[isalist] Re: Multi-site NLB with TMG 2010

From: Han Valk <han.valk@xxxxxxxxxxxxxxx>
To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
Date: Thu, 28 Apr 2011 11:31:48 +0000

Tnx for your suggestions! I'll discuss them with the customer.
BTW why is this list so quit. Did people move to forums?

From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jerry Young
Sent: Wednesday, 27 April, 2011 21:33
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: Multi-site NLB with TMG 2010

Okay.

The right way of doing that would be to put F5 load balancers with Global 
Traffic Manager (or another vendor's solution capable of doing the same) in 
place in front.  DNS records would point to the VIPs running on the F5s.

Otherwise, you can do what I did for my own client, and kind of cheat at this.

DNS Made Easy provides some simple monitoring and "failover" capabilities.  
Essentially, you stand up both TMG environments with separate IP addresses.  
You then use the system monitoring and DNS failover capabilities from DNS Made 
Easy.  What they essentially do is monitor your primary site's IP address(es) 
for availability.  If that goes away, the DNS failover capabilities of their 
service will automatically change the IP address of the record to that of the 
IP address in the alternate site.  When the primary comes back up, the DNS 
record is changed back.  The only caveat is that you'll need to lower the TTL 
on the record to something like 3 minutes.  It works rather well, though, and 
their services are reasonably priced, I think.
On Wed, Apr 27, 2011 at 5:11 AM, Han Valk 
<han.valk@xxxxxxxxxxxxxxx<mailto:han.valk@xxxxxxxxxxxxxxx>> wrote:
Site redundancy. Customer has 2 datacenters. Would be nice that in case of an 
outage the other takes over.

From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto:isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Jerry Young
Sent: Wednesday, 20 April, 2011 17:39
To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx>
Subject: [isalist] Re: Multi-site NLB with TMG 2010

What would you be trying to load balance across the two sites, anyway?

If it's access to web services of some kind, you're better bet would be to put 
a hardware load balancer that supports multi-site load balancing (like F5 - 
Global Traffic Manager) in front of TMG at each site.
On Wed, Apr 20, 2011 at 10:03 AM, Jim Harrison 
<Jim@xxxxxxxxxxxx<mailto:Jim@xxxxxxxxxxxx>> wrote:
http://www.ISAserver.org<http://www.isaserver.org/>
-------------------------------------------------------

Han,

The short answer is "not if they're separated by a router".
NLB (not ISA) requires that the cluster nodes operate in the same Ethernet 
broadcast domain.
In general, this is a bad idea; there are too many things that can break the 
communication (if it works in the first place), resulting in a broken cluster.

-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> 
[mailto:isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On 
Behalf Of Han Valk
Sent: Wednesday, April 20, 2011 3:45 AM
To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx>
Subject: [isalist] Multi-site NLB with TMG 2010

http://www.ISAserver.org<http://www.isaserver.org/>
-------------------------------------------------------

Hi list,

Did some research on this subject but did not find a lot of useful information 
only that is not a common configuration. Just to clarify, multi-site NLB in 
this context means part of one NLB cluster in one datacenter and another part 
in a second datacenter.
Is this possible?
What are the pitfalls?
Is it supported?

Regards,
Han Valk.

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com<http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx<mailto:listadmin@xxxxxxxxxxxxx>

------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com<http://www.techgenix.com/>
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx<mailto:listadmin@xxxxxxxxxxxxx>

--
Cordially yours,
Jerry G. Young II, CISSP
Microsoft Certified Systems Engineer
Young Consulting & Staffing Services Company - Owner
www.youngcss.com<http://www.youngcss.com/>

--
Cordially yours,
Jerry G. Young II, CISSP
Microsoft Certified Systems Engineer
Young Consulting & Staffing Services Company - Owner
www.youngcss.com<http://www.youngcss.com/>

Follow-Ups:
- [isalist] Re: Multi-site NLB with TMG 2010
  - From: Jerry Young

References:
- [isalist] Multi-site NLB with TMG 2010
  - From: Han Valk
- [isalist] Re: Multi-site NLB with TMG 2010
  - From: Jim Harrison
- [isalist] Re: Multi-site NLB with TMG 2010
  - From: Jerry Young
- [isalist] Re: Multi-site NLB with TMG 2010
  - From: Han Valk
- [isalist] Re: Multi-site NLB with TMG 2010
  - From: Jerry Young

[isalist] Re: Multi-site NLB with TMG 2010

Other related posts: