Technical Stuff: July 2006 Archives

Well it seems that yes, you can in fact run windows firewall on boxes running NLB. This is presuming that your NLB is setup correctly. After logging a call to Microsoft (and talking to someone who had never setup NLB before - grrr) I eventually rebuilt my test boxes from scratch and setup NLB in the prescribed way, as opposed to copying what we have in production. Turns out our production servers are incorrectly setup too. Which is surprising because they *work*, and have done for years, and Luc set them up based on the way servers are setup for the entire organisation (!)

So anyways.

Next week we'll be reconfiguring the production servers, and then will try enabling the firewall on them again...

I've spent a good couple of months now on and off looking for an answer to a very simple question:

Can you use windows firewall on servers running NLB?

Well it seems that only one other person on the internet has asked this question, and they didn't get a very satisfactory answer. Certainly nothing I can really work with.

The problem *seems* to be something to do with gateways. With the firewall disabled, everything works fine. However with the firewall enabled, only the non-NLB ips respond.. the NLB ip address doesn't respond (blocked by the firewall) - however it *does* work from machines on the same vlan.

I think I'll be logging a call to Microsoft on this one...

Kazza's "Boring Life Of a Geek" aka BLOG

IT geek, originally from Sydney, moved to Canberra in 2007. Married to "the sweetie", aka Stu. Prolific photographer, Lego junkie and tropical fish keeper.

Kazza the Blank One home