nodes with the same MAC come through the same port, there is no switch port flooding.

2. Configure a VLAN for all NLB cluster nodes to contain all NLB cluster traffic to just the VLAN and not run it over the entire switch.

3. Use multicast and configure static mapping for the NLB cluster nodes in the switch so it only floods the mapped ports instead of the entire switch.
0
Comment
Question by:dirkdigs
  • 2
5 Comments
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 500 total points
ID: 33706016
I assume you mean concerning solution #1 vs #3.
Using a hub, all traffic that comes in, goes back out to ALL ports on the switch.  On a normal switch, the switch learns what MAC addresses are on each port and maintains a table of all the addresses.  (This table is usually referred to as the ARP (address resolution protocol) table.)  What the author describes is what the switch does when it can't correctly determine which port it should really be doing, it switches to 'flooding', which means the switch essentially starts acting like a hub, sending packets back out on all the ports.

So, the answer: if the switches aren't cascaded or otherwise linked in management functions (or some other way in which they might share or communicate ARP tables), and you don't mind a small switch behaving like a hub.. then Yes, it's okay to use a switch instead... realizing that, in the scenario described, it will operate more like a hub than a switch.
--
Side node, if you really meant solution #3.  In some cases, you may need to enable multicasting on managed switches... and you may need to assign a static ARP entry for the extra multicast MAC address.
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 34388309
I think I did an 'okay' job answering "Is it ok to use a switch instead? what is the difference?" in http:#33706016 -- to which I would humbly suggest awarding the points.
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 34459496
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Download Logs File from Cisco Switch 1 39
VIRL IP adress 3 69
esx multi vlans 3 83
Location of files for Quick Access Toolbar (QAT) settings in Office 2010 3 29
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now