How To Load Balance Remote Desktop Session Host With #KEMP Virtual LoadMaster? @KEMPtech #RDS #HyperV

I have been working with Remote Desktop Services (aka Terminal Services) since Windows Server 2003, however, Microsoft support has ended on July 14th 2015 for Server 2003, Windows Server 2003 R2, SBS 2003 and SBS 2003 R2, but still you plan on not upgrading?

Remote Desktop Services High Availability Challenges

As more organizations begin to adopt Desktop Virtualization in Windows Server 2012 R2, users are becoming increasingly dependent on Remote Desktop Services to securely access corporate resources from virtually anywhere while they stay productive when they are away from the office. To ensure the highest levels of availability, system engineers should identify and eliminate any potential single points of failure in the solution.

Remote Desktop Services Role Highly Available

KEMP-RDSH-LBHA12R2

Microsoft Remote Desktop Services – High Availability. (Image Source: Microsoft)

  1. Remote Desktop Session Host (RD Session Host)
  2. Remote Desktop Connection Broker (RD Connection Broker)
  3. Remote Desktop Virtualization Host (RD Virtualization Host)
  4. Remote Desktop Web Access (RD Web Access)
  5. Remote Desktop Licensing (RD Licensing) and Remote Desktop Gateway (RD Gateway)

Remote Desktop Services includes several components designed to eliminate single point of failure.

RD Gateway: High availability of the RD Gateway role service is achieved by deploying it in Windows Network Load Balancing (WNLB) cluster to load balance the RD Gateway traffic, or you could also use DNS round robin in place of an NLB cluster to make the RD Gateway role service highly available. One disadvantage with DNS round robin (DNSRR) is that it cannot act as a fail-over cluster. Therefore, if one server fails, clients might continue to attempt connection to the failed server. The optimal and effective solution is to use a third-party load balancer such as KEMP!

RD Web Access: High availability of the RD Web Access role service is achieved by deploying it in an active-active mode. Multiple RD Web Access servers can be configured as part of a Windows Network Load Balancing (WNLB) cluster to achieve this, or you could also use DNS round robin in place of an NLB cluster to make the RD Web Access role service highly available.

RD Connection Broker: One of the biggest improvements to high availability in Windows Server 2012 Remote Desktop Services is the RD Connection Broker (Active/Active). This RD Connection Broker will start automatically load balancing sessions for the RD Session Host servers farm in your deployment. In previous versions, the RD Connection Broker was only supported (Active/Passive) clustering. That provided basic redundancy, but it did not allow you to scale out as load increased.

RD Session Host: A high availability solution for the RD Session Host server consists of high availability of the hardware, as well as high availability of the Remote Desktop Session Host role service. You create a farm of multiple RD Session Host servers.

RD Virtualization Host: This role is installed on the Hyper-V host for virtual desktops. Setting up a failover cluster environment with multiple Hyper-V hosts will ensure that in the event of a hardware failure on a Hyper-V host, the virtual machines will fail over to another Hyper-V host and automatically start on a second node.

RD Licensing: A high availability solution for the RD Licensing role consists of high availability of the hardware, as well as high availability of the Remote Desktop Licensing role service. You can deploy multiple RD Licensing servers.

KEMP-RDSH-LB00

Microsoft Remote Desktop Services – High Availability Deployment. (Image Credit: Charbel Nemnom)

Windows Network Load Balancing Clusters

It’s time to graduate and say goodbye to Windows NLB. NLB suffers from many serious drawbacks and should be avoided in production if possible. NLB cluster uses layer two broadcasts for heartbeat communication, which generates an excessive amount of noise on the network. NLB also lacks application awareness, which may result in network traffic being delivered to a RDS host that is not capable of handling those requests. In addition, NLB requires static ARP configuration for Multicast mode over routed subnet, and finally you need to make sure that MAC address spoofing is enabled on the appropriate vmNIC or vmNICs if NLB is used inside a Virtual Machine. Have I complaint enough about NLB Winking smile so… it’s time to move!

