Forum Discussion

shawn306_84070's avatar
shawn306_84070
Icon for Nimbostratus rankNimbostratus
Jul 19, 2010

Looking to see if this can be done with domain controllers

Hi,

 

 

I have a customer who has an application that he would like to load balance thru domain controllers. Here is why.

 

 

The application they have has only one domain controller hard coded. So when if that domain controller goes down they are down as well.

 

 

They want to know if we create a vip on the on F5 for domain controllers would that help them with their problem.

 

 

If anyone can help me that would be great.

 

 

Thanks

 

 

Shawn

 

 

config
design

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jul 19, 2010
    Hi Shawn,

    You should be able to load balance domain controller requests with a virtual server. I'd start with a virtual server which handles all protocols and a single pool member both configured on port 0. You can use an iRule to log the client IP:port and destination IP:port in CLIENT_ACCEPTED. You can then track which ports the client is using and then lock down the ports the VS accepts traffic on once it's working. Here's an example: 

    
when CLIENT_ACCEPTED {
    Check the protocol for this connection
   switch [IP::protocol] {
      6 {
          TCP connection
         log local0. "[IP::client_addr]:[TCP::client_port]: TCP connection to [IP::local_addr]:[TCP::local_port]"
      }
      17 {
          UDP connection
         log local0. "[IP::client_addr]:[UDP::client_port]: UDP connection to [IP::local_addr]:[UDP::local_port]"
      }
      default {
          Not TCP or UDP
         log local0. "[IP::client_addr]: [IP::protocol] connection to [IP::local_addr]"
      }
   }
}

    Once you have this working for a single DC pool member, you could add a second pool member and a source address persistence profile to the VS to ensure clients are persisted to the same DC.

    Aaron