[isalist] Re: Multi-site NLB with TMG 2010

• From: Jerry Young <jerrygyoungii@xxxxxxxxx>
• To: isalist@xxxxxxxxxxxxx
• Date: Wed, 27 Apr 2011 15:33:17 -0400

Okay.

The right way of doing that would be to put F5 load balancers with Global
Traffic Manager (or another vendor's solution capable of doing the same) in
place in front.  DNS records would point to the VIPs running on the F5s.

Otherwise, you can do what I did for my own client, and kind of cheat at
this.

DNS Made Easy provides some simple monitoring and "failover" capabilities.
Essentially, you stand up both TMG environments with separate IP addresses.
You then use the system monitoring and DNS failover capabilities from DNS
Made Easy.  What they essentially do is monitor your primary site's IP
address(es) for availability.  If that goes away, the DNS failover
capabilities of their service will automatically change the IP address of
the record to that of the IP address in the alternate site.  When the
primary comes back up, the DNS record is changed back.  The only caveat is
that you'll need to lower the TTL on the record to something like 3
minutes.  It works rather well, though, and their services are reasonably
priced, I think.

On Wed, Apr 27, 2011 at 5:11 AM, Han Valk <han.valk@xxxxxxxxxxxxxxx> wrote:

>  Site redundancy. Customer has 2 datacenters. Would be nice that in case
> of an outage the other takes over.
>
>
>
> *From:* isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> *On Behalf Of *Jerry Young
> *Sent:* Wednesday, 20 April, 2011 17:39
> *To:* isalist@xxxxxxxxxxxxx
> *Subject:* [isalist] Re: Multi-site NLB with TMG 2010
>
>
>
> What would you be trying to load balance across the two sites, anyway?
>
>
>
> If it's access to web services of some kind, you're better bet would be to
> put a hardware load balancer that supports multi-site load balancing (like
> F5 - Global Traffic Manager) in front of TMG at each site.
>
> On Wed, Apr 20, 2011 at 10:03 AM, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> -------------------------------------------------------
>
> Han,
>
> The short answer is "not if they're separated by a router".
> NLB (not ISA) requires that the cluster nodes operate in the same Ethernet
> broadcast domain.
> In general, this is a bad idea; there are too many things that can break
> the communication (if it works in the first place), resulting in a broken
> cluster.
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Han Valk
> Sent: Wednesday, April 20, 2011 3:45 AM
> To: isalist@xxxxxxxxxxxxx
> Subject: [isalist] Multi-site NLB with TMG 2010
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> -------------------------------------------------------
>
> Hi list,
>
> Did some research on this subject but did not find a lot of useful
> information only that is not a common configuration. Just to clarify,
> multi-site NLB in this context means part of one NLB cluster in one
> datacenter and another part in a second datacenter.
> Is this possible?
> What are the pitfalls?
> Is it supported?
>
> Regards,
> Han Valk.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
>
> --
> Cordially yours,
> Jerry G. Young II, CISSP
> Microsoft Certified Systems Engineer
> Young Consulting & Staffing Services Company - Owner
> www.youngcss.com
>



-- 
Cordially yours,
Jerry G. Young II, CISSP
Microsoft Certified Systems Engineer
Young Consulting & Staffing Services Company - Owner
www.youngcss.com

• Follow-Ups:
  • [isalist] Re: Multi-site NLB with TMG 2010
    • From: Han Valk

• References:
  • [isalist] Multi-site NLB with TMG 2010
    • From: Han Valk
  • [isalist] Re: Multi-site NLB with TMG 2010
    • From: Jim Harrison
  • [isalist] Re: Multi-site NLB with TMG 2010
    • From: Jerry Young
  • [isalist] Re: Multi-site NLB with TMG 2010
    • From: Han Valk

Other related posts:

• » [isalist] Multi-site NLB with TMG 2010- Han Valk
• » [isalist] Re: Multi-site NLB with TMG 2010- Jim Harrison
• » [isalist] Re: Multi-site NLB with TMG 2010- Jerry Young
• » [isalist] Re: Multi-site NLB with TMG 2010- Han Valk
• » [isalist] Re: Multi-site NLB with TMG 2010 - Jerry Young
• » [isalist] Re: Multi-site NLB with TMG 2010- Han Valk
• » [isalist] Re: Multi-site NLB with TMG 2010- Jerry Young

1. Home
2. isalist
3. Archive
4. 04-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---