Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC

Published byGeoffroy Brousseau Modified over 6 years ago

Similar presentations

Presentation on theme: "Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC"— Presentation transcript:

1 Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC
11/9/2018 3:37 AM EXL307 Using a Load Balancer in Your Microsoft Exchange Server 2010 Environment Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 About the Speaker Jaap Wesselius
Managing partner Inovativ UC Author of “Exchange 2010 SP1 – A practical approach” Parts published on Technet Magazine Contributor to the blogs: MSExchange.org Simple-Talk.com Jaapwesselius.com

3 Agenda Introduction Load balancing essentials
Exchange 2010 and what is means for load balancing Hardware load balancers Load balancing resources Summary

4 INTRODUCTION

5 Why do you want to load balance?
Redundancy and scalability Exchange 2010 multi-role with DAG

6 History of Load Balancing
WLBS appears first in NT4 Renamed to NLB in Windows 2000 Still available in Windows 2008 R2 In the NT4 timeframe there was no Exchange LB Only (static) web sites NLB is configured as a service on Client Access Servers Running in unicast or multicast mode Works fine, but there are some drawbacks…

7 Drawback in Windows NLB
Switch/port flooding when used in Unicast mode Scalability with more than 8 nodes Not Service Aware Add/Remove node causes reconnect Only Source IP for persistence Cannot be combined with DAG Multi-role server recommendation TechEd 2010: Microsoft recommends Hardware LB But is NLB supported? Yes, absolutely!

8 Hardware Load Balancers
Also referred to as ‘Application Delivery Controller’ Separate ‘node’ in network, independent of Windows Smart load distribution Service aware Multiple persistence options Compression options SSL offloading Caching of OWA attachments Packet shaping or packet stream modifications

9 Take aways Load balance Exchange for scalability and recovery
Microsoft recommends hardware load balancer Windows NLB is still supported, but has some drawbacks

10 Load Balancer Essentials

11 Load Balancing Essentials (1/1)
Setup of hardware load balancer One arm vs two arm setup Routing with hardware load balancer Source NAT Direct Server Return (DSR) Load Balancer Default Gateway (LBDG)

12 Load Balancing Essentials (2/2)
Persistence HTTP header Cookies Source IP SSL session ID Distribution Round robin Least connections

13 Load Balancer Virtual Service
‘Instance’ running on load balancer Own FQDN and IP address and port number, also referred to as virtual IP (VIP) Each service has its own settings for: Persistence Distribution Time-out SSL offload Load balancer can have multiple virtual services Each vendor uses its own naming convention!

14 Load Balancing Essentials Basic layout
Exchange 2010 multi-role with DAG

15 One Arm Load Balancer One Armed, i.e. one NIC
Virtual IP configured in same subnet Can cause routing issues, Exchange should use LB as default gateway Routing via Source NAT (SNAT) or via Direct Server Return (DSR)

16 One Arm Source NAT Pckt Source IP Dest. IP Description User to vIP loadbalancer LB Self IP to EXCH02 EXCH02 to LB Self IP LB vIP to User 1 4 2 3

17 One Arm Direct Server Return (DSR) (1/2)
Pckt Source IP Dest. IP Description User to vIP loadbalancer LB Self IP to EXCH02 EXCH02 to User ? 1 2 3

18 One Arm Direct Server Return (2/2)
Client does NOT expect IP address of CAS server DSR Requirements: No NAT but routing Loopback adapter on CAS with VIP Layer 7 persistence not supported More complex: use Source NAT!

19 Two Arm Load Balancer Two Armed, i.e two NIC’s
HLB Connected to two networks vIP in subnet1, servers in subnet2 Source NAT or load balancer default gateway

20 Two arm Load Balancer Source NAT
1 4 2 3 Pckt Source IP Dest. IP Description User to vIP loadbalancer LB IP internal to EXCH02 EXCH02 to LB IP internal LB vIP to User

21 Persistence per·sist·ence [per-sis-tuhns] Dictionary reference:
the act or fact of persisting. the quality of being persistent: You have persistence, I'll say that for you. continued existence or occurrence: the persistence of smallpox. the continuance of an effect after its cause is removed.

