• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1383
  • Last Modified:

NLB : unicast and multicast

Hi there,

I have a question regarding to the NLB clusters in Windows. What I'd like to know is what kind of information is exchanged between nodes in the cluster? i.e. the NLB traffic.

Also I'd to clarify a few things about the two modes: unicast and multicast.

In unicast mode, the cluster's MAC is masked for all outgoing traffic. Since the switch hasn't registered this MAC address, port flooding is induced. So with unicast mode, two members cannot communicate with one another as the NLB adapters has the same MAC address. For members to communicate with one another, a second adapter is required in this scenario.

1. So what exactly is this NLB traffic for and whom communicates on the NLB interface?
2. How would I physically setup clustering in unicast mode? Setting up to a cluster with two members on the same switch would cause all sort of issues as the MAC address are exactly the same .

In multicast modes, each member has it's own MAC and a virtual MAC for the cluster. The virtual MAC address for the cluster is a multicast address, so sending frames to the address should induce NLB traffic to flood through ports. Since the switches have a unique MAC address, they can communicate with one another directly. Due to having a multicast address in ARP replies, some routers will reject this frames and a static arp entry will be required to resolve this issue.

1. In multicast mode, would be possible to have the exact same NIC for NBL traffic as a means of cluster member communicating with one another?
2. In terms of of performance, which is better unicast or multicast? And how is performance improved?
3. With multicasting, will switches do the exact same things as broadcasting unless configured to do so? i.e. I'll have to configure the switches to send packets to stations in the multicast group.  

Thank you in advance.
  • 4
2 Solutions
I use unicast for NLB using VMs. It doesn't require anything on the switch, as long as the switch allows multiple MAC addresses on the same port. The NLB members need two NICs in unicast mode. One NIC is used for communicating with each node, and then the second NIC is for answering requests to the cluster.
dave558Author Commented:
I'm getting a lot of duplicates and retransmission errors when sniffing packets with wireshark.  

Is this normal for NLB to generate a lot of retransmission/duplicate packets?
dave558Author Commented:
It seems DFS replication is causing conflicts with the CAS array. After disable one file server momentarily, duplicates and retransmission errors has dropped off completely.

How things are setup are as follows:
* Two CAS servers setup in a CAS array  
* Two file servers with DFS replication

I can see packets getting sent to the CAS array from the file server with is rather unusual.  Any known problem with have something similar setup on the same network?
dave558Author Commented:
Yes, unicast mode will work and require a pair of NICs per member, one for NLB traffic and the other for host to communicate.

However, as normal switches are only able to assign a unique MAC address to a single port, traffic will only go to a single member of the NLB cluster. From what I've research, specialised switches capable of supporting NLB in unicast mode are required for load balancing to work properly.

NLB in multicast mode would be better in this scenario. Static MAC entries may be required as some gateways will filter out multicast MAC addresses.

In terms of performance between the two, I've read that unicast should be more efficient. Not really sure how performance is achieved and by how much, I haven't manage to find any documents detailing such information.
dave558Author Commented:
Answer most of my questions.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now