NLB Unicast Vs Multicast

by albandrod, posted in NLB, SharePoint 2010, SharePoint 2013

In this post I´m trying to explain the two kinds of Operation Mode we have in a NLB configuration.

This is one of the NLB Cluster properties that we need to know very clear. We need to understand both operation modes, the differences between them and when it is recommended each of them.

The Cluster Operation Mode is a property of the NLB Cluster that specifies how the NLB Cluster is going to manage the MAC addresses of the network adapters belonging to the NLB Cluster.

How NLB Cluster works

NLB Cluster is based in MAC spoofing, that is, overwriting every outgoing packet from the NLB Cluster (from any node) with the virtual MAC and the virtual IP and receiving every incoming packet to these virtual MAC and IP.

18

And, regarding the MAC address of the network adapters, there are two possibilities (two operation modes): Unicast and Multicast.

UNICAST

  • This is the default operation mode.
  • In this mode, the virtual MAC of the cluster is set to all the network adapters and the physical MAC address of the network adapter is not used. This means that all network adapters have only one MAC address (the virtual MAC Address of the cluster) and it´s the same for all of them.
  • Therefore, in ARP, the cluster IP (virtual IP) and the IP of every network adapter correspond to the virtual MAC.
  • This configuration does not allow communication between cluster nodes through these network adapters, since they share the MAC address (there would be the same source and destination MAC in packets at layer 2).
  • At this point, analyze if service and applications that will run in the NLB nodes and determine if communication between nodes will be required. If so, you cannot use Unicast unless you use a second network adapter in each node for hosts communication purposes.

MULTICAST

  • In this mode, the virtual MAC is added to all the network adapters, not replaced. This means that every network adapter will manage two MAC addresses (the virtual MAC and its physical MAC).
  • With this configuration, every network adapter, will use the virtual MAC only for communicate to NLB clients and the physical MAC
  • Therefore, in ARP, the virtual IP corresponds to the virtual MAC and IP of each network adapter corresponds to each physical MAC.
  • This configuration allows every network adapter to manage NLB clients traffic (virtual MAC/virtual IP) and host traffic (network adapter IP/physical MAC). So, communication between NLB nodes is possible at the same adapter.
  • At this point, you do not need specifically a second network adapter for hosts communication purposes.

UNICAST Vs MULTICAST

  • Microsoft recommendation is to use Unicast, unless we only have one network adapter and need hosts communication, in order to avoid problems with routers.
  • In some cases, ARP implementation of some routers (mostly CISCO) does not support using multicast MAC addresses. For that reason, NLB cluster is unreachable from other subnets. The workaround of this issue usually is to add a static ARP route in the routers.
  • Regarding performance, Unicast in general can offer better performance, for Multicast is using the same network adapter for manage two kinds of traffic.
  • Virtualization…

Remember also that…

  • Regardless the operation mode, network adapters will have two IPs: the virtual IP and the specific IP of the adapter.

The virtual MAC address, this is the cluster MAC is automatically generated so we cannot specify the virtual MAC we want to use.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s