22 Persistence Options Persistence is also referred to as stickyness or affinity Stateful connection Persistence is NOT load distribution! SSL Session ID Cookies Source IP Hash persistence (sometimes SuperHTTPS) Cookie and Hash need SSL offload!

23 SSL offloading (1/2) SSL offloading means smart persistence
SSL is terminated at Load Balancer Offloads intensive processor utilization from Client Access Server Load Balancer to Exchange can be SSL No offloading means only Source IP persistence or SSL Session ID persistence

24 SSL offloading (2/2) WIKI: How to configure SSL offloading in Exchange 2010 OWA registry key HKLM\System\CurrentControlSet\Services\MSExchange OWA REG_DWORD SSLOffloaded, value “1” IIS manager SSL settings Outlook Anywhere: uncheck in Management Console Exchange 2010 RTM uses web.config for configuration

25 Powershell commands for SSL offloading
Set-OutlookAnywhere –Identity "$($env:COMPUTERNAME)\RPC (Default Web Site)" -SSLOffloading $true New-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\MSExchange OWA' -Name SSLOffloaded -Value 1 -PropertyType DWORD Import-Module webadministration Set-WebConfigurationProperty -Filter //security/access -name sslflags -Value "None" -PSPath IIS:\ -Location "Default Web Site/OWA" Set-WebConfigurationProperty -Filter //security/access -name sslflags -Value "None" -PSPath IIS:\ -Location "Default Web Site/ECP" iisreset /noforce

26 Traffic patterns and Load Balancing
Solution? Use Cookie based persistence Broadband or mobile provider CAS01 SNAT Load Balancer Uh oh… CAS02 CAS03

27 Take aways Transparency is key! One arm or two arm configuration
Routing your Exchange traffic Persistence

28 Exchange 2010 and what it means for load balancing

29 Hardware Load Balancer in Exchange 2010 Traffic patterns

30 Client Protocols in Exchange 2010
HTTPS MAPI POP3 IMAP4 SMTP Public Folder is not handled by CAS!

31 Persistence requirements
Persistence: Required Persistence: Recommended Persistence: Not Required RPC Client Access Service Outlook Anywhere Offline Address Book Outlook Web App Exchange Active Sync AutoDiscover Exchange Control Panel Address Book Service POP3 Exchange Web Services Remote PowerShell IMAP4

32 Client Access Server Array (CAS Array)
CAS Array is MAPI endpoint (FQDN) RPCClientAccessServer property on mailbox database Create Virtual Service with this FQDN and VIP on load balancer

33 RPC Client Access MAPI uses port 135 (static) plus dynamic ports (high range) for RPC and Address Book Use static ports Registry entries to control behavior MAPI is stateful session Source IP is only persistence option! Round Robin distribution Least connection can ‘overboost’ CAS after reboot

34 RPC Static Ports WIKI page “Configure Static RPC Ports on an Exchange 2010 Client Access Server” – MSExchangeRPC: HKLM\System\CurrentControlSet\Services\MSExchangeRPC REG_DWORD TCP/IP with port number Address Book Service: HKLM\System\CurrentControlSet\Services\MSExchangeAB\Parameters REG_SZ key RpcTcpPort with port number Don’t forget Public Folders!

35 Powershell commands for static ports
New-Item HKLM:\SYSTEM\CurrentControlSet\services\MSExchangeRPC\ParametersSystem Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\services\MSExchangeRPC\ParametersSystem "TCP/IP Port" type dword New-Item HKLM:\SYSTEM\CurrentControlSet\services\MSExchangeAB\Parameters Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\services\MSExchangeAB\Parameters RpcTcpPort type string

36 Outlook Anywhere Persistence recommended Source IP
Outlook 2010: OutlookSession Cookie OA ends on CAS (IIS) and continues in RPCPROXY.DLL on CAS Does not use MAPI VIP If persistence is not used RPC_IN_DATA and RPC_OUT_DATA are used for alignment Performance penalty

37 HTTPS – OWA and ECP OWA and ECP are stateful sessions
Source IP can be used (with large IP range) SSL offload can be disabled for OWA/ECP HTTPS persistence options can be used Cookies, Hash or SuperHTTP SSL offload must be used for OWA/ECP

38 Exchange Web Services EWS is stateful session
Cookie persistence is recommended Some mobile clients have issues with cookies SSL Session IS (if clients do NOT re-initiate!)

