none
How to Direct Exchange ports for to Exchange servers each server is diffrent domain? RRS feed

  • Question

  • I have 2 different exchange 2013 servers which i load between them by haproxy... i have a public ip address and i have a problem that is i cant redirect smtp,imap and pop3 ports to the servers at the same time
    this is my haproxy.cfg config file which is not working until i remove on server it works for only one like 192.168.100.23 and the other not working 192.168.100.21

    global log 127.0.0.1 syslog chroot /var/lib/haproxy stats socket /run/haproxy/admin.sock mode 660 level admin stats timeout 30s user haproxy group haproxy daemon # Default SSL material locations #ca-base /etc/ssl/certs #crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy #ssl-default-bind-ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS tune.ssl.default-dh-param 4096 ssl-default-bind-options no-sslv3 no-tls-tickets ssl-default-bind-ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 errorfile 400 /etc/haproxy/errors/400.http errorfile 403 /etc/haproxy/errors/403.http errorfile 408 /etc/haproxy/errors/408.http errorfile 500 /etc/haproxy/errors/500.http errorfile 502 /etc/haproxy/errors/502.http errorfile 503 /etc/haproxy/errors/503.http errorfile 504 /etc/haproxy/errors/504.http listen stats bind *:9090 mode http maxconn 10 stats enable stats hide-version stats realm Haproxy\ Statistics stats uri / stats auth admin:admin frontend haproxy_in bind *:80 #bind *:443 ssl crt /etc/haproxy/certs/server.com.pem crt /etc/haproxy /certs/server1.com.pem mode http # Define Path For LetsEncrypt......................... acl is_letsencrypt path_beg -i /.well-known/acme-challenge/ use_backend letsencrypt if is_letsencrypt # Define hosts........................................ acl is_metro hdr_dom(host) -i server.com acl is_lib hdr_dom(host) -i server1.com # Direct hosts to backend.............................. use_backend metro if is_metro use_backend sindyan if is_sindyan default_backend metro # Redirect port 80 t0 443 except lets encrypt............ redirect scheme https code 301 if !{ ssl_fc } !is_letsencrypt backend letsencrypt server letsencrypt 127.0.0.1:8888 backend metro balance roundrobin mode http server vm1 192.168.100.21:80/owa check backend sindyan balance roundrobin mode http server vm3 192.168.100.23:80/owa check frontend SMTP bind *:25 mode tcp default_backend smtp backend smtp balance roundrobin mode tcp server vm3 192.168.100.21:25 check server vm4 192.168.100.23:25 check frontend SMTP_Secure bind *:587 mode tcp # Define hosts........................................ default_backend smtps backend smtps balance roundrobin mode tcp server vm3 192.168.100.21:587check server vm4 192.168.100.23:587 check frontend SMTP_S bind *:465 mode tcp default_backend ss backend ss balance roundrobin mode tcp server vm7 192.168.100.21:465 check server vm8 192.168.100.23:465 check frontend pop3_S bind *:995 mode tcp default_backend pops backend pops balance roundrobin mode tcp server vm9 192.168.100.21:995 check server vm10 192.168.100.23:995 check frontend pop3 bind *:110 mode tcp default_backend pop backend pop balance roundrobin mode tcp server vm11 192.168.100.21:110 check server vm12 192.168.100.23:110 check frontend IMAP bind *:143 mode tcp default_backend IMAP backend IMAP balance roundrobin mode tcp server vm13 192.168.100.21:143 check server vm14 192.168.100.23:143 check frontend IMAPS bind *:993 mode tcp default_backend IMAPS backend IMAPS balance roundrobin mode tcp server vm15 192.168.100.21:993 check server vm16 192.168.100.23:993 check

    so please help me to make all tcp ports serves both servers at the same time without roundroben method i need them directly routed for each exchange server thanks

    Tuesday, May 21, 2019 2:56 PM

All replies

  • I recommend you post this in an HAProxy forum.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."
    Celebrating 20 years of providing Exchange peer support!

    Tuesday, May 21, 2019 9:31 PM
    Moderator
  • Hi,

    It seems more related to HAProxy configuration. Here is a similar thread I found in HAProxy community. You can refer to it and see if it helps. If no, I also recommend you to raise your question in HAProxy community.

    SMTP Load Balancing With Exchange 2013

    Please note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information. And the changes made in the above blog is not supported officially by Microsoft.

    Regards,

    Dawn Zhou


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, May 23, 2019 8:37 AM
    Moderator
  • Hi,

    How is everything going?

    If there is any update, please feel free to let us know. 

     

    Regards,

    Dawn Zhou


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, May 28, 2019 9:47 AM
    Moderator