IGMP Multicast VLAN support

CaptainGiblets
CaptainGiblets used Ask the Experts™
on
Hi, i am trying to set up a Load balanced web server cluster.

I have configured it to use IGMP Multicast, now this works great for machines on the same VLAN as the web servers, i can drain roles and the other server takes over etc.

However, only our machines on the same VLAN can access the website. Any other machine in another VLAN times out.

I am using Dell N3000's in a stack with 4-5 VLANs. How can i configure IGMP to move support the other VLANs?

I am going to have a read also, but I would appreciate some advice as this is a live network (i wont do any changes until the weekend just in case)

Thanks in advance for any help!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
nociSoftware Engineer
Distinguished Expert 2018

Commented:
IGMP for loadbalancing?....
IGMP is meant for multicast... so one packet goes to several systems at the same time.
TCP is a protocol (HTTP uses TCP) that is point to point ie. Not one to many systems. The source can never cope with (conflicting answers from multiple destinations).
So i fail to see how this could work correctly....
Multicast is also bordered by routers. ie. It stops at routers. (unless the routers are setup for multicast...)
TO get accros from one (V)LAN -> another (V)LAN one needs a router.

For loadbalancing one probably one can better use software like haproxy to handle this.

Author

Commented:
I was just using the built in load balancer features in Windows Server 2019 "Network Load Balancing Manager" where i configured my NLB Cluster.

When i configured it gave me 3 options Unicast, Multicast and IGMP Multicast.

From what i read on this post https://blogs.technet.microsoft.com/netgeeks/2017/07/13/the-nlb-deployment-reference-all-you-need-to-know-to-implement-and-deploy-microsoft-network-load-balancing/ i got the idea that;

Unicast would spam my switches with traffic

Multicast would need quite a bit of static configuration

IGMP Multicast should kind of work out of the box as long as i enable IGMP Multicast (which it currently does as long as im on the same VLAN as the servers)
nociSoftware Engineer
Distinguished Expert 2018

Commented:
Oh windows cluster..., i'll leave that to windows experts.
Web-server / Networking doesn't imply windows.

From a network PoV:
On a regular network;  unicast will enter through one port and leave through another port (unless the destination MAC is unknown, then it will leave on all ports) in the same (V)LAN.
Multicast / Broadcast: will enter through one port and always leave through all ports in the same (V)LAN
So Unicast may "spam" the switch on the first packet, multicast will spam on all packets....  (like shooting with buck-shot).

Then again, Microsoft cluster NEVER use the MAC address on the UNICAST address as a source MAC address ==> the switch will still send all packets to all ports as it doesn't know where to send it.
So keep a Windows NLB cluster network small... (few nodes, few ports and ONLY NLB nodes in that network).

Haproxy works differently it is an application that keeps a list of backend servers and sends requests to one of the backends. It regularly measures availability etc. from the backend servers to avoid using dead ones.
If you like it can strip SSL/TLS, or   HTTP/2  for regular backends.  (it is the most commonly used tool in the "hardware" loadbalancers).
Commented:
I'm very familiar with NLB and multicasting.  To fix this issue, I had to create static ARP entries on our firewall for other servers to access any site or server in NLB.

Find the MAC address of the sites or server in NLB (you can also just use the NLB MAC address) and add in an ARP entry on your firewall or router, whichever does the routing for you.

If you don't want to do that, you can set it to Unicast and other servers would be able to access it, however, you have to be careful of Unicast flooding.

*edit*

Also, look into Application Request Routing which is way better than NLB and doesn't use multicasting:

https://www.iis.net/downloads/microsoft/application-request-routing

Author

Commented:
Do I just do the same to forward traffic over a Trunk port from other switches?

So if my trunk ports were part of a LAG I would add the MAC address to point to the LAG ports?

I will look in to Application Request Routing. Thanks for your help.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial