Introduction

This release includes an updated version of the BIG-IP Windows Terminal Server (WTS) persistence feature. WTS persistence provides an efficient way of load balancing traffic and maintaining persistent connections between Windows clients and servers that are running Microsoft's® Terminal Services service. The recommmended scenario for enabling the BIG-IP WTS persistence feature is to create a load balancing pool that consists of Windows .NET Enterprise members, where all members belong to a Windows cluster and participate in a Windows session directory.

This release of the WTS persistence feature further strengthens the integration of the BIG-IP product with Windows server platforms. Not only does the BIG-IP efficiently load balance and maintain persistent connections between Windows clients and servers, the BIG-IP also performs health monitoring for Windows servers that are running various services. For example, the BIG-IP health monitoring feature provides useful data on CPU, memory, and disk utilization of Windows Management Interface (WMI) servers, to ensure the most efficient load balancing of traffic to those servers. Also, the BIG-IP provides service checking for servers running Microsoft SQL Server (versions 6.5 and 7.0).

Benefits of WTS persistence

Without WTS persistence, Windows .NET Enterprise servers, when participating in a session directory, map clients to their appropriate servers, using redirection when necessary. If a client connects to the wrong server in the cluster, the targeted server checks its client-server mapping and performs a redirection to the correct server.

When BIG-IP WTS persistence is enabled, however, a Windows .NET Enterprise server participating in a session directory always redirects the connection to the same BIG-IP virtual server, instead of to another server directly. The BIG-IP then sends the connection to the correct Windows .NET Enterprise server. Also, when WTS persistence is enabled on a BIG-IP and the servers in the pool participate in a session directory, the BIG-IP load balances a Terminal Services connection according to the way that the user has configured the BIG-IP for load balancing. Thus, the use of Windows .NET Enterprise servers and Session Directory, combined with the BIG-IP WTS persistence feature, provides more sophisticated load balancing and more reliable reconnection when servers become disconnected.

Platform issues

By default, the BIG-IP with WTS persistence enabled load balances connections according to the way that the user has configured the BIG-IP for load balancing, as long as Session Directory is configured on each server in the pool. Because Session Directory is a new feature that is available on Windows .NET Enterprise servers only, each server in the pool must therefore be a Windows .NET Enterprise server if you want to use WTS persistence in default mode. Also, each client system must be running the remote desktop client software that is included with any .NET Enterprise server or Windows XP system.

If, however, you want to enable WTS persistence but your server platforms are running older versions of Windows (on which Session Directory is not available), you can enable WTS persistence in non-default mode. This causes the BIG-IP to connect a client to the same Windows server by way of the user name that the client provides. You can enable WTS persistence in this way by setting a global variable on the BIG-IP, called msrdp no_session_dir, which disables Session Directory on any pool created with the msrdp attribute. Note that enabling WTS persistence in non-default mode (that is, with no Session Directory available on the servers) is less preferable than the default mode, because it provides limited load-balancing and redirection capabilities.

The following sections describe how to enable WTS persistence with and without Windows Session Directory.

Configuring WTS persistence with Session Directory

To enable WTS persistence in the default mode, you must configure Session Directory on each Windows .NET Enterprise server in your load balancing pool. In addition to configuring Session Directory, you must perform other Windows configuration tasks on those servers. However, before you configure your Windows .NET Enterprise servers, you must configure your BIG-IP system, by performing tasks such as creating a load-balancing pool and designating your Windows .NET Enterprise servers as members of that pool.

The following two sections describe the BIG-IP and Windows .NET Enterprise server configuration tasks that are required to enable WTS persistence in default mode for a Windows client-sever configuration running Windows Terminal Services.

Configuring WTS persistence on the BIG-IP

To configure WTS persistence on the BIG-IP, you must perform the following three tasks.

1. Enable TCP service 3389.

   To enable TCP service 3389, use the following command:

   b service 3389 tcp enable

   Optionally, you can map the this port from 3389 to 443 in order to allow traffic to pass more easily through a firewall.

2. Create a pool of .NET Enterprise servers, with the WTS persistence attribute (msrdp) enabled.

   To create a pool that is configured for WTS persistence, use the bigpipe pool command, as in the following example. Remember that the pool members must already be members of a Windows cluster.

   b pool my_cluster_pool { persist_mode msrdp member 11.12.1.101:3389 member 11.12.1.100:3389 }

3. Create a virtual server.

   To create a virtual server that uses the pool my_cluster_pool, use the bigpipe virtual command, as in the following example:

   b virtual 192.200.100.25:3389 use pool my_cluster_pool

Configuring your .NET Enterprise servers

To configure your Windows .NET Enterprise servers, you must perform the following tasks: Verify that certain prerequisite services are running on your .NET Enterprise servers

• Join the Windows .NET Enterprise servers to Session Directory
• Configure the Terminal Services service
• Create a Windows local group and add members to it
• Start the Session Directory service

The following sections describe these tasks.

