Evidian > Products > High Availability Software - Zero Extra Hardware > Microsoft NLB in VMware: alternative to multicast and unicast with the SafeKit software

Microsoft NLB in VMware: alternative to multicast and unicast with the SafeKit software

Evidian SafeKit

Microsoft NLB multicast mode

As explained in the knowledge base of  VMware on network load balancing (NLB) multicast mode configuration, you need to manually configure static ARP resolution at the switch or router for each port that connects to the cluster.  Deployment of the Microsoft NLB multicast mode in an unknown network environment can prove to be a complex and strenuous task.

Microsoft NLB unicast mode

With Microsoft NLB unicast mode, you must configure the ESXi/ESX host to not send RARP packets when any of its virtual machines is powered on. That's why, Microsoft NLB is not working properly in Unicast Mode with VMware.

Alternative with Evidian SafeKit

The SafeKit virtual IP address configuration does not require any special network configuration and the network load balancing can run in any environment. An important feature when the solution must be deployed in an unknown infrastructure: unknown switches or routers, physical servers or virtual servers.

Partners, the success with SafeKit

This platform agnostic solution is ideal for a partner reselling a critical application and who wants to provide a redundancy and high availability option easy to deploy to many customers.

With many references in many countries won by partners, SafeKit has proven to be the easiest solution to implement for redundancy and high availability of building management, video management, access control, SCADA software...

Building Management Software (BMS)

Video Management Software (VMS)

Electronic Access Control Software (EACS)

SCADA Software (Industry)

How the SafeKit farm cluster works?

Virtual IP address in a farm cluster

How the Evidian SafeKit farm cluster implements network load balancing and failover

On the previous figure, the application is running on the 3 servers (3 is an example, it can be 2 or more). Users are connected to a virtual IP address.

The virtual IP address is configured locally on each server in the farm cluster.

The input traffic to the virtual IP address is received by all the servers and split among them by a network filter inside each server's kernel.

SafeKit detects hardware and software failures, reconfigures network filters in the event of a failure, and offers configurable application checkers and recovery scripts.

Load balancing in a network filter

The network load balancing algorithm inside the network filter is based on the identity of the client packets (client IP address, client TCP port). Depending on the identity of the client packet input, only one filter in a server accepts the packet; the other filters in other servers reject it.

Once a packet is accepted by the filter on a server, only the CPU and memory of this server are used by the application that responds to the request of the client. The output messages are sent directly from the application server to the client.

If a server fails, the SafeKit membership protocol reconfigures the filters in the network load balancing cluster to re-balance the traffic on the remaining available servers.

Stateful or stateless applications

With a stateful application, there is session affinity. The same client must be connected to the same server on multiple TCP sessions to retrieve its context on the server. In this case, the SafeKit load balancing rule is configured on the client IP address. Thus, the same client is always connected to the same server on multiple TCP sessions. And different clients are distributed across different servers in the farm.

With a stateless application, there is no session affinity. The same client can be connected to different servers in the farm on multiple TCP sessions. There is no context stored locally on a server from one session to another. In this case, the SafeKit load balancing rule is configured on the TCP client session identity. This configuration is the one which is the best for distributing sessions between servers, but it requires a TCP service without session affinity.

SafeKit High Availability Differentiators against Competition

SafeKit Modules for Plug&Play Redundancy and High Availability Solutions

Advanced clustering architectures

Several modules can be deployed on the same cluster. Thus, advanced clustering architectures can be implemented:

Demonstrations of Redundancy and High Availability Solutions

SafeKit Overview

Examples of redundancy and high availability solutions with SafeKit.

Full training here

Microsoft SQL Server Cluster

This video shows a mirror module configuration with synchronous real-time replication and failover.

The file replication and the failover are configured for Microsoft SQL Server but it works in the same manner for other databases.

Free trial here

Apache Cluster

This video shows a farm module configuration with load balancing and failover.

The load balancing and the failover are configured for Apache but it works in the same manner for other web services.

Free trial here

Hyper-V Cluster

This video shows a Hyper-V cluster with full replications of virtual machines.

Virtual machines can run on both Hyper-V servers and they are restarted in case of failure.

Free trial here

SafeKit Technical Documentation

SafeKit Training


  1. Overview / pptx

    • Demonstration
    • Examples of redundancy and high availability solution
    • Evidian SafeKit sold in many different countries with Milestone
    • 2 solutions: virtual machine or application cluster
    • Distinctive advantages
    • More information on the web site
    • SafeKit training
  2. Competition / pptx

    • Cluster of virtual machines
    • Mirror cluster
    • Farm cluster

Installation, Console, CLI

  1. Install and setup / pptx
    • Package installation
    • Nodes setup
    • Upgrade
  2. Web console / pptx
    • Cluster configuration
    • Configuration tab
    • Control tab
    • Monitor tab
    • Advanced Configuration tab
  3. Command line / pptx
    • Configure the SafeKit cluster
    • Configure a SafeKit module
    • Control commands

Advanced configuration

  1. Mirror module / pptx
    • start_prim / stop_prim scripts
    • userconfig.xml
    • Heartbeat (<hearbeat>)
    • Virtual IP address (<vip>)
    • Real-time file replication (<rfs>)
    • How real-time file replication works?
    • Mirror's states in action
  2. Farm  module / pptx
    • start_both / stop_both scripts
    • userconfig.xml
    • Farm heartbeats (<farm>)
    • Virtual IP address (<vip>)
    • Farm's states in action
  1. Checkers / pptx
    • userconfig.xml
    • errd checker
    • intf and ip checkers
    • custom checker
    • splitbrain checker for a mirror module
    • tcp, ping, module checkers
    • Checkers in action


  1. Troubleshooting / pptx
    • Analyze yourself the logs
    • Running an application without SafeKit
    • Take snapshots for support
    • Boot / shutdown
    • Web console / Command lines
    • Mirror / Farm / Checkers


  1. Evidian support / pptx
    • Get permanent license key
    • Register on support.evidian.com
    • Call desk