39 ActiveSync Persistence is recommended but not required
No persistence = performance penalty Basic Authentication, use Authorization header: Basic ZmFrZXVzZXI6eCRwSUFLOUBwOSE= Possible issues: Mobile operator can use limited set of IP’s (Source NAT issues) SSL Session ID: re-negotiation of Session ID

40 Client Access Server Vdir settings
AutoDiscoverServiceInternalUri = NLB Web Services InternalNLBBypassURL is set to the Server FQDN Virtual Directory InternalURL ExternalURL (Internet Facing AD Site) (Non-Internet Facing AD Site) /OWA Server FQDN NLB FQDN $null /ECP /Microsoft-Server-ActiveSync /OAB /EWS

41 Take aways Think about workloads and their requirements
Use static ports for MAPI Depending on vendor use multiple Virtual Services (check with vendor!)

42 Load balancing resources and vendors

43 Exchange 2010 load balancing resources
Wiki: Exchange 2010 Client Access Array and Load Balancing Resources on Technet videos, articles, vendor documentation, load balancer sizing tools Load Balancer qualification program

44 Hardware Load Balancer vendors

45 Software Load Balancer vendors

46 Summary

47 Summary Hardware load balancer is recommended, but NLB can still be used Think about the Exchange workload Important aspects are Transparency Routing Persistence Check with your vendor!

48 Additional Resources Exchange 2010 LB Deployment http://bit.ly/g7QwPy
WIKI CAS Load Balancing – Technet Videos, Community Articles, Vendor documentation, Load Balancer sizing tools

49 Track Resources Exchange Team Blog: Exchange TechNet Tech Center: Geek Out with Perry Blog: MEC Website and Registration:

50

51 Resources Learning TechNet http://northamerica.msteched.com
Connect. Share. Discuss. Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

52 Complete an evaluation on CommNet and enter to win!
Required Slide Complete an evaluation on CommNet and enter to win!

53 MS Tag Scan the Tag to evaluate this session now on myTechEd Mobile

54 11/9/2018 3:37 AM © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

55 11/9/2018 3:37 AM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC"

Similar presentations

MIX 09 4/15/2017 11:14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

MIX 09 4/15/ :14 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.

Faith Allington Program Manager Microsoft Corporation Session Code: WSV304.
Using a Load Balancer in Your Microsoft Exchange Server 2010 Environment Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC EXL307.

Using a Load Balancer in Your Microsoft Exchange Server 2010 Environment Jaap Wesselius Managing Consultant & Exchange MVP Inovativ UC EXL307.
Session 1.

Session 1.
Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.

Feature: Assign an Item to Multiple Sites © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names.
Feature: Print Remaining Documents © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

Feature: Print Remaining Documents © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.
Real World High Availability and Site Resilience Design Robert Gillies Solution Architect Microsoft Corporation EXL308.

Real World High Availability and Site Resilience Design Robert Gillies Solution Architect Microsoft Corporation EXL308.
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.

© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or.
Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.

Module 6: Managing Client Access. Overview Implementing Client Access Servers Implementing Client Access Features Implementing Outlook Web Access Introduction.
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks.
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or.

What’s New with IIS 8: Open Web Platform for Cloud

What’s New with IIS 8: Open Web Platform for Cloud
Running Reporting Services in SharePoint Integrated Mode: How and Why

Running Reporting Services in SharePoint Integrated Mode: How and Why
Tech·Ed North America /6/2018 2:20 AM

Tech·Ed North America /6/2018 2:20 AM
9/11/2018 5:53 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

9/11/2018 5:53 PM © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
MDOP: Advanced Group Policy Management 4.0

MDOP: Advanced Group Policy Management 4.0
TechEd 2013 9/14/2018 6:55 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

TechEd /14/2018 6:55 AM © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks.

Similar presentations

Ads by Google