Exchange 2010 Hardware Load Balancing recommendations
-
Monday, August 31, 2009 12:00 PM
Hi,
i am planing for a Exchange 2010 deployment. I want to know if there are any
recommendations for hardware load balancing devices to built a CAS Array
(co-located with a DAG).There is one for OCS. Is this vaild for Exchange 2010 also ?
http://technet.microsoft.com/en-us/office/ocs/cc843611.aspxAny experience ?
regards
Peter
Peter
All Replies
-
Monday, August 31, 2009 12:14 PMHi Peter,
As far as I know there isnt any documented reccomendations for the exchange supporting hardware load balancing. Technically, there are two factors I will consider while choosing a hardware load balancer. First and obiviously very important that the device should be capable of handling the protocols used by Exchange CAS and HT boxes. and the other one would the capability of the device which should be normally checked with the vendor or the device manufacturer.
For Exchange server 2007 CAS deployment, I have seen Big IP used as a hardware load balancer. Yet, is there any specific reason why you would like to use hardware load balancer instead of windows NLB or DNS round and robin? (Just curious)
Milind Naphade | MCTS:M | http://www.msexchangegeek.com
-
Monday, August 31, 2009 8:18 PM
Hi,
thank you for the reply.
My thoughts are:
Windows NLB cannot be used because it’s not supported on the same box as the mailbox server with dag
DNS Round Robin is not failure aware, i.e. if the CAS server is not responding the DNS server will still direct clients to this server
ISA with Web Publishing Load balancing is an option for me but has 2 caveats
To have a fault tolerant environment I would need to deploy a ISA (or TMG) Array.
All the internal clients must also use the ISA Server for CAS access. Something I dont like very much.
regards
Peter
Peter -
Wednesday, September 09, 2009 9:51 AM Maybe you should try Barracuda load balanber, or Cisco. I haven`t heard any complaints to them.
All the best!- Marked As Answer by Peter_N Tuesday, February 07, 2012 4:11 PM
-
Wednesday, September 09, 2009 1:54 PMWe currently use Cisco IOS SLB (Server Load Balancing) with a HTTPS probe setup to monitor the server for availability. It isn't quite as fancy as something like BigIP and has a few quirks, but it seems to work ok.
Brian Day / MCSA / CCNA, Exchange/AD geek. -
Sunday, September 20, 2009 8:18 PM
Hi,
thank you for the response. I found a Load Balancer from Baracude which seems to be affortable: Modell 340
This Modell Supports Cookie Persistence which is a requirement. I will try to get a demo machine and try if its working with Exchange 2010 RTM.
If there is a Cisco equipment ready, I will try this also.
regards, Peter
Peter -
Wednesday, October 21, 2009 4:10 PMHi,
just finished testing with a Barracuda Modell 340 and two CAS Servers in a DAG. Works great!
Bernd -
Thursday, October 22, 2009 4:25 AMHey Bernd,
Could you share the parameters you tested the device against? I am actually seeking for the features and supportability of the device and how you tested them. Thanks for any help.
Milind Naphade | MCTS:M | http://www.msexchangegeek.com -
Thursday, October 22, 2009 9:59 PMFYI, we will be documenting this soon and releasing a white paper on paramenters at a high level. 3rd party vendors will then take our doc and customize it for their hardware. I do not have an ETA on when this will be ready but, will post an fyi soon.
-
Thursday, November 05, 2009 9:59 AMHi,I think, the load balancer is a SPOF again. Do you plan to use two equipments?
-
Friday, November 06, 2009 2:53 PMHi Bernd!
Did you load balance Outlook RPC access to CAS also? -
Friday, March 05, 2010 1:29 PM
Hi,
just finished testing with a Barracuda Modell 340 and two CAS Servers in a DAG. Works great!
Bernd
Bernd,
Could you possible send me a screenshot of your settings that you used for the Barracuda to get this to work? I'm not able to get the NLB working with our 2 node DAG. I've never used a NLB before and am really struggling with it.
