No matter what the environment, physical or virtual, there’s always going to be some kind of complication introduced by NLB. In virtual environments, you’re probably aware that VMware Workstation doesn’t support unicast NLB, which really hurt a lot of us when we wanted to test the integrated NLB functionality included with the ISA firewall. That problem was fixed when an update was released that allows multicast NLB to work on ISA firewalls.
So what about the Forefront TMG firewall? Yes, unicast NLB is still the default. OK, how about Hyper-V? Yes, NLB will work with Hyper-V too. However, it won’t work right out of the box. There’s an update that you need to install, and then you need to find out the unicast MAC address and configure the Hyper-V virtual network to use that MAC address.
Fortunately, Gershon Levitz has done a great job showing us how to make it work. Complete with clear and easy to understand instructions and screenshots, Gershon does a yeoman’s job at presenting a complete solution for a potentially complex problem.
Check it out at: http://blogs.technet.com/isablog/archive/2009/02/23/how-to-get-nlb-to-work-with-forefront-tmg-beta2-when-running-in-hyper-v.aspx
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP — Forefront Edge Security (ISA/TMG/IAG)