This is not really a CCIE topic, but it is the sort of thing that you should be prepared for in real life. Microsoft NLB – “Network Load Balancing”. This allows an application to be served by multiple servers.
The way it works is by using layer-2 multicasts. When a client wants to talk to a server, (or in this case a virtual server) it puts out an ARP request for the server’s IP address. The server (one or both, I don’t know) responds with a multicast MAC address. From then on each frame from the client to the application is addressed to the multicast MAC address.
There are a number of things to consider:
- The servers generate IGMP for the IP group corresponding to the MAC multicast address. If the switch is running IGMP snooping, then this ensures that the multicast frames are sent to the servers and nowhere else. If the switch is not running IGMP snooping, then the frames are flooded to all ports on the VLAN – the scheme still works, but at the expense of flooding all the client-to-server traffic.
- IGMP snooping filters only those packets that are strictly IP, i.e. the ones that have EtherType 0x0800. There is also a keepalive between the servers, also addressed to the multicast MAC destination, at a rate of 2 packets per second per server. The Ethertype is 0x886F. These are flooded to all ports on the VLAN, regardless of IGMP snooping.
- If you think about it, this is not really Network Load Balancing, but CPU load balancing. All client frames go to both servers, and then the servers decide between themselves which packet each server is handling, and which are left to the partner.
- It does not work too well through a router. When a router gets a MAC address in an ARP response, it does not believe it, so it discards it. The only way I have found to get round this is with a static ARP entry in the router.
- Even if you do put a static ARP entry in the router, does it balance the load from the router? I suppose it depends what algorithm the servers use to distribute the load. If it is based on the source MAC address, then it won’t work to well through a router! On the other hand, if it is based on the source IP address, then that means that both servers have to process all packets all the way up to layer-3. The devil and the deep-blue sea.