I would greatly appreciate it: miller2348 -> gmail -
Friday, March 12, 2010 1:18 AMbumping because I would really like to see a list of OIP vendors for this as well.
Granted, this is just RPC and HTTP/S traffic, but a list would be nice to work off of. -
Tuesday, April 06, 2010 9:47 AM
Hi Bernd,
can show me the screen shot of the barracuda services settings?
regards,
ayen
-
Tuesday, April 06, 2010 12:10 PM
Hello,
What about "Coyote Point" - Hardware Load Balancer?
It is very much economical, any feedback?
-
Tuesday, April 06, 2010 12:21 PM
Hi Anbu,
I can share my experience on load balancing Exchange 2010. 100+ users, 2 LVS (Linux Virtual Server, keepalived) virtual machines. Works great for 4 month. Does not need hardware load balancer ;)
-
Tuesday, April 06, 2010 7:55 PM
Hi lkorokh,
Can you kindly provide more details about the infrastructure which you have used the Exchange 2010 without Hardware Load Balancer?
I could not get the LVS Server details?
What kindly of load balancing configured for Exchange 2010?
Have you try the failure scenario and non availability of a CAS/HUB scenario?
-
Wednesday, April 07, 2010 9:54 AMHi Anbu,
My infrastructure is very simple. 2 Exchange servers holding all roles (CAS,HUB, Mailbox) and 2 virtual machines with keepalived (http://www.keepalived.org/) which provides RPC and HTTP/HTTPS load balancing for exchange. keepalived serves virtual ip (VIP) which is configured as client access array in Exchange 2010. Each exchange 2010 has a loopback adapter with the same VIP. All these severs are in same ip subnet.
keepalive configured to work in active/passive scenario. It uses vrrp protocol to handle failover if active node goes down or became stalled. The second node goes up and handles all the requests for VIP.
Yes we had tested all the scenarios when one of keepalived or exchange server node goes down: clear shutdown/reboot, simulated network errors, simulated power loss, out of free disk space and so on. Everything works fine w/o any problems.
Few tips:
1. You should not specify a tcp port in keepalived configuration file in virtual_server section as load balanced port. This will allow you to do LB on every tcp port, so RPC and other protocols will be load balanced by default.
2. Virtual server in keeplived configuration should be configured to use "lb_kind DR" (this will enable direct return) and "lb_algo RR". Direct return is very fast, that is why 1 active virtual machine can serve more than 100 outlook clients. When the packet goes to VIP direct return algorithm just replaces MAC in packet form virtual to real server's MAC and forwards this packet to load balanced exchange server, all the communication back from exchange goes to client IP's directly bypassing keepalived.
3. On each exchange server you should enable weak send and weak receive functionality on networks cards that will be used for NLB (loop back adapter, and network adapter used for NLB). Docs on netsh command will help you.
After you make yourself clear with keepalived you can use and available guides to build your high availability infrastructure for Exchange. -
Wednesday, April 07, 2010 11:11 AMI can share settings if you give me an email to send them to. I have a Barracuda 340 working in a 2 node cluster
-
Wednesday, April 07, 2010 11:11 AMI can share settings if you give me an email to send them to. I have a Barracuda 340 working in a 2 node cluster
-
Wednesday, April 07, 2010 2:04 PM
Hi
That is great to know that you have done with Keepalived. However, I suggest you to load the VM node on two physical boxes.
Anyway, thanks for the information and sharing the details.
It is interesting.
-
Wednesday, April 07, 2010 3:03 PM
Hi RyanM_H
my email: ayen_oo7@hotmail.com
im implementing barracuda 340 also, load balancing exchange 2010
thanks in advance
-
Wednesday, April 07, 2010 4:13 PMYep, they are running on 2 different vm servers
-
Wednesday, April 07, 2010 6:38 PM
RyanM_H,
I appreciate if you could send Barracuda 340 configuration to me as well. My email: pcguy2007@gmail.com
-
Friday, April 09, 2010 9:55 AM
Hi RyanM_H
I'd like to see your config please. jan_d26 at hotmail com
Thanks!
