Lesson 2: Planning NLB Clusters

NLB allows you to scale IP services across as many as 32 hosts in a cluster. Because NLB is a fully distributed software solution, it can run on every host in parallel, so if one host fails, the cluster continues to run. NLB leverages the ability of switches and hubs to deliver traffic in parallel to all the clustered hosts, allowing it to deliver much higher throughput than a centralized solution. At the same time, NLB allows you to assign a virtual IP address to the cluster, which presents a single system image of the cluster to the clients. When implementing NLB, you must consider a number of factors as you plan how to set up the clusters in your organization. For example, you must determine how many hosts should be included in a cluster. This lesson describes each step that you should follow when planning NLB clusters in your organization.

After this lesson, you will be able to

• Plan an NLB cluster and identify the possible failures that can interrupt access to resources
• Choose applications to run on an NLB cluster
• Determine the size of the NLB cluster
• Optimize NLB clusters

Estimated lesson time: 25 minutes

Planning for NLB

You should consider a number of steps when planning an NLB cluster, including identifying network risks, determining which applications to use, choosing an NLB model, sizing NLB clusters, determining capacity requirements, and planning for fault tolerance. This section discusses each of these steps.

Identifying Network Risks

When you identify network risks, you identify the possible failures that can interrupt access to network resources. Single points of failure can include hardware, software, or external dependencies, such as power supplied by a utility company or dedicated wide area network (WAN) lines.

In general, you provide maximum availability when you minimize the number of single points of failure in your environment and provide mechanisms that maintain service when a failure occurs.

In the case of NLB, you also provide maximum availability when you do the following:

• Load balance only the applications that are appropriate to NLB.
• Make sure that application servers are properly configured for the applications they’re running.

A principal goal of NLB is to provide increased availability. A cluster of two or more computers ensures that if one computer fails, another computer is available to continue processing client requests. However, NLB isn’t designed to protect all aspects of your workflow in all circumstances. For example, NLB isn’t an alternative to backing up data. NLB protects only access to the data, not the data itself. Also, it doesn’t protect against a power outage that would disable the entire cluster.

Windows 2000 Advanced Server has built-in features that protect certain computer and network processes during failure. These features include RAID-1 (disk mirroring) and RAID-5 (disk-striping with parity). When planning your NLB environment, look for areas where these features can help you in ways that NLB can’t.

Determining Which Applications to Use

In general, NLB can scale any application or service that uses TCP/IP as its network protocol and is associated with a specific TCP or User Datagram Protocol (UDP) port.

An application can run on an NLB cluster under the following conditions:

• The connection with clients is configured to use IP.
• The application to be load balanced uses TCP or UDP ports.
• Multiple identical instances of an application can run simultaneously on separate servers. If multiple instances of an application share data, there has to be a way to synchronize the updates.

NLB uses port rules that describe which traffic to load balance and which traffic to ignore. By default, NLB configures all ports for load balancing. However, you can modify the configuration that determines how incoming network traffic is load balanced on a per port basis. To modify the default behavior, you create port rules that cover specific port ranges.

The following list includes examples of services and their associated ports:

• HTTP, used by applications such as IIS: port 80
• HTTP Secure (HTTPS), used with Secure Sockets Layer (SSL) for encrypting Web traffic: port 443
• FTP, used for downloading files: port 21, port 20, and ports 1024 –65535
• Trivial File Transfer Protocol (TFTP) servers, used by applications such as Bootstrap Protocol (BOOTP): port 69
• Simple Mail Transport Protocol (SMTP), used by applications such as Microsoft Exchange: port 25
• Terminal Services: port 3389

To be load balanced successfully, an application or service must be designed to allow multiple instances (multiple copies of a program) to run simultaneously, one on each cluster host. For example, an application must not make updates to a file that will in turn be synchronized with updates made by other instances unless it explicitly provides a means to do so. To avoid this problem, set up a back-end database server to handle synchronized updates to shared-state information.

In addition, you commonly use NLB with the following servers:

• VPN servers An extension of a private network that encompasses links across shared or public networks such as the Internet
• Streaming media servers Software (such as Microsoft Media Technologies) that provides multimedia support, allowing you to deliver content through the use of Advanced Streaming Format over an intranet or the Internet

After you’ve determined that your organization would benefit from load balancing PPTP or streaming traffic, NLB is a good choice for VPN servers and streaming media servers.

Before load balancing an application in an NLB cluster, review the application license or check with the application vendor. Each application vendor sets its own licensing policies for applications running on clusters.

Choosing an NLB Model

You can configure NLB by using one of four models. Each model has specific advantages and disadvantages. Lesson 3, "Choosing an NLB Model," discusses each of these models.

