ISA Server 2004 Service Pack 2 includes changes to the Cache Array Routing Protocol (CARP). These changes address the following issues.
You cannot distribute requests for a destination across array members
In a large organization that has many users, a single member of an ISA Server array may not adequately handle a single destination that experiences a high volume of traffic, such as Microsoft Windows Update. Therefore, during periods of peak activity, the array member may be overloaded by client requests for content from the destination site.
This issue may occur when a Windows Update software update that is represented by a single URL is served by a single server for all clients.
ISA Server 2004 SP2 changes this behavior. ISA Server 2004 with SP2 now uses the client computer's IP address in the hash if the destination site is listed in the Do not apply CARP to traffic to these Web sites
Clients in a branch office cannot route requests for internal destinations through the local ISA Server computer
In a branch office scenario, you can configure the client computers in a particular site to send requests through the local ISA Server computer. You can do this whether the destination name is a host name or a fully qualified domain name (FQDN) name if the destination server is not located in the same site as the client.
To configure this functionality, add the site IP ranges to the Directly access these servers or domains
list. When one or more IP address ranges are present in this list, the client script performs the following actions before it submits a request directly to the destination server:
- The client script determines whether the destination name is included in the Directly access these servers or domains list.
- If the destination server's name is included in this list, the client script tries to resolve the destination IP address to determine whether the destination is internal to the particular site.
If no IP addresses are present in this list, ISA Server 2004 with SP2 behaves just like the previous version of ISA Server 2004. Note
If at least one IP address is present in the Directly access these servers or domains
list, you must include all the IP address ranges that you want the client computer to access directly. If you do not include all the IP addresses that you want the client computer to access directly, the client routes requests to sites other than those that appear in the Directly access these servers or domains
list. Additionally, to prevent requests from IP address 127.0.0.1 from being routed when no IP address ranges exist in this list, add the 127.0.0.1 IP address as a domain name to the Directly access these servers or domains
list. If other IP address ranges are present in this list, the address range of 127/8 is automatically added.
ISA Server 2004 may route many requests in the array when CARP is enabled
When you enable CARP on an ISA Server 2004 array, ISA Server 2004 has to route many destination requests across array members. This issue may cause a higher than optimal CPU load on array members. This issue occurs because Microsoft Internet Explorer caches the proxy server address that it uses to reach a particular destination. Internet Explorer does not recalculate the proxy server address for each URL. For more information about Internet Explorer proxy caching, click the following article number to view the article in the Microsoft Knowledge Base:
How to disable automatic proxy caching in Internet Explorer
In ISA Server 2004 with SP2, the CARP algorithm is modified to use only the server's host name in the CARP calculation. This change increases the likelihood that the client contacts the server that contains the requested content.
A particular array member may experience a high load
When many ISA Server 2004 computers exist in a single ISA Server array, the load may not be optimally distributed across the individual array members. Therefore, a particular array member might experience a much higher percentage of client requests than other array members do.
ISA Server 2004 SP2 changes this behavior by using a different hash algorithm to calculate the most optimal ISA Server computer to access. You cannot configure or modify this behavior in ISA Server 2004 with SP2 because the behavior is internal to the Web Proxy Auto-Discovery (WPAD) algorithm.For more information about how to install ISA Server 2004 hotfixes and updates, click the following article number to view the article in the Microsoft Knowledge Base:
How to install ISA Server hotfixes and updates