Verifying prerequisite Windows configuration tasks

Before enabling BIG-IP WTS persistence, you must verify that the following conditions exist:

• Each .NET Enterprise server is a member of the same domain. To add server members to a domain, configure the Windows Active Directory service.
• Each .NET Enterprise system is a member of the same Windows cluster. To intially create a cluster, configure the Windows Server Cluster Node service. To add additional server members to a cluster, use the Windows administrative tool Cluster Administrator.
• The Windows Terminal Services software is installed on each .NET Enterprise server. To install Terminal Services software, configure the Windows Terminal Service service.

To configure the above services, you must first log in to each .NET Enterprise server as Administrator, which causes the Configure your server wizard to start automatically. From this wizard, you can select each of the three services listed above.

Note: An alternative way to configure these services is to click the Windows Start button, point to Settings, and then Control Panel, and choose Administrative Tools.

Joining .NET Enterprise systems to Session Directory

When the Session Directory service is configured on your .NET Enterprise servers and WTS persistence is configured on the BIG-IP, BIG-IP assumes the job of redirecting a connection to the correct server when that connection was originally directed to the wrong server. In order for the BIG-IP to perform this redirection, you must first join each server in the Windows cluster to the Windows Session Directory, thereby allowing those servers to share sessions with other servers in the cluster. Joining .NET Enterprise servers to the session directory allows those servers to share sessions. To join servers in a cluster to the session directory, you must configure the Windows Terminal Services session directory on each server in the cluster.

1. Click the Windows Start button and point to Settings and then Control Panel, and choose Administrative Tools.
2. Click Terminal Services Configuration.
3. Click Select Server Settings, and then Session Directory.
4. Check the Join session directory check box.
5. Type the cluster name and the session directory server name. The session directory server can be any server in the cluster other than the domain controller.
6. Configure Terminal Services as described in the following section.

Configuring the Terminal Services service

The next step is to configure Windows Terminal Services. This allows BIG-IP to maintain persistent connections by offloading the redirection function from the servers to the BIG-IP. When a client connection goes to the wrong server, proper configuration of the Terminal Services service ensures that the server always rewrites the connection to the BIG-IP, which then sends the connection to the correct server. While the Session Directory screen is still displayed, locate the check box labeled Terminal Server IP Address Resolution, and verify that the check box is cleared. (If the check box is checked, clear the check box.) If you do not clear the check box, the servers will redirect connections directly to other servers in the cluster, rather than to the BIG-IP.

Creating a Windows local group and adding members to it

The next step is to create a Windows local group and add the servers to it.

1. On the session directory server, click the Windows Start button and point to Settings and then Administrative Tools, and choose Control Panel.
2. Click Computer Management.
3. In the left pane, expand System Tools and then expand Local Users and Groups.
4. Click the Groups folder.
5. Click the Action button and select New Group.
6. The New Group dialog box appears.
7. In the Group name box, type the name Session Directory Computers.
8. In the Description box, type a brief description of the group.
9. Click Add.
10. Select Object Types. A dialog box appears with three check boxes.
11. When prompted, type the Local Administrator user name and password.
12. Check the Computers check box and type a server computer name, or click the Check Names button and select a computer name from the list.
13. To add other servers, repeat step 11.
14. After all servers appear in the Members list, Click the Create button.
15. Close the Computer Management program.

Starting Session Directory

Finally, on the server to which you assigned the Session Directory name, start the Session Directory service. To do this, start at the Windows Start button, point to Settings, Administrative Tools, Services, and then click Terminal Services Session Directory.

Once you have completed these tasks, WTS persistence runs with Session Directory configured, which means that any required redirections normally performed by the .NET enterprise servers are performed by the BIG-IP.

Configuring WTS persistence without Session Directory

When a server has no Session Directory, the server cannot share sessions with other servers, and therefore cannot perform any redirections when a connection to a server becomes disconnected. In lieu of session sharing, Windows clients provide data, in the form of a user name, to the BIG-IP to allow the BIG-IP to consistently connect that client to the same server. Enabling WTS persistence to behave in this way is the non-default mode.

To configure WTS persistence when the servers do not have Session Directory, you must first perform the BIG-IP configuration tasks that are described in Configuring WTS persistence on the BIG-IP.

Next, you must set a BIG-IP global variable, msrdp no_session_dir. Setting this global variable disables Session Directory on all pools on which the msrdp attribute is set. To set the msrdp no_session_dir global variable, use the following command-line syntax:

b global msrdp no_session_dir enable

Finally, you must verify that the Terminal Services service is running on each Windows server in your load-balancing pool.