RE: ICMP Flood
- From: "John C. Shepard" <jshepard@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Wed, 7 Nov 2001 15:25:10 -0800
Robert, I had similar problem when I tried the same setup using a single
NIC per machine for NLB. After I installed another NIC for NLB
communication everything cleared out. Configuration was a lot easier and
cleaner that way. With a separate NIC for NLB you no longer need
Multicast support... Of course that means 3 NICs per box (if you don't
have a DMZ), small price in my opinion.
John Shepard
Network Administrator
atinera
-----Original Message-----
From: Weiss, Robert [mailto:WeissR@xxxxxxxxxx]
Sent: Wednesday, November 07, 2001 2:40 PM
To: [ISAserver.org Discussion List]
Cc: [ISAserver.org Discussion List]
Subject: [isalist] RE: ICMP Flood
http://www.ISAserver.org
John,
I should have mentioned that in my post. I am using the Load Balancing
on the internal interface only. The IP configuration for my server is
as follows:
External Interface
IP Address 207.254.161.xxx/27
Default Gateway 207.254.161.yyy - Router
Internal Interface
IP Address 172.24.1.160/16
172.24.1.158/16 - Cluster Address
Default Gateway Not set as per Microsoft documentation
Robert Weiss
Manager, Network and Academic Systems
Philadelphia University
Office of Information Technology
215-951-2689
http://www.PhilaU.edu/OIT <http://www.PhilaU.edu/OIT>
-----Original Message-----
From: John C. Shepard [ mailto:jshepard@xxxxxxxxxxx
<mailto:jshepard@xxxxxxxxxxx> ]
Sent: Wednesday, November 07, 2001 5:34 PM
To: [ISAserver.org Discussion List]; weissr@xxxxxxxxxx
Subject: RE: ICMP Flood
Robert, are you Load Balancing the internal interface?
John Shepard
Network Administrator
atinera
-----Original Message-----
From: Weiss, Robert [ mailto:WeissR@xxxxxxxxxx
<mailto:WeissR@xxxxxxxxxx> ]
Sent: Wednesday, November 07, 2001 2:29 PM
To: [ISAserver.org Discussion List]
Subject: ICMP Flood
Importance: High
We are having a strange problem with our ISA Servers.
We currently have three stand-alone servers running in integrated mode
using Network Load Balancing to create an ISA "cluster". When ever we
try to add a fourth server to the cluster, our network is overrun with
ICMP floods.
What I see when I "sniff" my network is thousands of
"Destination Host Unreachable" packets with the IP address of my
DNS/WINS/DHCP Servers to the IP address of my ISA Servers.
If I can't get Network Load Balancing to work, we will
need to go back to Round Robin DNS, unless someone else has a good load
balancing solution.
Please reply directly back to weissr@xxxxxxxxxx
< mailto:weissr@xxxxxxxxxx <mailto:weissr@xxxxxxxxxx> > as well as
posting to the list if possible.
Thank you,
Robert Weiss
Manager, Network and Academic Systems
Philadelphia University
Office of Information Technology
215-951-2689
http://www.PhilaU.edu/OIT <http://www.PhilaU.edu/OIT>
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
john@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