In today’s blog post, I will show you how to effectively Load Balance your Remote Desktop Session Host servers with #KEMP virtual LoadMaster.

KEMP Load Balancers and Remote Desktop Services

The KEMP LoadMaster load balancer is an excellent solution for providing high availability for Windows Server 2012 R2 Remote Desktop Services. Using the LoadMaster to provide load balancing for RDSH server clusters provides numerous benefits over Windows NLB. With RDS functions enabled on LoadMaster users are able to maintain persistence even in the absence of a RD Connection Broker, including better service health checks, granular traffic delivery and accurate load balancing that can monitors resource consumption on RD Session Hosts to ensure that servers are not overloaded with connections.

It is important to realize that starting with Windows Server 2012, in most cases, Remote Desktop Services is deployed using the Scenario-Based Deployment as part of the Server Manager. In these cases you will automatically get an RD Connection Broker as part of your RDS deployment. However, there are certain scenarios when you don’t require to use RD Connection Broker such as public Kiosk deployments for example, these kiosks will be located in public areas, such as libraries, schools and airports, and will run a restricted set of applications. One set of requirements for these Kiosk machines is to ensure that it’s secured and users cannot interactively exit, shutdown, logoff, lock or switch user accounts.

N.B. For more details on using RD Session Host without RD Connection Broker, please refer to the following Microsoft link.

Before we start with the deployment, you need to disable RD Connection Broker Load balancing to avoid overlap between RD Connection Broker and KEMP Session Broker. You can do that in Group Policy Object on the OU where your RD Session Host servers are located and set the following GPO to disabled:

Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\RD Connection Broker\Use RD Connection Broker load balancing

Installing Virtual LoadMaster using Hyper-V Manager

The Virtual LoadMaster (VLM) is packaged as .VHDX file for ease of deployment. This image can be freely downloaded from KEMP Technologies website for a 30 day evaluation period. To download the VLM please follow the detailed instructions here.

Importing the Virtual LoadMaster Into Hyper-V

Click the Import Virtual Machine menu option in Hyper-V Manager console, and follow the import virtual machine wizard by selecting the LoadMaster VLM folder. The virtual machine should be imported and should now appear within the Virtual
Machines pane in the Hyper-V Manager.

Configure the Network Adapter Settings

Ensure that the Enable spoofing of MAC addresses checkbox is selected, and Static MAC address is selected as well.

KEMP-RDSH-LB20

The LoadMaster is now fully installed and ready to be used. Please refer to the LoadMaster documentation for step by step Licensing and Configuration which can be downloaded from the http://www.KEMPtechnologies.com/documentation page.

Configure The LoadMaster For Remote Desktop Session Host Service

Configure the LoadMaster settings by following the steps below in the LoadMaster Web UI:

1. Add New –> Virtual Services.
2. Enter the relevant IP address in the Virtual Address (VIP).
3. Enter 3389 as the Port.
4. Enter a recognizable Service Name, such as RDSH-LB.
5. Click Add this Virtual Service.

KEMP-RDSH-LB02

6. We can set an Alternate Address as well in case the primary Virtual IP Address is not reachable.

KEMP-RDSH-LB17

7. Expand the Real Servers section.
8. Click Add New to add the RD Session Host servers as Real Servers.
9. Enter the Real Server IP Address.
10. Enter 3389 as the Port.
11. Click Add This Real Server.
12. Repeat step 11 above until all Real RDSH Servers have been added.

KEMP-RDSH-LB08

13. When all of the RDS server have been added, you can check the status of the Virtual Service by selecting Statistics in the main menu, and then click on Real Servers. The status will be displayed. Confirm that the Status is Up.

KEMP-RDSH-LB09

14. The next step is to configure the load balancing method. Click Modify on the relevant Virtual Service.
15. Expand the Standard Options section.
16. Deselect the Transparency mode. We do not require Layer 7 transparency for our deployment.
17. Select Session Broker as the Persistence Mode. (The LoadMaster is able to redirect a user to an existing session based on the persistence token. This is perfect in our scenario, because we deployed RD session host farm without an RD Connection Broker.
18. Set the Scheduling Method to Weighted Least Connection. This to ensure that user sessions are equally spread over the RD Session Host servers.
KEMP-RDSH-LB04

The load-balanced RD Session Host configuration is completed.

