Hello Everyone,
I'm troubleshooting an issue with windows NLB cluster and facing some challenges to make it work. When we add a new VM to the cluster, NLB VIP doesn't respond to hosts outside its vlan or IP subnet.
----------------------------------------------
NW Side:
- L3 device: Netscreen SSG-550M [Gateway for Server Subnet along with the policies]
Static arp mapping to VIP along with the port.
Eg: set arp 192.168.x.y 03bfc0a8xxyz ethernet0/1
- L2 SWs:
static mac configuration to the respective ports.
----------------------------------------------
Windows Side: [OS 2012 R2/Exchange: 2013]
NLB on HyperV with 2 NICs
1 with GW - for Management -
1 without GW - for NLB Communications
Tried to join a fresh VM to the cluster, when we pause the existing VM and bring up the new VM, NLB IP doesn't respond to the client requests.
Did a packet capture on the NLB NIC and found the following:
- NLB VIP is receiving the requests from the Users.
- NLB NIC IP is also receiving the requests from the Users.
- However NLB VIP is only responding the another server within the same subnet/vlan.
- No replies seen in packet capture response to the clients outside the same subnet/vlan.
From the troubleshooting and going through the various blogs; looks like I need to a static persistent route or enable forwarding. However we have a counter argument that its working fine with VM1 without a static route or any change of options.
Appreciate any inputs, if I'm missing some setting on SSG ?
Thanks.