Increasing Availability and Performance of an RRAS Design

Applies To: Windows Server 2008, Windows Server 2008 R2

In addition to increasing performance by upgrading server hardware, you can improve availability and performance by incorporating the following elements in your remote access design:

Increase availability by using redundant servers

Remote access solutions with redundant servers can provide higher availability for remote access clients. If service degradation is not a critical issue, you can use your primary remote access servers as backups for each other. In that case, if one server fails, the others assume the additional workload. If service degradation is not acceptable, provide redundancy by enlisting servers to provide failure protection. You can make the multiple servers available through a single name by registering all of the servers’ IP addresses to the same DNS name, and allowing the DNS server to load balance through its use of round-robin resolution. The DNS server returns not a single IP address, but a list of addresses, from which the client selects the one to use. To provide a simple form of load balancing, the server changes the order of the addresses provided in each response to clients.

Increase performance by using Network Load Balancing

A better form of load balancing network traffic across multiple RRAS servers is to use Network Load Balancing (NLB), a feature of Windows Server 2008 R2, Windows Server 2008, and Windows Server 2003. NLB dynamically distributes traffic from VPN remote access clients among multiple RRAS servers.

NLB also provides immediate failover if an RRAS VPN server fails. If an RRAS VPN server fails, client sessions handled by that server also fail. Clients are prompted to log on again, and their new session is handled by one of the remaining hosts.

To provide load balancing for VPN remote access clients, use the default port rule in NLB to configure all hosts, as follows:

  • Set the port range to 0–65535 (the default). The default range covers all of the ports, so the port rule remains valid even if there is a change in the port numbers that you want to cover.

  • Accept the default filtering mode, load weight/equal load distribution, and affinity settings.

For more information about using Network Load Balancing, see Network Load Balancing ( in the Windows Server Technical Library.