This release includes an updated version of the BIG-IP Windows Terminal Server (WTS) persistence feature. WTS persistence provides an efficient way to load balance traffic and maintain persistent connections between Windows clients and servers that are running the Microsoft ® Terminal Services service. The recommmended scenario for enabling the BIG-IP WTS persistence feature is to create a load balancing pool that consists of servers running Windows® .NET Server 2003, Enterprise Edition, where all members belong to a Windows cluster and participate in a Windows session directory.
This release of the WTS persistence feature further strengthens the integration of the BIG-IP product with Windows server platforms. Not only does the BIG-IP system efficiently load balance and maintain persistent connections between Windows clients and servers, the BIG-IP system also performs health monitoring for Windows servers that are running various services. For example, the BIG-IP system health monitoring feature provides useful data on CPU, memory, and disk utilization of Windows Management Interface (WMI) servers, to ensure the most efficient load balancing of traffic to those servers.
Without WTS persistence, Terminal Servers, when participating in a session directory, map clients to their appropriate servers, using redirection when necessary. If a client connects to the wrong server in the cluster, the targeted server checks its client-server mapping and performs a redirection to the correct server.
When BIG-IP WTS persistence is enabled, however, a Terminal Server participating in a session directory always redirects the connection to the same BIG-IP virtual server, instead of to another server directly. The BIG-IP system then sends the connection to the correct Terminal Server. Also, when WTS persistence is enabled on a BIG-IP system and the servers in the pool participate in a session directory, the BIG-IP system load balances a Terminal Services connection according to the way that the user has configured the BIG-IP system for load balancing. Thus, the use of Terminal Servers and the Session Directory service, combined with the BIG-IP WTS persistence feature, provides more sophisticated load balancing and more reliable reconnection when servers become disconnected.
By default, the BIG-IP system with WTS persistence enabled load balances connections according to the way that the user has configured the BIG-IP system for load balancing, as long as Session Directory is configured on each server in the pool. Because Session Directory is a new feature that is only available on the Windows .NET Server 2003, Enterprise Edition platform, each server in the pool must therefore be a Windows .NET Server 2003, Enterprise Edition server if you want to use WTS persistence in default mode.
If, however, you want to enable WTS persistence but have older versions of Windows server platforms (on which Session Directory is not available), you can enable WTS persistence in non-default mode. This causes the BIG-IP system to connect a client to the same Windows server by way of the user name that the client provides. You can enable WTS persistence in this way by setting a global variable on the BIG-IP system, called msrdp no_session_dir, which disables Session Directory on any pool created with the msrdp attribute. Note that enabling WTS persistence in non-default mode (that is, with no Session Directory available on the servers) is less preferable than the default mode, because it provides limited load-balancing and redirection capabilities.
The following sections describe how to enable WTS persistence with and without Windows Session Directory.
Enabling WTS persistence in the default mode requires you to configure Session Directory on each Terminal Server in your load balancing pool. In addition to configuring Session Directory, you must perform other Windows configuration tasks on those servers. However, before you configure your Terminal Servers, you must configure your BIG-IP system, by performing tasks such as creating a load-balancing pool and designating your Terminal Servers as members of that pool.
The following two sections describe the BIG-IP system and Terminal Server configuration tasks that are required to enable WTS persistence in default mode for a Windows client-sever configuration running Windows Terminal Services.
To configure WTS persistence on the BIG-IP, you must perform three tasks, as follows.
b service 3389 tcp enable
Optionally, you can map the this port from 3389 to 443 in order to allow traffic to pass more easily through a firewall.
Use the bigpipe pool command, as in the following example. Remember that the pool members must already be members of a Windows cluster.
b pool my_cluster_pool ( persist_mode msrdp member 126.96.36.199:3389 member 188.8.131.52:3389 }
b virtual 184.108.40.206:3389 use pool my_cluster_pool
To configure your Terminal Servers, you must perform the following tasks:
The following sections describe these tasks.
Before enabling BIG-IP WTS persistence, you must verify that the following conditions exist:
To configure the above services, you must first log in to each Terminal Server as Administrator, which causes the Configure your server wizard to start automatically. From this wizard, you can select each of the three services listed above.
When the Session Directory service is configured on your Terminal Servers and WTS persistence is configured on the BIG-IP system, the BIG-IP system assumes the job of redirecting a connection to the correct server when that connection was originally directed to the wrong server. In order for the BIG-IP system to perform this redirection, you must first join each server in the Windows cluster to the Windows Session Directory, thereby allowing those servers to share sessions with other servers in the cluster. Joining Terminal Servers to the session directory allows those servers to share sessions. To join servers in a cluster to the session directory, you must configure the Windows Terminal Services session directory on each server in the cluster.
The next step is to configure Windows Terminal Services. This allows the BIG-IP system to maintain persistent connections by offloading the redirection function from the servers to the BIG-IP system. When a client connection goes to the wrong server, proper configuration of the Terminal Services service ensures that the server always rewrites the connection to the BIG-IP system, which then sends the connection to the correct server. While the Session Directory screen is still displayed, locate the check box labeled IP Address Redirection, and verify that the check box is cleared. (If the check box is checked, clear the check box.) If you do not clear the check box, the servers will redirect connections directly to other servers in the cluster, rather than to the BIG-IP system.
The next step is to create a Windows local group and add the servers to it.
Finally, on the server to which you assigned the Session Directory name, start the Session Directory service. To do this, start at the Windows Start button, point to Settings, Administrative Tools, Services, and then click Terminal Services Session Directory.
Once you have completed these tasks, WTS persistence runs with Session Directory configured, which means that any required redirections normally performed by the Terminal Servers is performed by the BIG-IP system. To see a resulting cookie, check the traffic on TCP port 3389. The following is an example of a resulting cookie:
When a server has no Session Directory, the server cannot share sessions with other servers, and therefore cannot perform any redirections when a connection to a server becomes disconnected. In lieu of session sharing, Windows clients provide data, in the form of a user name, to the BIG-IP system to allow the BIG-IP system to consistently connect that client to the same server. Enabling WTS persistence to behave in this way is the non-default mode.
To configure WTS persistence when the servers do not have Session Directory, you must first perform the BIG-IP system configuration tasks that are described in Configuring WTS persistence on the BIG-IP system .
Next, you must set a BIG-IP global variable, msrdp no_session_dir. Setting this global variable disables Session Directory on all pools on which the msrdp attribute is set. To set the msrdp no_session_dir global variable, use the following command-line syntax:
b global msrdp no_session_dir enable
Finally, you must verify that the Terminal Services service is running on each Windows server in your load-balancing pool.
Whenever you configure a BIG-IP system, you have a number of options: