Configuring Windows Server 2012 NLB web cluster

This manual applies to Windows Server 2012 and describes how to configure Network Load Balancing cluster for web servers.

Consider you have following server setup:

  • DEV-WEB1 – IIS Web Server
  • DEV-WEB2 – IIS Web Server

And following hostnames configured at DNS server:

  • DEV-WEB1:
  • DEV-WEB2:
  • DEV-WEB:

DEV-WEB is a virtual host accessible from the Internet, configure your network Firewall to allow 80 and 443 ports on that host.

DEV-WEB1 and DEV-WEB2 80 and 443 ports should not be available from the outside.

Installing NLB

  1. Connect to DEV-WEB1 via Remote Desktop.
  2. Start Server Manager Dashboard application and select Add Roles and Features from Manage menu:Server Manager - Add Roles and Features
  3. In Features tab of Add Roles and Features Wizard check “Network Load Balancing” and click Install button:Add Roles and Features Wizard - Features
  4. After installation is complete a server restart might be required.
  5. Repeat steps 1-4 for DEV-WEB2 server.

Configuring NLB

  1. Connect to DEV-WEB1 via Remote Desktop.
  2. Start Network Load Balacing application from Start menu:Network Load Balancing - Start
  3. Select New from Cluster menu:
  4. Input dev-web1 in Hostname field and click Connect and then Next:Add Host To Cluster - 1
  5. New Cluster : Host Parameters window will show up. Click Next:Add Host To Cluster - 2
  6. Click Add… button in New Cluster : Cluster IP Addresses window:New Cluster - 3
  7. Enter cluster IP address (DEV-WEB host IP address) and click OK:New Cluster - 3.1
  8. Verify that correct IP address has been added and click Next:New Cluster - 3.2
  9. In New Cluster : Cluster Parameters window enter full Internet host name from which web cluster should be accessible (for example dev-kps-web.kps.local or Cluster - 4Leave default value of Cluster operation modeUnicast and click Next.
  10. In New Cluster – Portal Rules window click Edit button to edit default port rule:New Cluster - 5
  11. Change port range from 80 to 80, select protocol – TCP, select affinity – Single and click OK:New Cluster - 5.1More information on NLB affinity is available on MSDN: In short Single NLB affinity configures cluster to associate web clients to particular server. For example, when user A will open dev-web page, cluster will assign a user to the server dev-web1 and all ongoing requests from user A will be processed on dev-web1 server.
  12. Click Add… button to configure SSL port and set Port range from 443 to 443, select protocol – TCP, select Affinity – Single and click OK:New Cluster - 5.2
  13. Review that 80 and 443 ports are correctly configured and click Finish:New Cluster - 5.3
  14. Network Load Balancing Manager will start configuring a cluster. Please, note, that your connection to server might be lost for a few moments, because of Network Interface reconfiguration (additional IP address is added):New Cluster - NLB Pending Cluster
  15. After all pending operations are complete, select Add Host from Cluster menu. Add Host to Cluster wizard will show up.
  16. Input second web server host name (dev-web2) in Host field, click Connect and Next:Add Host To Cluster - 1
  17. In Add Host to Cluster : Host Parameters step click Next:Add Host To Cluster - 2
  18. In Add Host to Cluster – Port Rules step verify that 80 and 443 ports are correctly mapped and click Finish:Add Host To Cluster - 3
  19. After cluster pending operations are complete your cluster is setup and ready for use:NLB - Cluster
  20. Verify your cluster operation by going to your cluster hostname (dev-kps-web.kps.local in our case):Verify AddressYou can see IIS HTTP 403 error response page meaning that request was passed to one of two cluster web servers.

In case you have more than 2 web servers, you may repeat steps 16-19 for all your dev-webN servers.


One comment

  1. I would add a few extra notes.
    1. This config is mostly for internal intranet use. Change the affinity to Network for Internet traffic (or None if using a stateless web app)
    2. If Internet facing, consider adding a second NIC on each node for management purposes, where the shared cluster address is on one NIC/subnet and the individual node addresses use the second NIC/subnet. Otherwise, you should specify a default gateway in order to separate network traffic.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s