Jan
-
Monday, April 19, 2010 7:28 PM
I would love to see your config as well Ryan.
marcus (a.t) tsgsv (d.o.t) com
Is anyone load balancing CAS roles between two sites? For example an East Coast and West Coast operation vs internal load balancing for single site.
Thanks!
-
Tuesday, April 20, 2010 6:07 PM
Hi,
Any one can share the optimal cost effective Hardware Load Balancer details?
With Best Regards Anbu -
Tuesday, April 20, 2010 7:55 PM
Hi,
thank you for the reply.
My thoughts are:
Windows NLB cannot be used because it’s not supported on the same box as the mailbox server with dag
DNS Round Robin is not failure aware, i.e. if the CAS server is not responding the DNS server will still direct clients to this server
ISA with Web Publishing Load balancing is an option for me but has 2 caveats
To have a fault tolerant environment I would need to deploy a ISA (or TMG) Array.
All the internal clients must also use the ISA Server for CAS access. Something I dont like very much.
regards
Peter
Peter
Hmm, if one member of the NLB fails the NLB will still redirect clients to the failed node? Is this a feature by design or is it Round Robin? No workaround or do we speak a full featured cluster then?
ftornell -
Tuesday, May 04, 2010 9:21 PM
Peter,
Try this link out. This should give you some good guidance.
http://aspoc.net/archives/2010/05/04/load-balancing-for-exchange-2010/
Don't forget to set the CAS Array parameter using the new-clientaccessarray commandlet or you may run into issues later on as posted here .
Matt Wade
-
Sunday, July 25, 2010 3:00 AM
Hi Ryan,
Appreciate if you can share the guide with me. My e-mail address is susanthasilva (at) hotmail (dot) com
-
Friday, July 30, 2010 4:41 AM
Hi RyanM_H
I'd like to see your config please.
mail: ibanez.pedro at gmail com
Thanks!
/Pedro
-
Wednesday, August 04, 2010 10:59 AM
I have tested BigIP F5 it seems to work OK.
Still looking into a better way to create a good monitor for the RPC availability
Port 135 is not good for me, it is still alive when RCP Client Access service is stopped.
6001 is possible, but setting and monitoring a static TCP port is probably better.Now I try to loadbalance HTTPS OWA traffic
-
Friday, August 06, 2010 4:45 AM
Hi Ryan,
Appreciated if you could send your configuration to jianming80[at]hotmail.com
Thanks.
Stanley
JianMing -
Friday, August 06, 2010 8:20 AM
Just to share with you, how to configure F5/Barracuda/Netscaler with Exchange 2010 :
http://laubel.wordpress.com/ -
Thursday, October 21, 2010 7:03 AM
Hi Brian,
would you be so kind and post a copy of your Cisco IOS SLB configuration statements?
regards, Bodo
-
Monday, October 25, 2010 1:48 PM
Hi Ryan,
I am implementing the same szenario with two CAS Server and two Barracuda 340 with failover feature. If it's possible please send me your configuration. Hopefully it will save me some hours.
Email: andreas AT rader.at
Thx in advance,
Andreas
-
Friday, October 29, 2010 2:46 PM
Today I configured two Barracuda Model 340 load balancers for Exchange 2010. The "Exchange 2010 and the Barracuda Load Balancer.pdf" document is pretty good, although some minor things are not very clear.
Still, after configuring services for MAPI, RPC Client Acces Service and Address Book Service, Outlook would disconnect and reconnect every time. Apparently the installed firmware version (3.3.0.007) has many problems with Exchange 2010. Upgrading to firmware version 3.4 solved this problem.
