Good afternoon,

I'm trying to publish two trunks using NLB. I have assigned each trunk a separate VIP, but they are using the same DIP. I can access one trunk, but the second trunk does not respond. Do I need to assign unique DIPs to each trunk also?

Thanks in advance.

A little more information.

I publish Trunk 1 on VIP x.x.x.164 and this works as expected. I then add Trunk2 on x.x.x.165, the activation works fine without any errors. I am still able to access Trunk1, but Trunk2 does not respond. In fact if I monitor the external interface on TMG I see requests for x.x.x.164, but nothing for x.x.x.165 reaches the external interface. I can reverse the above order and Trunk2 works, but Trunk1 does not.

Any help out there?

You do not require separate DIPs as you already have different VIPs for each trunk. As you said you do not see in the TMG logs for the request coming for x.x.x.165, I would recommend you to check your next device connected to UAG and see whether the request is reaching there and it is forwarding to UAG.

A good test would be to get a client machine right external to UAG (on the same network of UAG external NIC) and test from that client machine.

Take a netmon trace and see whether the request is reaching the UAG servers.

• Marked as answer by NeilCC1 Monday, December 09, 2013 3:21 PM

Thanks Angeos.

Turns out the first switch out from UAG isn't IGMP Multicast capable, although I was told it was. Changing NLB to Unicast mode has solved the issue.

Having similar issue where we have a array of UAG server with several VIPs assigned and using IGMP Multicast. When we set up the VIPs, we added static arp entries to the routers for each of the VIPs mac addresses.  We had 1 trunk on port 80 and 1 trunk on port 443 and all was working well.  We added a third trunk on 443 and I was unable to access.  We verified firewall was not the issue.  I was able to get to the VIP via telnet if I was using a client on the same network but directly from the router I had no access.  After further investigation, it was found that all VIPs were reporting the same mac address, this included the VIP that was hosted on the port 80 trunk.  As a test, we modified the router static arp entry for the VIP that was not working so the mac was the same as what we were seeing reported from the client on the same network.  Once this was applied, we were then able to access the trunk.

The network team states that only the first trunk that is hosted on 443 is joining the multicast group and the VIP on the port 80 trunk is responding to the MAC assigned.  I do not understand why the second trunk does not respond or join the Multicast group?

With all that being said, I was under the impression the original setup was correct.  Each VIP mac gets a static entry in the router.  So wanting to see if anyone has had similar behavior using IGMP Multicast and how did you configure your routers?