Cluster IP addresses
The IP address parameter specifies the cluster's primary
IP address. IPv4 addresses use the standard Internet dotted
notation (for example, w.x.y.z). IPv6 addresses use 16-byte
addresses, typically expressed in colon-hexadecimal notation.
Colon-hexadecimal notation uses eight 4-digit hexadecimal numbers,
with colons separating the 16-bit blocks (the 4-digit numbers).
To manage addresses more easily, IPv6 suppresses leading zeros
and compresses a single contiguous all-zero 16-bit block, represent
the contiguous block with two colons (::). This is known as
double-colon compression. An example of an IPv6 address with
leading zeros suppressed is:
The address is a virtual IP address, and it must be set
identically for all hosts in the cluster. This IP address is used
to address the cluster as a whole, and it should be the IP address
that maps to the full Internet name that you specify for the
If you want to add multiple IP addresses to the cluster, click
Add to enter the additional IP addresses. If you are
configuring a virtual private network (VPN) load-balancing cluster,
you should not configure the dedicated IP address. On a VPN, only
the cluster IP address should be present on each of the cluster
- The IP address parameter specifies the
cluster's primary IP address in standard Internet dotted notation
(for example, w.x.y.z). You can select a different IP address for
the cluster by clicking the drop-down list.
- The Subnet mask parameter denotes the
subnet mask for the IP address that is specified. The mask is
entered in standard Internet dotted notation (for example,
255.255.255.0). This is shown only when the cluster IP address is
an IPv4 address.
- The Full Internet name parameter
specifies a full Internet name for the NLB cluster (for example,
cluster.microsoft.com). This name is used for the cluster as a
whole, and it should be the same for all hosts in the cluster. If
you alias several names for the cluster, enter the primary (main)
name here. This name should be resolvable to the cluster's primary
IP address through your DNS server or Hosts file.
- The Network address parameter
specifies the media access control (MAC) address for the network
adapter that is to be used for handling client-to-cluster traffic.
If multicast support is disabled, the host reverts to unicast mode.
NLB automatically instructs the driver that belongs to the cluster
adapter to override the adapter's unique, built-in network address
and to change its MAC address to the cluster's MAC address. This is
the address used on all cluster hosts. You do not need to manually
configure the network adapter to recognize this address.
If you have other NLB clusters on one local subnet, each cluster
needs to use a different network address. When you select a
different primary IP address for each cluster, NLB automatically
ensures that the clusters use unique network addresses. Some
network adapters might not allow the built-in network address to be
modified. If you experience this issue, you must obtain and install
a different network adapter that supports this functionality.
- The Cluster operation mode parameters
specify whether a multicast MAC address should be used for cluster
operations. If multicast is enabled, NLB converts the cluster MAC
address that belongs to the cluster adapter into a multicast
address. It also ensures that the cluster's primary IP address
resolves to this multicast address as part of the ARP protocol. The
adapter can now use its original, built-in MAC address that was
disabled in unicast mode.
In multicast mode, you can also enable Internet Group Management
Protocol (IGMP) support, which limits switch flooding by limiting
traffic to Network Load Balancing ports only. That is, enabling
IGMP support ensures that traffic intended for an NLB cluster
passes through only those ports that are serving the cluster hosts
and not all switch ports.
If you select unicast support, NLB automatically instructs the
driver that belongs to the cluster adapter to override the
adapter's unique, built-in network address and to change its MAC
address to the cluster's MAC address. This is the address used on
all cluster hosts. You do not need to manually configure the
network adapter to recognize this address. (Note that some network
adapters do not support changing their MAC addresses. If you
experience this issue, you must install a network adapter that
NLB does not support a mixed environment of unicast and
multicast within a single cluster. Within each cluster, all network
adapters in that cluster must be either multicast or unicast.
Otherwise, the cluster will not function properly. There is no
restriction on the number of network adapters, and different hosts
can have a different number of adapters.
The Port Rules tab shows only the summary of existing
port rules. If you click Add or Edit, the following
parameters will be available:
- The Cluster IP address parameter
specifies the cluster IP address that the port rule should cover.
If this parameter is left blank and All is selected, the
port rule is a global port rule, and it will cover all cluster IP
addresses associated with that particular NLB cluster. If a cluster
IP address is specified, the port rule overrides any conflicting
global port rule for that particular cluster IP address.
- The Port range parameter specifies the
TCP/UDP port range that a port rule should cover. The default port
range is 0 to 65,535. Rules for a single port are encoded as a
range having the same starting and ending port numbers.
- The Protocols parameter lets you
choose the specific TCP/IP protocol that a port rule should cover:
TCP, UDP, or both. Only the network traffic for the specified
protocol is affected by the rule. Traffic that is not affected by
the port rule is handled by the default host.
- For Filtering mode, configure the
- The Multiple hosts parameter specifies
that multiple hosts in the cluster will handle network traffic for
the associated port rule. This filtering mode provides scaled
performance and fault tolerance by distributing the network load
among multiple hosts. You can specify that the load be equally
distributed among the hosts or that each host will handle a
specified load weight.
- The Single host parameter specifies
that network traffic for the associated port rule be handled by a
single host in the cluster according to the specified handling
priority. This filtering mode provides port specific fault
tolerance for handling network traffic.
- The Disable this port range parameter
specifies that all network traffic for the associated port rule be
blocked. In this case, the NLB driver filters all corresponding
network packets or datagrams. This filtering mode lets you block
network traffic that is addressed to a specific range of ports.
- The Affinity parameter is applicable
only for the Multiple hosts filtering mode.
