Forum Discussion

Almassud_221797's avatar
Almassud_221797
Icon for Cirrus rankCirrus
Dec 11, 2015

Accessing File shares through F5 VIP

Hello all,

 

I have a server that hosts lots of roles such as file server, web server, home grown apps, and few other things. I am working on breaking this single serve into 6 servers.

 

2 Web Servers 2 File Servers 2 Servers for other apps.

 

All servers are windows servers.

 

my plan is to have a single VIP with port 0, and then attach an iRule that handles the traffic as it arrives at the VIP, where it would send traffic distant to port 80 would go to the pool of web servers, and if any of the ports for the other apps, it would go to the pool of servers of the other apps.

 

the one that I am not 100% how to handle is File Servers since they not really load balanced by F5 and the pool will have a single member, which is the file server cluster name, so I could use some help from the experts here and I truly appreciate any help or comments to get this work correctly.

 

Thanks in advance and have a good one.

 

application delivery
file share
iRules
LTM
windows

6 Replies

Sort By
  • Almassud_221797's avatar
    Almassud_221797
    Icon for Cirrus rankCirrus
    Dec 15, 2015

    Hi all,

     

    any help on load balancing 2 windows file servers?

     

    This is the only thing I am missing at this point.

     

    Thanks

     

    • Kai_Wilke's avatar
      Kai_Wilke
      Icon for MVP rankMVP
      Dec 15, 2015
      Hi Almassud, network load balancing of windows fileserver is not that easy and also not recommended. 1.) If using a single DNS/NETBIOS name to access those servers, then you can't use kerberos, since CIFS using the identity of each individual computer account. 2.) In addition you have to make sure, that both servers would accept the same UNC name without registring an SPN. 3.) If accessing a "single" failover cluster share ressource, then you might have a good chance by forwarding TCP:445 to those boxes. But keep in mind that SMBv1 doesn't like NAT... BTW: I wouldn't do that... ;-) Cheers, Kai
  • Almassud_221797's avatar
    Almassud_221797
    Icon for Cirrus rankCirrus
    Dec 11, 2015

    tatmotiv,

     

    Thanks for your reply. I am not against this idea and it's sounds like possible.I still need to know the steps for the setting up the VIP for the file share access, such as health monitor, and what not.

     

    do you know of a link to an solution that I can use or can tell me what needs to be done to create this VIP?

     

    Thanks again.

     

  • tatmotiv's avatar
    tatmotiv
    Icon for Cirrostratus rankCirrostratus
    Dec 11, 2015

    Why do you want to have a single VIP accomplishing this? Wouldn't it be easier to define a VIP for port 80 and assign the pool of webservers to it, then define some VIPs (can share the same destination IP) with file server ports (depending on the protocols in use, possibly 135/445 tcp for windows file servers using CIFS) and assign the pool of file servers to it, and finally a VIP with port 0 that catches all the remaining ports and passes them on to the "other apps" pool?