Sizing NLB Clusters

Cluster size, defined as the number of hosts participating in the cluster (which can be up to 32 in an NLB cluster), is based on the number of computers required to meet the anticipated client load for a given application.

For example, if you determine that you need six computers running IIS in order to meet the anticipated client demand for Web services, then NLB will run on all six computers and your cluster will consist of six cluster hosts.

As a general rule, add servers until the cluster can easily handle the client load without becoming overloaded. The maximum cluster size you need is determined by network capacity on a given subnet. The exact number depends on the nature of the application.

Always be sure that there’s enough extra server capacity so that if one server fails, the remaining servers can accommodate the increased load.

When the cluster subnet approaches saturation of the network, add an additional cluster on a different subnet. Use round-robin DNS to direct clients to the clusters. You can continue to add clusters in this manner as the network demand grows. Since round-robin DNS contains only cluster IP addresses, clients are always directed to clusters instead of to individual servers and therefore never experience an outage due to a failed server. In some deployments requiring high bandwidth, you could use round-robin DNS to split incoming traffic among multiple, identical NLB clusters.

In Figure 5.8, the IP request discovers DNS (www.proseware.com), which resolves to the virtual IP address of NLB Cluster 1 (10.1.0.1) and passes the request to that NLB cluster. Subsequent requests are then sent to Cluster 2 (10.2.0.1) and Cluster 3 (10.3.0.1) and then continue in a round-robin fashion.

Figure 5.8 - Round-robin DNS among identical NLB clusters

You can use a switch to separate incoming traffic in cases where you have more than one cluster. If you use network switches and you deploy two or more clusters, consider placing the clusters on individual switches so that incoming cluster traffic is handled separately. A switch is used to connect cluster hosts to a router or other source of incoming network connections.

Determining Capacity Requirements

After you determine your cluster size, you’re ready to configure individual cluster hosts. In general, you should base this determination on the types of applications you plan to load balance and the client demand you anticipate on these applications. Some server applications, such as file and print servers, are extremely disk-intensive and require very large disk capacities and fast input/output (I/O). Cluster capacity requirements are discussed in more detail in Chapter 7, "Capacity Planning."

Planning for Fault-Tolerant Disks

Disk failure can result in the irrecoverable loss of data and will cause NLB to stop functioning, along with the server and all its other applications. For this reason, you might want to consider using special methods to protect your disks from failure. Two common solutions are software-based or hardware-based RAID. The use of a fault-tolerant RAID solution ensures that data isn’t lost if a member of a disk set fails.

In a hardware solution, the controller interface handles the creation and regeneration of redundant information, and data is stored across an array of disks. In Windows, the software handles the creation and regeneration functions, and data is stored across an array of disks or across a set of virtual drives.

Disk arrays consist of multiple disk drives coordinated by a controller. Individual data files are typically written to more than one disk in a manner that, depending on the RAID level used, can improve performance or reliability.

Note that if a fault occurs, there’s no fault tolerance until it is repaired. Few RAID implementations can withstand two simultaneous failures. When you replace the failed disk, you can regenerate the data by using the redundant information. Data regeneration occurs without bringing in backup tapes or performing manual update operations to cover transactions that took place since the last backup. When data regeneration is complete, all data is current and again protected against disk failure. The ability to provide cost-effective high data availability is the key advantage of disk arrays.

Software RAID

Windows 2000 Advanced Server supports three software RAID solutions: RAID-0, RAID-1, and RAID-5. Only RAID-1 and RAID-5 provide for fault tolerance. The purpose of RAID-1 and RAID-5 is to guard against the loss of data in the event of a catastrophic hard disk failure. Any server on which NLB is running can benefit from this. If a disk fails, the server will continue to operate as if no disk failure had occurred, as will NLB itself and the load-balanced applications.

The major differences between RAID-1 volumes and RAID-5 volumes are hardware requirements, performance, and cost. Choosing between mirrored and RAID-5 volumes depends on your computing environment. RAID-5 volumes are a good solution for data redundancy when most activity consists of reading data. For example, if your network has a server on which you maintain all copies of the programs used by the people at that site, this might be a good case for using a RAID-5 volume. It enables you to protect the programs against the loss of a single disk in the striped volume. In addition, the read performance improves because of the concurrency of the reads across the disks that make up the RAID-5 volume.

In an environment in which the information is frequently updated, using mirrored volumes is usually better. However, you can use a RAID-5 volume if you want redundancy and if the mirror’s storage overhead cost is prohibitive.

Hardware RAID

The computers on which NLB is installed can use a variety of hardware RAID configurations. Because many hardware RAID solutions provide power, bus, and cable redundancy within a single cabinet and track the state of each component in the hardware RAID firmware, they provide data availability with multiple redundancies, protecting against multiple points of failure.

