Can somebody clarify to me what are the best practices when it comes to configuring logging and monitoring for Windows Server 2012 NLB. I believe there are 2 types of logging from management service and network driver. One of them (not sure which) can be enabled in NLB Manager. I'm interested to know what is tried or recommended logging configuration here.
As it quite often happens my interest triggered by case when one of the nodes physically went down (some underlying hyper visor failure) and there were no network connectivity to this node (no pings) and according to unconfirmed statements NLB continued to try to serve clients from failed node. I want to investigate/verify this from NLB POV why it not handled node failure properly. Though my current understanding is that NLB logging is disabled by default and there is not much I can gather from other logs.
How can I investigate such case?
This looks useful for debugging, but can be rotated follow regular
Event Tracing for Windows
standards (some info): Network Load Balancing in [Windows 2008] R2: Using ETW TracingFor continued availability, I've saved the unsupported
man
file to a gist. You can install it as follows:As for a log rotation idea, the post states:
Build in some other logic to check size and only retain for a few days, and you should be set with one method for rotation of log files.