Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Cannot Perform Load Balancing with Network Load Balancing and Server Publishing Enabled


View products that this article applies to.

Summary

When you install Microsoft Internet Security and Acceleration (ISA) Server in a Network Load Balancing cluster, you may not successfully publish a server.

↑ Back to the top


More information

This issue occurs because you cannot use ISA Server and Server Publishing on a Network Load Balancing cluster. The ISA Server must act as the default gateway to the published server.

Note: This does not mean that the ISA Server must be the default gateway, but that you must use it to route packets to the external address, either directly (default gateway) or through other routers.

Network Load Balancing examines the destination IP address of packets that arrive on the Network Load Balancing interface. If the IP address is the dedicated IP address of a specific server, Network Load Balancing passes the packet to the TCP/IP stack so that the client communicates with a specific computer. Otherwise, Network Load Balancing load balances the packet, where it is passed to the TCP/IP stack on a non-specific computer.

If a client connects to an ISA server that is configured in a Network Load Balancing cluster, that ISA Server computer sends a connection request, which contains the source IP address of the client, to the published server. The reply packet that is sent to the client IP address is routed through the Virtual IP (VIP) in the Network Load Balancing cluster in this case. Because the destination IP address is not the dedicated IP address of the ISA Server, the packet is "load-balanced" where it is passed to the TCP/IP stack on a non-specific ISA server in the Network Load Balancing cluster, and not necessarily the server from which the request originated.

Therefore, you must configure the ISA Server computer to act as the default gateway for the published server because the server must function as a SecureNAT client of ISA Server . ISA Server is transparent to the published server. The published server thinks that it communicates directly with the client's IP address from the external network. Therefore, the published server must have a route through the ISA Server where it can send packets back to the client.

For additional information about Network Load Balancing, visit the following Microsoft Web site:For additional information about how to deploy ISA Server , visit the following Microsoft Web site:For more information about a related topic, view the following article:

How to Enable Translating Client Source Address in Server Publishing 311777

↑ Back to the top


Keywords: KB288574, kbinfo

↑ Back to the top

Article Info
Article ID : 288574
Revision : 9
Created on : 9/12/2007
Published on : 9/12/2007
Exists online : False
Views : 428