With kind regards / Met vriendelijke groet, Jetze Mellema | http://jetzemellema.blogspot.com/ -
Thursday, November 04, 2010 10:07 PM
-
Monday, November 22, 2010 11:17 PM
Hi Anbu
Coyote Point has recently released a deployment guide for using our Equalizer load balancers with Exchange 2010. You can download this document from http://www.coyotepoint.com/pdfs/10/Microsoft/MSExchange2010.pdf
There are additional documents on our website's Microsoft page (under Partners>>Strategic Technology Partners)
Best Regards,
-=Alpha
-
Friday, January 14, 2011 6:40 PMRyan - if still able, I'd like a copy of your Barracuda configuration as well. rosederekj @ gmail dot com
-
Thursday, January 20, 2011 4:41 AM
We currently use Cisco IOS SLB (Server Load Balancing) with a HTTPS probe setup to monitor the server for availability. It isn't quite as fancy as something like BigIP and has a few quirks, but it seems to work ok.
Brian Day / MCSA / CCNA, Exchange/AD geek.
Hi Brian -We've got this working for OWA and OA, but having some trouble with doing straight MAPI Outlook via Cisco SLB. I've got static ports set for RCA and AB - any other tricks here? No probes, but I can't even get past the endpoing mapper when trying to connect outlook to the VIP of the serverfarm.
-
Monday, January 24, 2011 5:32 PM
Hi Guys,
I have written a document on how to load balance exchange 2010 using jetNEXUS ALB. Might help you out if you are having problems
http://www.jetnexus.com/download/jetNEXUS_ALB_howto_Loadbalance_exchange.pdf
I am currently going through the qualification process of having the ALB Load Balancer listed as a vendor for Office Communication server. I have several sites using our device to load balance exchange 2007 & 2010 without issue.
-
Monday, January 24, 2011 5:45 PM
Hi Jay,
That was from when I was still at my old employer so I no longer have access to look at the config. :)
If you aren't able to get to the endpoint mapper then something seems odd. Is there any kind of firewall between your testing point and the CAS servers?
Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided “AS IS” with no guarantees, no warranties, and they confer no rights. -
Monday, January 24, 2011 5:49 PM
Nice work, it looks like a nice document! I did notice on small thing. In SP1 we moved the Address Book port from the .config file to the Registry. Also notice it is a REG_SZ and not a REG_DWORD value.
You can see the change about 1/2-way down here; http://social.technet.microsoft.com/wiki/contents/articles/configuring-static-rpc-ports-on-an-exchange-2010-client-access-server.aspx
Best of luck in your qualification! :)
Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided “AS IS” with no guarantees, no warranties, and they confer no rights. -
Monday, January 24, 2011 11:30 PM
No firewall, and yeah it does seem odd. After looking over Henrik Walther's doc on how to LB RCA Outlook via a Kemp hardware appliance, I'm thinking there has to be some special magic in Layers4-7 that plain old SLB can't do.
We're about to install a content switching module into our 6500 pair, so that should give us some more application-aware functionality.
Bad thing is we tried out a Kemp a long time ago for OCS LB, but never really got around to implementing enough servers to justify buying it :) . Will post back on how it goes with the CSM module on top of Cisco SLB.
Thanks for the reply though - you've been very helpful in the past.
-
Tuesday, January 25, 2011 1:07 AM
Jay it is possible, we have IOS SLB setup, with static MAPI and address book ports set with Outlook connecting ok through.
Albeit we have other issues with IOS SLB though whereby it puts a host into failed state for a reason unknown at the moment, i have asked for more logging so we know the reason why.
Stew -
Tuesday, January 25, 2011 10:02 AM
Can anyone post settings for a Barracuda 340? I'm having some trouble getting it to work - my thought is that I need to combine the HTTPS services (OWA and the OA, etc) - but the OWA is Layer 7 based on their documentation but things aren't quite right.
-
Tuesday, January 25, 2011 3:35 PM
Hi Brian,
I have recently worked on an Sp1 exchange 2010 and I did notice that the addressbook port had moved. I shall update the document! Thanks for pointing it out! I have several large Microsoft documents to work through to get the HLB :-)
-
Sunday, February 06, 2011 1:47 AM
Hi Jay,
That was from when I was still at my old employer so I no longer have access to look at the config. :)
If you aren't able to get to the endpoint mapper then something seems odd. Is there any kind of firewall between your testing point and the CAS servers?
Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided “AS IS” with no guarantees, no warranties, and they confer no rights.FYI, I got this working on our core cat 6500s with the content switching module in place....no extra config at all. I'm guessing the intelligence of the module provides the L4-L7 transparency needed to get past the hiccup I was seeing on a CSM-less 6500.
Good shape all around! no third-party HLB needed! Just updating for those still following, and good luck with your hardware and software LB endeavors.
-
Sunday, February 06, 2011 2:15 AM
Good shape all around! no third-party HLB needed! Just updating for those still following, and good luck with your hardware and software LB endeavors.
Woo-hoo! Glad to hear it is worknig. :) A CSM module last I checked cost as much or more than many 3rd party HLBs, but it sure is nice to have the functionality built in. :)
Microsoft Premier Field Engineer, Exchange
MCSA 2000/2003, CCNA
MCITP: Enterprise Messaging Administrator 2010
Former Microsoft MVP, Exchange Server
My posts are provided “AS IS” with no guarantees, no warranties, and they confer no rights. -
Sunday, February 06, 2011 2:18 AM
Haha, you are right. We are a heavy cisco shop, but this was an eBay special all the way.
Forget about their next step up too - the Application Control Engine (ACE) for catalyst. Costs a kidney and your firstborn.
-
Friday, February 11, 2011 1:53 PM
Hi lkorkohWe are trying to do the same and was wondering if you would please share your config files with me? Help greatly appreciated! Regards, sk
-
Friday, February 11, 2011 3:01 PM
Surprised it hasn't been posted yet:
Exchange Server 2010 Load Balancer Deployment
http://technet.microsoft.com/en-us/exchange/gg176682.aspx
Technical Specialist / Infrastructure Architect @ www.OGD.nl - MCSE 2003 Messaging - MCITP Enterprise Messaging Administrator 2007 & 2010 -
Friday, February 18, 2011 4:05 PM
RyanM_H,
Would you mind sending your config my way? workman.matt -at- gmail.com.
Thanks
-
Friday, March 11, 2011 12:40 PM
can you senf me the settings :
-
Monday, April 11, 2011 8:03 AM
Hello Peter_N,
here you have a guide that explaining the HW-NLB installation regarding MS-Exchange 2010 and MS-Office Comunication Server.
thnaks in advance :)
MCSE|2003 Security, MCTS|MS SharePint 2007 Configuration, MCTS |System Center Operations Manager 2007 MCTS|Exchange Server 2010, MCITP|Enterprise Messaging Administrator 2010. Medhat Mousa. -
Friday, April 22, 2011 3:01 PM
RyanM_H,
Can you please share your LB 340 settings to carriedits@cs.com. Thanks.
-
Wednesday, June 22, 2011 4:05 AM
Hi
DNS round robin is doing the load balance of connection request, but it is not so smart than WNLB & HLB. If seviceis is down then DNS round robin is not learn the same and still forwarding the request to the hosts and users got the service unavailable error msg.
WNLB is also not so samrt like HLB, but more intelligent than DNS round robin.
WNLB is host aware service, not service aware, if service is down and host is up then WNLB is still forwarding the request to servere on which service is down and user got the service unavailable error messages. In WNLB you could also take a control on port settings, which is not available in DNS load balancing.
But if you do not have budget, then really go with this WNLB, as it is free (you could save near about $4K-5K ): ). So it is good for low budget project or have to save cost.
HLB is really very intellignet and samrt than WNLB & DNS Round Robin. HLB is service aware device. if service is down for which HLB is configured, then it is not forwarding the request to service failed host and forward only the good available functional host, where service is up. So HLB is good consideration, if you have budget and not running in the cost cutting mode.
If service is mission critical, then you have to definitely consider HLB. Here DNS round robin and WNLB is not going to help you any more.For configuration of HLB, follow the manual provided by manufacturer.