Test The Load-Balanced RD Session Host

Fire up your kiosk machines and enjoy the accurate load balancing Winking smile

In the main menu of the LoadMaster Web UI, select Statistics.

KEMP-RDSH-LB15

Click the Real Servers button.

KEMP-RDSH-LB19

Click the Virtual Services button.

KEMP-RDSH-LB12

Last but not least, do you want to take any RD Session Host into maintenance mode? very simple, you can select the desired real server and click Disable. The LoadMaster will stop redirecting users sessions to that server.

KEMP-RDSH-LB14

The Virtual LoadMaster is Highly Available

As we discussed at the beginning of this article, the RDS roles services are highly available now, but the Virtual LoadMaster is still a single point of failure, you need to avoid that by leveraging Hyper-V Cluster and make this VM highly available as well. in the event of a hardware failure on a Hyper-V host, the virtual LoadMaster will fail over to another Hyper-V host and automatically start. Thus will make sure the load balancer is always available and serving your users’ request.

Closing Thoughts

Remote Desktop Services is a compelling virtual desktop solution that can be used to provide secure desktop and RemoteApp access with unrivaled ease of use. The users become more dependent on it for their productivity and day to day job, therefore building a scalable and highly available Remote Desktop Access solution is critical. You want to avoid using Windows NLB for Remote Desktop Services in production and implement the KEMP LoadMaster load balancer to provide load balancing and high availability solution. This will ensure the best experience for users and administrators alike.

As a free gift! KEMP has just launched FreeLoadBalancer, where you are able to download a free version of their popular KEMP LoadMaster. The free version is available for unlimited use Open-mouthed smile and is perfect for certain scenarios, such as Windows Network Load Balancing (WNLB) replacement. It is an ideal Load Balancer for smaller environments, especially since this has a load more features and is a Layer 7 Load Balancer compare to Windows Network Load Balancing. Are you still using NLB in production? What are you still waiting for Winking smile

Hope this helps some of you out there.

Until the next time… Enjoy your Day!

Cheers,
-Charbel

About Charbel Nemnom 325 Articles

Charbel Nemnom is a Microsoft Cloud Consultant and Technical Evangelist, totally fan of the latest’s IT platform solutions, accomplished hands-on technical professional with over 15 years of broad IT Infrastructure experience serving on and guiding technical teams to optimize performance of mission-critical enterprise systems. Excellent communicator adept at identifying business needs and bridging the gap between functional groups and technology to foster targeted and innovative IT project development. Well respected by peers through demonstrating passion for technology and performance improvement. Extensive practical knowledge of complex systems builds, network design and virtualization.

2 Comments

  1. Hi Charbel,
    Is there any solution to provide high availability at the level of remote desktop session.

    let me explain, i will use the same environment in the above article, if a client is on RDSH02 and he is editing word document, he did not save then RDSH02 crash.
    what will happen to the session it will be gone or what.
    my concern is there any product offer session availability when the RDSH02 crash the session redirected to another server keeping the session data intact.

    • Hello Hassan,

      Great question.

      Unfortunately, there is no clustering for RDSH per se that can run both instances at the same time.

      It is a problem that has been studied by both Microsoft and Citrix.
      How to roam the client session itself, not just the profile data, but the session is complicated. Since it is memory run space.

      The recommendation is to store data on a fault tolerance file server (e.g. offline folders) and if using Word in your case, set auto-save to the appropriate interval (I believe the default is 10 minutes).

      In the above case, the end user would lose 10 minutes of work but no more.

      From what I remember there is a third party solution that allow this, but it is basically a mirror like setup where you have to double up on all your RDS Session Hosts. Way too much money for most customers.

      Hope this helps.

      Thanks,
      -Charbel

Leave a Reply