Share via

Failover cluster outgoing connection

AndresP 21 Reputation points
2020-08-04T11:43:53.127+00:00

Hi.
2 node failover cluster WS 2019
each node has own IP
A) 10.0.0.10
b) 10.0.0.11
FileServer resource has c - IP 10.0.0.13
Incoming connections are going to C and working fine
Outgoing connections are using EITHER A or B ( depends from current role owner).

Seems it is by-design and not possible to change. Just need confirmation from MS or experts in this level.
This part of documentation is also shamefully sparse in learn.microsoft.com.

Windows Server Clustering
Windows Server Clustering
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Clustering: The grouping of multiple servers in a way that allows them to appear to be a single unit to client computers on a network. Clustering is a means of increasing network capacity, providing live backup in case one of the servers fails, and improving data security.
1,005 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Leon Laude 85,816 Reputation points
    2020-08-04T12:08:27.277+00:00

    Hi,

    This is how the failover cluster is designed to work, so yes it is by design.
    The cluster has one owner at the time, so when the role(s) are owned by one cluster node, the traffic passes the cluster node that is currently the owner.

    (If the reply was helpful please don't forget to accept as answer, thank you)

    Best regards,
    Leon

    0 comments
  2. Xiaowei He 9,906 Reputation points
    2020-08-05T07:35:19.66+00:00

    Hi,

    • Cluster resource IP address will be registered on the owner node of the role, we may check the owner node's NIC card:

    15727-share0001.png

    • I tested on my lab, the owner of the file share role is N2 with IP address 192.168.2.51, the file share has IP address 192.168.2.100. When I use the file share path to visit the share, we can see it use the owner node's IP address to communicate:

    15696-share01.png

    When I type the IP address of the file share role 192.168.2.100, it could use the .100 address to communicate:

    15774-share1.png

    So, according to the test result, it seems the file share will use the IP address of the owner of the role to communicate by default, however, it's also OK for us to use the resource IP address to communicate.

    Thanks for your time! If you have any other concerns or questions, please feel free to feedback.

    If the reply could be of help, please help to accept it as an answer, thanks for your cooperation!
    Thanks for your time!
    Best Regards,
    Anne

  3. Xiaowei He 9,906 Reputation points
    2020-08-12T03:00:32.927+00:00

    Hi,

    Sorry for the later reply, I spent some time to do research and test about the "skipassource" flag and found a solution to achieve your goal.

    About the skipassource, below is the result:

    When the fileserver resource on the Node 3, I check the skipassource of each IP addresses, and found the real IP address of n3 192.168.2.54 with the flag false, the fileserver resource IP 192.168.2.100 with flag True:

    17121-%E6%8D%95%E8%8E%B7.png

    When I try to change the 192.168.2.54 to "true" and "192.168.2.100" to "false", the N3 is down and fileserver role failover to other cluster nodes:

    17132-image.png

    17047-image.png

    17133-image.png

    Based on my understanding, the "skipasresource" flag is used to define the primary IP address of outcoming packets, however, it's recommended to use when there are multiple stable IP addresses on the NIC. While the failover cluster resource is not stable on the node's NIC, it will failover between the cluster nodes.

    Below is the method to achieve your goal, on the DNS server, only leave the resource IP address of file server, for example, only fileserver 192.168.2.100 on the DNS, then when we visit the fileserver, it always use the .100 address to communicate.

    17104-image.png

    17122-image.png

    Tip: After your change the DNS record, please run ipconfig /flushdns on the Client want to visit the share, then you will see it always use the resource IP to communicate.

    17085-image.png

    -------
    If the reply could be of help, please help to accept it as an answer, thanks for your cooperation!
    Thanks for your time!
    Best Regards,
    Anne

    0 comments
  4. Xiaowei He 9,906 Reputation points
    2020-08-14T02:58:30.003+00:00

    Hi,

    I would like to check if the above reply could be of help? If yes, please help accept it as an answer, so that others meet a similar issue can find useful information quickly. If you have any other concerns or questions, please feel free to feedback.

    If the reply could be of help, please help to accept it as an answer, thanks for your cooperation!
    Thanks for your time!
    Best Regards,
    Anne

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.