As an extension to the Single and Network options,
you can configure a time-out setting to preserve client affinity
when the configuration of an NLB cluster is changed. This extension
also allows clients to keep affinity to a cluster host even if
there are no active, existing connections from the client to the
- The None option specifies that
multiple connections from the same client IP address can be handled
by different cluster hosts (there is no client affinity). To allow
Network Load Balancing to properly handle IP fragments, you should
avoid using None when selecting UDP or Both
for your protocol setting.
- The Single option specifies that NLB
should direct multiple requests from the same client IP address to
the same cluster host. This is the default setting for
affinity. You can optionally modify the NLB client affinity
to direct all client requests from a TCP/IP Class C address range
(instead of a single IP address) to a single cluster host by
enabling the Network option instead of the Single
option. This feature ensures that clients that use multiple proxy
servers to access the cluster can have their TCP connections
directed to the same cluster host.
- The Network option specifies that NLB
direct multiple requests from the same TCP/IP Class C address range
to the same cluster host. Enabling Network affinity instead
of Single affinity ensures that clients that use multiple
proxy servers to access the cluster have their TCP connections
directed to the same cluster host.
The use of multiple proxy servers at the client's site causes
requests from a single client to appear to originate from different
computers. Assuming that all of the client's proxy servers are
located within the same address range, Network affinity
ensures that client sessions are properly handled. If you do not
need this capability, use Single affinity to maximize scaled
Enabling Single or Network affinity ensures that only
one cluster host handles all connections that are part of the same
client session. This is important if the server application that is
running on the cluster host maintains a session state (such as
server cookies) between connections.
This does not preserve a session state with back-end databases
where many different transactions are occurring that involve many
different computers. When the connection ends, the session state
Disabling affinity allows for improved load balancing
because it allows multiple connections from the same client to be
handled concurrently by different cluster hosts. To maximize scaled
performance, disable the client affinity (by using the None
option) when it is not needed. However, to allow NLB to properly
handle IP fragments, you should avoid using None when
selecting UDP or Both for your protocol setting.
When using NLB to load balance VPN traffic, you must configure
the port rules that govern the ports handling the VPN traffic (TCP
port 1723 for PPTP/GRE and UDP port 500 for IPSEC/L2TP) to use
either Single or Network affinity.
- The Load weight parameter is
applicable only for the Multiple hosts filtering mode. You
can configure this parameter only when you open the port rules
dialog box through Host Properties. (This parameter is not
configurable when you open the port rules dialog box through
When using the Multiple hosts filtering mode, this parameter
specifies the relative amount of load-balanced network traffic that
this host should handle for the associated port rule. Allowed
values range from 0 (zero) to 100. To prevent a host from handling
any network traffic, set the load weight to 0 (zero). The actual
fraction of traffic handled by each host is computed as the local
load weight divided by the sum of all load weights across the
You can specify different load weights for each host in the cluster
by using the Load weight parameter. You can specify that all
hosts distribute the network load equally by using the Equal
load distribution parameter instead of the Load weight
- The Handling priority parameter is
applicable only for Single host filtering mode. You can
configure this parameter only when you open the port rules dialog
box through Host Properties. (This parameter is not
available when you open the port rules dialog box through
When Single host filtering mode is used, the Handling
priority parameter specifies the local host's priority for
handling the network traffic for the associated port rule. The host
with the highest handling priority (lowest numerical value) for
this rule among the current members of the cluster will handle all
of the traffic for this rule. The allowed values range from 1, the
highest priority, to the maximum number of hosts allowed (32). This
value must be unique for all hosts in the cluster. Although this
parameter is displayed in the Defined port rules list, you
configure this parameter on the Host Parameters tab.
- The Priority (Unique host ID)
parameter specifies a unique ID for each host. The host with the
lowest numerical priority among the current members of the cluster
handles all of the cluster's network traffic that is not covered by
a port rule. You can override these priorities or provide load
balancing for specific ranges of ports by specifying rules in the
Port rules tab.
If a new host joins the cluster and its priority conflicts with
another host in the cluster, the host is not accepted as part of
the cluster. The rest of the cluster will continue to handle the
traffic. A message describing the issue is written to the Windows
- The IP address parameter specifies
this host's unique IP address, which is used for network traffic
that is not associated with the cluster (for example, specifying
Telnet access to a specific host within the cluster). It should be
entered in standard Internet dotted notation (for example,
w.x.y.z). This IP address is used to individually address each host
in the cluster, and it should be unique for each host. The
dedicated IP address should always be entered first in TCP/IP
NLB references the dedicated IP address only when a single network
adapter is used to handle both client-to-cluster traffic and other
network traffic that must go specifically to the dedicated IP
address. NLB ensures that all traffic to the dedicated IP address
is unaffected by the NLB current configuration. This includes when
this host is running as part of the cluster and when NLB is
disabled due to parameter errors in the registry.
Typically, both the dedicated IP address and the cluster IP
address must also be entered in the Internet Protocol (TCP/IP)
Properties dialog box. Make sure that the addresses are the
same in both places. However, if you are configuring a virtual
private network (VPN) load-balancing cluster, you should not
configure the dedicated IP address. On a VPN, only the cluster IP
address should be present on each of the cluster hosts. The
dedicated IP address must be a static IP address—it cannot be a
- The Subnet mask parameter denotes the
subnet mask for the IP address specified. The mask is entered in
standard Internet dotted notation (for example, 255.255.255.0).
- The Initial host state parameter
specifies whether NLB will start and whether the host will
immediately join the cluster when the operating system is started.
For example, you might want to start other services manually and in
a specific order before starting NLB. Hosts can be commanded to
join and leave the cluster dynamically by using the Start
and Stop commands in NLB command-line control. If the
Retain suspended state after computer starts check box is
selected, when the host is shut down while in a suspended state,
the host will remain suspended when Windows is started.