Multicast w/IGMP Setup guide

Multicast and Multicast with IGMP is now included in SP1 - you only need to download the script files, because you still need to do the manual change of the NLB mode on the primary configuration storage server.

Please set aside time for this operation outside work hours.

You need these files (attached to this blog) : They are also to be found under kb938550 at Microsoft download.

csstools.js
debugtools.js
kb938550.wsf
utilities.js
vbtools.vbs


Use the following command on the primary configuration storage server:

cscript kb938550.wsf /array:"Your Array Name" /nlb:igmp /net1:"Network Name 1" /net1:"Network Name 2" /net3:"Network Name 3" /net4.... /net5.. etc.

That will set you NLB mode to Multicast w/IGMP

To set it to Multicast without IGMP use this command:

cscript kb938550.wsf /array:"Your Array Name" /nlb:multicast /net1:"Network Name 1" /net2:"Network Name 2" /net3:"Network Name 3" /Net4.... /Net5... etc.

I have included a sample script in the package attached.

Enjoy multicasting :-)

KB938550.zip

ISA 2006 Server SP1 - Released

The SP1 is released

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=d2feca6d-81d7-430a-9b2d-b070a5f6ae50

Overview
The new features focus on configuration change management and enhanced troubleshooting designed to help you identify and resolve ISA Server configuration issues within the ISA Server Management console.

The service pack includes the following new features and feature improvements:

• Configuration Change Tracking—Registers all configuration changes applied to ISA Server to help you assess issues that may occur as a result of these changes.
• Test Button—Tests the consistency of a Web publishing rule between the published server and ISA Server.
• Traffic Simulator—Simulates network traffic in accordance with specified request parameters, such as an internal user and the Web server, providing information about firewall policy rules evaluated for the request.
• Diagnostic Logging Viewer—Now integrated as a tab into the ISA Server Management console, this feature displays detailed events on packet progress and provides information about handling and rule matching.Improvements for existing features, including:
• Support for integrated NLB mode in all three modes, including unicast, multicast, and multicast with Internet Group Management Protocol (IGMP). Previously, ISA Server integrated NLB-supported unicast mode only.
• Support for use of server certificates containing multiple Subject Alternative Name (SAN) entries. Previously, ISA Server was able to use either only either the subject name (common name) of a server certificate, or the first entry in the SAN list.
• Support for Kerberos Constrained Delegation (KCD) cross-domain authentication. Credentials from users located in a different domain than the ISA Server, but in the same forest, can now be delegated to an internal published Web site by using KCD .
• Support for client certificate authentication in a workgroup deployment. This removes the requirement to map each client certificate to an Active Directory® directory user account when forms-based authentication is used as the primary authentication method and client certificates are used as the secondary method.

For more information about this service pack, see Microsoft Article 943462.

For general information about installing ISA Server updates and hotfixes, see Microsoft Article 885957.

Multicast NLB with ISA 2006

Multicast support for integrated NLB
Previous versions of ISA Server supported integrated Network Load Balancing (NLB) in unicast mode only. This compromised the use of bidirectional affinity (BDA). In unicast mode, computers in an NLB cluster are all designated a single virtual IP address by ISA Server. The NLB driver assigns a new unicast MAC to all computers to be used by the virtual IP. When traffic arrives, the switch that controls which computer to send packets cannot differentiate between ports; therefore because all computers in the cluster share the same virtual address, traffic is sent to all ports in the switch. This behavior causes switch flooding. In multicast mode, NLB designates a multicast MAC address to all computers in the cluster. Multicast combined with Internet Group Management Protocol (IGMP) prevents all ports being flooded.
SP1 adds support for unicast, multicast, and multicast with IGMP modes.
For configuration steps and more details, see Microsoft article 938550: An update enables multicast operations for ISA Server integrated NLB. http://support.microsoft.com/kb/938550/

Creating NLB with ISA:

In the ISA Server Management console, enable integrated NLB. To do this, follow these steps:

a. In the console tree, expand Arrays, expand the node that corresponds to the array, expand Configuration, right-click Network, and then click Enable Network Load Balancing Integration.
b. fill out a VIP on the interface on which you choose to enable NLB

b. Wait until all array members have synchronized the configuration.