Assume that you have a network that consists of two Network Load Balancing (NLB) servers and two Routing and Remote Access Service (RRAS) servers that are connected under same subnet and switch. In this environment, the packet that is sent from the NLB servers causes network flooding to the RRAS servers. This, in turn, causes a decreased network service under the same switch.
To work around this issue and avoid traffic flooding if you must use NLB, isolate the network traffic at the physical network level between NLB and RRAS servers.
Why this issue occurs
Distribution of Cluster Traffic for NLB
Network Load Balancing uses layer 2 broadcast or multicast to simultaneously distribute incoming network traffic to all cluster hosts. There are two modes of transmission: unicast mode and multicast mode.
In its default unicast mode of operation, Network Load Balancing reassigns the station address ("MAC" address) of the network adapter for which it is enabled (called the cluster adapter). All cluster hosts are assigned the same MAC address. Incoming packets are, therefore, received by all cluster hosts and passed up to the Network Load Balancing driver for filtering.
Network Load Balancing provides multicast mode as an alternative for distributing incoming network traffic to all cluster hosts. This mode assigns a layer 2 multicast address to the cluster adapter instead of changing the adapter's station address.
Routing and Remote Access Service
RRAS supports Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) network routing. It also supports remote user or site-to-site connectivity by using virtual private network (VPN) or dial-up connections.
The remote access feature provides VPN services so that users can access corporate networks securely over the Internet as if they were directly connected. Remote access also enables remote or mobile workers who use dial-up communication links to access corporate networks.
RRAS is a software router and an open platform for routing and networking. Its routing services can be used by organizations in local area network (LAN) and wide area network (WAN) environments or over the Internet by using secure VPN connections. Routing is used for multiprotocol LAN-to-LAN, LAN-to-WAN, VPN, and network address translation (NAT) routing services.