A server has 2 NICs for Load Balancing. THE PROBLEM: replies come back from NIC1 using IP of NIC2, which is on a different subnet with the gateway, so the gateway drops the packet. A packet capture on the router looks like this: src=[user ip], dest=[wan ip], port-src=4568, port-dest=80, action=forward to 192.168.2.5 (to NLB IP by NAT rule) src=[192.168.2.5], dest=[192.168.1.1], port-src=80, port-dest=4568, action=drop (diff. subnet) How can I force NIC1 to forward the packet using its own IP (192.168.1.2)? Any better ideas? NIC1 is the primary NIC IP: 192.168.1.2 DNS: 192.168.1.10 Gateway: 192.168.1.1 NetBIOS: yes NIC2 used for NLB IP: 192.168.2.2(dedicated), 192.168.2.5 (NLB) DNS: Gateway: NetBIOS: no Packet forwarding: enabled Both sit behind a firewall with 2 LAN interfaces: IntA (192.168.1.1) and IntB (192.168.2.1). All port 80 traffic goes like this: User IP -> WAN -> IntB ->SwitchB-> [NIC2 -> NIC1] ->SwitchA -> IntA -> WAN -> User IP The reason it's split into 2 segments is because of the flooding NLB creates. To minimise the load all replies are sent back via a different switch.

Hi,let me see if I have understood your packet flow correctly.Incoming: NAT - Firewall|User IP --> WanIP:80 | Internal-IP (192.168.2.5:80) |Here the incoming flow ends. Your packet is than replied using its default gateway (192.168.1.1) but from (192.168.2.5) that is correct, because it is the adressed IP->wrong Subnet-> packet dropped.You are saying you have flooding problems, so I guess you are using unicast mode. You will reduce your flooding by using multicast and if your switches are capable, you can additionally activate IGMP.You can modify your gateway to 192.168.2.5 and team your second nic, if possible.Hope this helps.ThorstenWujek

xminet, Here is a posting from the server.networking ng about a similar problem which may help you. Quote:I figured out with a call to Microsoft Tech support. Windows 2008 introduces a "strong host model" that doesn't allow the different NICs to talk to each other. For example, if a request comes in on the 2nd NIC and there's no default gateway setup, then the NIC will not use the 1st NIC to reply to the requests. (even though there's a default gateway setup on that 1st NIC). In order to change that behaviour and go back to a 2003 model, you go to the command prompt and then you type: netsh interface ipv4 set interface NLB weakhostreceive=enablenetsh interface ipv4 set interface NLB weakhostsend=enable (where NLB is the name of the network interface... default is Local Area Connection) As an alternative, you can set a default gateway on the 2nd NIC but that can introduce more problems where the system doesn't know which way to send traffic. MS said that I could set the metric to 2 on the 2nd NIC and that way it will only be used if the 1st NIC is unavailable. http://technet.microsoft.com/en-us/magazine/2007.09.cableguy.aspxUnquote:Bill