Yes, you could also use the HLB is is using by OCS for exchnage, if port is free on that HLB. ISA or TMG is used only for load balanced the OWA, OA & EAS. it is not used for load balanced the CAS arrays, as it is used for MAPI session and ISA is not supporting the RPC communication.
Thanks,
Vidyanand
-
Wednesday, June 22, 2011 6:22 AM
But if you do not have budget, then really go with this WNLB, as it is free (you could save near about $4K-5K ): ). So it is good for low budget project or have to save cost.
Not sure if I agree on that. First, If you have no budget there is no point in deploying an high available Exchange environment. Secondly, a decent load balancer from KEMP costs < $1500 when using virtualization and < $2000 when you prefer a hardware appliance. With these prices nowadays I would recommend a load balancer for everybody, it's no longer expensive.
With kind regards / Met vriendelijke groet, Jetze Mellema | http://jetzemellema.blogspot.com/ -
Thursday, June 23, 2011 5:19 AM
Hi Mellema,
Yes, If you have low budget, and service is not much more critical, then deploy WNLB; otherwise go with HLB.
I know KEMP load balancer cost $2000. But for redundancy you have to deploy two Load Balance which would cost $4K.
Thanks,
Vidyanand
-
Thursday, June 23, 2011 11:12 AMBut with an HLB you can have all roles on just two servers. When you want to use WNLB, you have to have two separate CAS exchange servers, as it can not be combined with servers in a DAG.In most cases, the extra server licenses approximate or even surpass those of current HLB costs, even of those are redundant themselves. When you add hardware or virtual resources for these CAS, the cost will be even higher. (yes, a virtual NLB would also require resources, but are less than those of Exhange).If the organization has the need for splitting roles anyway, due to balancing roles etc.. WNLB wouldn't probably be sufficient anyway or with that amount of users the costs of HLB are more than justifiable. Especially with added functionality of HLB.So, I'm with Jetze. In most or all cases, it doesn't make sense to use WNLB instead of HLB.Ps. I have seen situation in where the customer chose a single virtual NLB. They know the risk compared to redundant NLB, but the disaster recovery procedure in case of an NLB failure was deemed sufficient for them. I myself was more comfortable to this cost reduction than to use for instance round robin or WNLB.
Technical Specialist / Infrastructure Architect @ www.OGD.nl - MCSE 2003 Messaging - MCITP Enterprise Messaging Administrator 2007 & 2010 -
Friday, November 11, 2011 10:22 AM
Hi Ryan,
I know this is an old thread, but I'm struggling with the installation of a 340 and Exchange 2010 sp1, everything works except for the autoreply, are you able to send me your config?
mark_steward at hotmail.com
Thanks
-
Friday, November 11, 2011 11:28 AMWhat do you mean with autoreply?
With kind regards / Met vriendelijke groet, Jetze Mellema | http://jetzemellema.blogspot.com/ -
Tuesday, February 07, 2012 4:31 PM
Hi,
didn´t notice that this threat is still so busy.
Just want to share some important links to the best ressources on that topic:
1st: Finally the vendor list from Microsoft
http://technet.microsoft.com/en-us/exchange/gg1766822nd: The Exchange 2010 Load Balancing Wiki - load of good information
http://social.technet.microsoft.com/wiki/contents/articles/exchange-2010-client-access-array-and-load-balancing-resources.aspx3rd: TechED2011 EXL307 presentation on Load Balancing with Microsoft Exchange Server 2010
http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011/EXL307
If you want to understand how to load balance Exchange 2010 properly, you need to watch this
There comes alot of documentation with every product, but they explain the default way. With this slides you know what options to use.
Since my post i had projects with Barracuda, KEMP and Citrix Netscaler (virtual and physical)
They all work great.
KEMP and Barracuda are easy to setup, cheap and cover the standard szenarios.
Citrix Netscaler gives you far more options (like better service monitoring, cookie handling, etc.) but comes with a higher price and longer setup time.
Hope this helps
Peter
- Marked As Answer by Peter_N Tuesday, February 07, 2012 4:31 PM
.png)
