Script: New-LoopbackAdapter.ps1 – Using PowerShell to Create and Configure a Loopback Adapter for Use with Direct Server Return Load Balancing in Exchange 2010 and Lync 2010
Using a hardware load balancer is very common to spread workload across multiple servers, as well as direct traffic to surviving servers when one goes down or is being patched. When using an HLB, there are several methods that can be used. The more conventional SNAT is quite popular, but another method, Direct Server Return, or DSR, provides for substantially increased performance. This can be key in environments where a lot of traffic from Exchange and/or Lync is going through the HLBs, or where the same HLBs are being used for many apps. Update: Tom Pacyk and John Cook pointed out that I neglected to mention that DSR based HLB is not supported on Lync Edge servers (and it won’t even work based on my testing). See Microsoft’s support statement at the bottom of http://technet.microsoft.com/en-us/library/gg425779.aspx. Sorry about the omission, guys!
The difference from a server side perspective, is that to use the DSR method, extra configuration is required when building the server. To configure a server for DSR based load balancing a loopback adapter is added and configured with the IP address of the load balancer VIP. This allows the server to accept packets targeted for the VIP address. Without it, the server would ignore them.
- Add the Microsoft Loopback adapter
- Unbind all services and protocols except IPv4
- Rename the loopback adapter to “loopback” and rename the regular NIC to “net”
- Assign an IP address and subnet mask (but no gateway)
- Configure the adapter to not register its address in DNS
- Set the adapter’s metric to 254
- Adjust the adapter bindings so that it is lower than the normal NIC in the server
- Set WeakHostSend and WeakHostReceive settings on both adapters
While adding and configuring the loopback adapter is simple enough, it’s a list of steps that is ideally suited for PowerShell – especially if you build a fair number of servers. Unfortunately, there is no straighforward methods to accomplish all of the required tasks. In order to configure the adapter bindings, a separate file must be downloaded. In order to even add the loopback adapter, yet another file needs to be downloaded. It’s almost more grief to try it through PowerShell than to just manually do it, right? Not so fast!
PowerShell is quite powerfull. We can download the required files, unzip them if needed, and then use them as required to fulfill our needs. Of course, this assumes that the server has Internet connectivity.
Run the script one of two ways. Run just the script itself by typing
and the script will prompt you for the VIP IP and subnet mask.
.\New-LoopbackAdapter.ps1 -vipip [ip address] -vipsm [subnet mask]
.\New-LoopbackAdapter.ps1 -vipip 10.1.0.100 -vipsm 255.255.255.0
As with most of my scripts, tab completion for the parameters works, and there is a full help section by typing:
Once the script completes, Explorer will open to the network adapters section so that you can verify the various steps have completed:
No services or protocols other than IPv4 bound to the loopback adapter:
IP address and subnet mask configured:
Metric set to 254:
DNS registration unchecked:
Loopback adapter at the bottom of the adapter bindings:
The script also creates a full transcript in the same folder as the script.
Execution Policy: Third-party PowerShell scripts may require that the PowerShell Execution Policy be set to either AllSigned, RemoteSigned, or Unrestricted. The default is Restricted, which prevents scripts – even code signed scripts – from running. For more information about setting your Execution Policy, see Using the Set-ExecutionPolicy Cmdlet.