Forum Discussion
NimbostratusBalancing RDP with token redirection
Hi guys. I have taken a look at the below deployment guide for getting my TS farm balanced using my F5. I have a couple questions:
http://www.f5.com/pdf/deployment-guides/f5-microsoft-remote-desktop-services-dg.pdf
I am doing scenario 1 with all 2008 R2 session hosts. I do not have any Server 2012 yet, so just have a standard session broker (not high availability). Here are my questions from the config table on page 6.
1) In the pools section, they obviously list the pool for all of the session hosts, but they also have a pool for all the connection brokers. I assume that since I am using 2008, which does not support mutiple session brokers that I don'tneed to do this and will just have a single pool of the session hosts
2) The custom health check using those hex send/recieive strings, can anyone tell me the details on what/how that is better than just using TCP connect to RDP port. This is probably a dumb question.
On the microsoft server side. When configuring the farm settings on each TS, obviously they need to be switched to token redirection, but when choosing the IP for redirection, I assume that we just choose the same local IP for the TS that would be listed in the F5 as the pool members?
Reason why I'm confused with that is only because the MS documentation for token redirection lists the 2 requirements for the redirection IP, which both of them together make no sense:
http://technet.microsoft.com/en-us/library/cc732852(v=ws.10).aspx
5 Replies
jschweg_118185OK so the IP for redirection just needs to match the IP for the session host as its configured in the pool on the F5, I get that. Rest of my questions still stand :-)- Hi jschweg,
You are correct about 1, you don't need a VIP or pool for RDCB when using 2008. These objects are for HA RDCB, which is new in Windows 2012.
On 2, we created this monitor by observing a successful connection and capturing the TCP data. This tells us that the RDP service is available, rather than just a listening TCP 3389 socket on the server.
thanks
Mike - jschweg_118185Thanks for the responses!
So I have everything setup, however the persistence on re-connect isn't happening.
1) All terminal servers are set to token redirection, redirecting IPs match the ones in the F5 pool
2) Session broker active, all terminal servers joined to farm name that matches DNS name of the virtual server on the LB
3) F5 config matches the deployment doc with the exception of the default port, I am not running my Terminal Servers on 3389
LB does properly balance the initial connections, however re-connections are treated like new initial connections
Any idea on what to look at next? - Sounds like the redirecting IP needs to be set to the IP address of the BIG-IP virtual server, not the IPs of the pool members. You don't strictly need to do use IP redirection though, since the MSRDP persistence profile should take care of it using the session broker token.
- jschweg_118185
The drop down list on the farm setup only lists the IPs that are bound to the machine to use for redirection, which is just the local one.
I suppose I could bind the WAN IP of the F5 virtual server to the TS so I can select it as the redirection IP.
I'll give that a shot tomorrow.
