Prev: Option to install ASP.Net missing in Windows 2003 Enterprise R2 x6
Next: External access to websites lost
From: Björn Pettersson on 15 Jan 2010 08:48
Hi,

Background:

We are currently running a web site (IIS 6) on top of a NLB cluster,
which has two nodes. The servers run on Windows 2003. NLB configured
with the following parameters: Procols = Both, Filtering Mode =
Multiple Host and Single Affinity. Cluster in multicast mode. Web site
is bound to the cluster VIP in IIS. Web site have SSL enabled with a
certificate installed on both nodes.

Now there is a need of having an additional web site, also running
HTTPS. As SSL binds to IP, we cannot use the host header feature.
First we thought of adding an additional NLB cluster, but a collague
suggested a different approach. He told me to add another VIP as a
cluster host, and configure the additional web site with the new VIP.
Once cluster, still only two nodes in the cluster, but two cluster
hosts with different VIP. This way, we don't need to add any
additional network interfaces, and can stick with only one cluster.

I have tested this setup, and it appears to be working fine, but would
like to have someone confirm that this is a correct imlementation of
NLB. We have implemented this in a test environment and are now
considering applying it to our production environment, but don't want
any future surprises caused by faulty design :)

Does any of you see any risks with this setup? Please comment! :)
From: Chris M on 28 Jan 2010 06:03
On 15/01/2010 13:48, Bj�rn Pettersson wrote:
> Now there is a need of having an additional web site, also running
> HTTPS. As SSL binds to IP, we cannot use the host header feature.

Yes you can, but not through the IIS MMC interface.

cscript adsutil.vbs SET W3SVC\<ID>\SecureBindings "a.b.c.d:443:host.header"

--
Chris M.
 | 
Pages: 1
Prev: Option to install ASP.Net missing in Windows 2003 Enterprise R2 x6
Next: External access to websites lost