Hardware RAID solutions also use an onboard processor and cache to provide outstanding performance. Windows 2000 and NLB can use these devices as standard disk resources. Though much more expensive than software RAID, hardware RAID is generally considered the superior solution.

Making a Decision

The process for planning an NLB cluster includes a number of steps. In each step you must make decisions about hardware and software configurations. Table 5.1 describes many of the considerations that you should take into account for each step.

Table 5.1 Planning an NLB Cluster

Step	Description
Identifying network risks	When implementing NLB clusters and the environment in which they’re located, you should minimize the number of single points of failure and provide mechanisms that maintain service as a failure occurs. You should also load balance only applications that are appropriate to NLB and make sure application servers are configured for the applications they’re running.
Determining which applications to use	The applications must use IP to connect with clients and must use TCP or UDP ports. Multiple instances of the application must be able to run simultaneously on separate servers. If multiple instances share data, there must be a way to synchronize updates.
Choosing an NLB model	You can configure NLB by using one of four models. NLB models are discussed in Lesson 3, "Choosing an NLB Model."
Sizing NLB clusters	Cluster size is based on the number of computers required to meet the anticipated client load. You should add servers until the cluster can easily handle the client load without becoming overloaded. The maximum size of the cluster is determined by network capacity. You can use round-robin DNS for clusters on different subnets.
Determining capacity requirements	You should base the size of the cluster hosts on the types of applications and the client demands. Determining capacity requirements is discussed in Chapter 7, "Capacity Planning."
Planning for fault-tolerant disks	You can use RAID to implement disk fault tolerance. RAID can be implemented as a hardware solution or a software solution. Windows 2000 supports two fault-tolerant software solutions: RAID-1 and RAID-5.

Recommendations

When planning an NLB cluster, you should adhere to the following guidelines:

• Eliminate single points of failure in hardware, software, and external dependencies. Use redundant services, components, and network connections, and keep replacement components on hand. Configure servers for the applications that they’re running and use only applications appropriate to NLB.
• Choose applications that use TCP/IP as their network protocol and are associated with specific TCP or UDP ports.
• Add enough servers to the cluster until the cluster can easily handle the client load. Be sure that there’s enough capacity so that if one server fails, the remaining servers can accommodate the increased load. Use round-robin DNS for clusters on different subnets.
• Use hardware RAID solutions for disk fault tolerance.

Example: An NLB Cluster for Northwind Traders

Northwind Traders imports gift items from Southeast Asia and sells these items to wholesale outlets in the United States and Europe. The company is setting up a Web-based system that will allow wholesale customers to place orders online. The goal of the site is to be available all day, every day, to accommodate various time zones and work schedules. To support this goal, Northwind Traders plans to use NLB to provide highly available Web servers.

Before implementing the cluster, Northwind Trading will use the planning process outlined in this lesson to determine how to set up the cluster. The first step is to ensure that any single points of failure in the network are eliminated. The Web site and its network infrastructure will use redundancy throughout the network to achieve high availability—for example, redundant switches and Internet Service Provider (ISP) connections will be used.

Northwind Trading is using IIS to provide Web services because IIS uses TCP/IP as its network protocol and is associated with port 80. In addition, multiple instances of IIS can run simultaneously on separate servers. Initially, the cluster will include six hosts. Northwind Trading projects that this many hosts can han-dle client load even if a server fails. The subnet in which the cluster is located will easily handle the cluster traffic and its projected growth. Multiple clusters aren’t necessary at this time.

To provide fault tolerance for each host, hardware RAID solutions—along with redundant controllers—will be used. Northwind Traders believes that hardware RAID’s initial expense is worth the improved performance, as compared to a software RAID solution.

Figure 5.9 shows how the NLB cluster will be configured for the Northwind Traders Web site. Notice that redundant switches and ISP connections are included in the design.

Figure 5.9 - NLB cluster for the Northwind Traders Web site

Lesson Summary

Before implementing an NLB cluster in your Windows 2000 network, you should follow specific steps as you plan the configuration of that cluster. First, you should identify network risks and eliminate any single points of failure. Your main goal in implementing NLB clusters and the network in which they reside is to provide increased availability. You must also determine which applications to run in your NLB clusters. Applications must use TCP/IP for network connections and must use TCP or UDP ports. Before implementing an NLB cluster, you should plan which NLB model you’ll use, how many hosts will be in the cluster, and what each host’s capacity requirements are. As a general rule, you should add servers until the cluster can easily handle the client load. Finally, you must plan for disk fault tolerance. You can make disks fault-tolerant by using hardware RAID or software RAID. Windows 2000 Server supports three types of software RAID solutions: RAID-0, RAID-1, and RAID-5; but only RAID-1 and RAID-5 provide fault tolerance. Although it’s much more expensive than software RAID, hardware RAID is generally considered the superior solution.