TMG NLB and F5 Publishing Problems


TMG array –> F5 Load Balancer –> Published service


When traffic comes in through TMG to F5, F5 doesn’t respond correctly to the load balanced request and then TMG doesn’t see any response.


  1. F5 extracts the MAC address from the Ethernet header instead of arp requests
  2. MS NLB uses MAC address spoofing to prevent switch port flooding in unicast NLB. NLB will mask the MAC address of a host with the NLB cluster host number and assign to each node in the cluster.
  3. Since F5 doesn’t use arp requests, the NLB driver isn’t used to properly assign the correct MAC address to the sending host via the arp request.


  1. Set MaskSourceMAC registry value to 0 on the adapters on both TMG servers that are in the NLB array sending to F5.
  2. Put a Hub between the F5 and the TMG array to prevent switch port flooding.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s