Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Windows Network Load Balancing and pfSense

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    5 Posts 2 Posters 4.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cyberfinn
      last edited by

      Hey

      I want to host a number of Windows servers that are configured as NLB. My switches support IGMP snooping, but I've read several places that it is necessary that the router supports special ARP messages.

      Does pfSense supports these types of messages?

      Are there other things I should consider before I use NLB cluster in multicast mode?

      On this website (http://support.microsoft.com/kb/193602), describes the following:

      Multicast
      Note When the local router must send a packet to the virtual IP address, the local router uses address resolution protocol (ARP) to determine the virtual IP's MAC address. WLBS replies to these ARP requests. When you mask the source MAC address, the ARP response from WLBS has a substitute source MAC address in the Ethernet frame, but contains the correct cluster MAC address in the ARP header. Some routers cannot make this ARP mapping and must make a static ARP entry in the router. For additional information about static ARP requirements, click the following article number to view the article in the Microsoft Knowledge Base: 197862  (http://support.microsoft.com/kb/197862/ ) WLBS cluster is unreachable from outside networks

      The cluster uses a multicast MAC address that is mapped to a unicast IP address. The switch does not associate the multicast MAC addresses to a port, so the switch sends frames to this MAC address on all the ports. IP Multicast pruning implementations cannot limit the port flooding, therefore you must use a virtual LAN. Multicast provides no advantage over unicast from the switches perspective. The increased multicast processing overhead for routers and switches may lead to slower performance. Carefully analyze the effect on your network when you uses multicast to avoid congesting other network devices.

      I hope someone can help me

      1 Reply Last reply Reply Quote 0
      • C
        cyberfinn
        last edited by

        Is it maybe possible to add ARP mappings manually in pfSense?

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          No issue with the firewall there, the ARP NLB uses should work fine (I know of many who are using it).

          1 Reply Last reply Reply Quote 0
          • C
            cyberfinn
            last edited by

            Thanks

            Are you sure they are running NLB in multicast mode? All routere should work with the unicast mode, but it floods our DMZ.

            1 Reply Last reply Reply Quote 0
            • C
              cyberfinn
              last edited by

              cmb: Should I setup something on the PfSense or should it support NLB running in multicast-mode out of the box?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.