Tnx for your suggestions! I'll discuss them with the customer. BTW why is this list so quit. Did people move to forums? From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jerry Young Sent: Wednesday, 27 April, 2011 21:33 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: Multi-site NLB with TMG 2010 Okay. The right way of doing that would be to put F5 load balancers with Global Traffic Manager (or another vendor's solution capable of doing the same) in place in front. DNS records would point to the VIPs running on the F5s. Otherwise, you can do what I did for my own client, and kind of cheat at this. DNS Made Easy provides some simple monitoring and "failover" capabilities. Essentially, you stand up both TMG environments with separate IP addresses. You then use the system monitoring and DNS failover capabilities from DNS Made Easy. What they essentially do is monitor your primary site's IP address(es) for availability. If that goes away, the DNS failover capabilities of their service will automatically change the IP address of the record to that of the IP address in the alternate site. When the primary comes back up, the DNS record is changed back. The only caveat is that you'll need to lower the TTL on the record to something like 3 minutes. It works rather well, though, and their services are reasonably priced, I think. On Wed, Apr 27, 2011 at 5:11 AM, Han Valk <han.valk@xxxxxxxxxxxxxxx<mailto:han.valk@xxxxxxxxxxxxxxx>> wrote: Site redundancy. Customer has 2 datacenters. Would be nice that in case of an outage the other takes over. From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto:isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On Behalf Of Jerry Young Sent: Wednesday, 20 April, 2011 17:39 To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx> Subject: [isalist] Re: Multi-site NLB with TMG 2010 What would you be trying to load balance across the two sites, anyway? If it's access to web services of some kind, you're better bet would be to put a hardware load balancer that supports multi-site load balancing (like F5 - Global Traffic Manager) in front of TMG at each site. On Wed, Apr 20, 2011 at 10:03 AM, Jim Harrison <Jim@xxxxxxxxxxxx<mailto:Jim@xxxxxxxxxxxx>> wrote: http://www.ISAserver.org<http://www.isaserver.org/> ------------------------------------------------------- Han, The short answer is "not if they're separated by a router". NLB (not ISA) requires that the cluster nodes operate in the same Ethernet broadcast domain. In general, this is a bad idea; there are too many things that can break the communication (if it works in the first place), resulting in a broken cluster. -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx> [mailto:isalist-bounce@xxxxxxxxxxxxx<mailto:isalist-bounce@xxxxxxxxxxxxx>] On Behalf Of Han Valk Sent: Wednesday, April 20, 2011 3:45 AM To: isalist@xxxxxxxxxxxxx<mailto:isalist@xxxxxxxxxxxxx> Subject: [isalist] Multi-site NLB with TMG 2010 http://www.ISAserver.org<http://www.isaserver.org/> ------------------------------------------------------- Hi list, Did some research on this subject but did not find a lot of useful information only that is not a common configuration. Just to clarify, multi-site NLB in this context means part of one NLB cluster in one datacenter and another part in a second datacenter. Is this possible? What are the pitfalls? Is it supported? Regards, Han Valk. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com<http://www.techgenix.com/> ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx<mailto:listadmin@xxxxxxxxxxxxx> ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com<http://www.techgenix.com/> ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx<mailto:listadmin@xxxxxxxxxxxxx> -- Cordially yours, Jerry G. Young II, CISSP Microsoft Certified Systems Engineer Young Consulting & Staffing Services Company - Owner www.youngcss.com<http://www.youngcss.com/> -- Cordially yours, Jerry G. Young II, CISSP Microsoft Certified Systems Engineer Young Consulting & Staffing Services Company - Owner www.youngcss.com<http://www.youngcss.com/>