NimbostratusLoad balancing Remote Desktop 2012R2 with F5 instead of Connection Broker.
Microsoft Issues: We have a Remote Desktop deployment of around 60 Session hosts, 2 HA connection brokers, 3 gateways, and 3 web access servers. We have had trouble with Microsoft's load balancing and session directory services provided by the connection broker. specifically, there are circumstances when are specific session host may become unresponsive, some users on it are working, but new users can't connect. the host can't be removed from the collection as it is not responding to WMI request. the only option we have is to hard reboot it and kick everyone off it. since the host has a low number of users it also becomes a magnet for new connections and effectively takes down the entire cluster as far as new connections are concerned. another scenario is we lose a session host without it being able to power down gracefully (hardware failure) the session directory seems to keep record of all the users on that host and attempts to reconnect them to it even though it is dead and gone. those users can not longer connect. the only way to resolve is restarting the connection broker and causing a cluster wide outage.
Potential for F5 magic: Our desire here is to replace the load balancing responsibility with the F5, which we have better health checking capabilities, better load balancing decision making, and better central control over which nodes are active in a pool. We would like to be able to disable a problematic node with the F5 and have new connections directed to other session hosts while existing users on that host are allowed to continue until attrition allows us to restart it. We'd like to incorporate better health monitoring to identify problematic hosts prior to receiving calls from our clients.
Trouble with interaction between F5 and RDP deployments After setting up the latest version of the RDP Session host IApp and doing some testing we are finding some issues with the F5 performing load balancing. We have the Session hosts set to use Token redirection in order to get the F5 to forward users to appropriate session hosts where existing sessions are located (session directory), if it is left in IP redirect mode then these redirects cause the RDP client to attempt to bypass the F5 virtual server and access another host directly. The problem we are running into is that no matter what node the F5 decides to balance the user to, that session host will perform a load balancing election with the connection broker and issue a redirect token to a different node. So the F5 cannot perform any load balancing. Furthermore, if we have a problematic host and we disable it in the F5 the F5 will continue to accept the redirect tokens for the disable hosts. Even if we set it to force offline the F5 will still attempt to connect to the offline host specified in the redirect and a connection failure will be returned to the RDP client. So the F5's ability to manage which hosts receive connections is rendered completely moot.
We attempted to find and disable the "Connection broker load balancing" option in the registry which was used in previous versions of RDP, but this does not seem to stop the redirection tokens from being issued by the session host, in fact it seems to break session directory so that once a user is assigned a host it will never realize they disconnected, and permanently hold that user to that host regardless of session status.
Problem There seems to be no means to have F5 perform any authoritative load balancing or connection management among Remote Desktop 2012R2 session collections. What then is the point of putting all this behind an F5 virtual server...
Request Anyone out there with experience running MS Remote Desktop 2012R2 session hosts via the F5 LTM virtual server that is able to perform load balancing/connection management, any tips or reference configurations?
