Exchange 2010

jetNEXUS ALB-X Exchange 2010 Deployment Guide

   Synopsis

    Pre-Requisites

    Overview

    Why jetNEXUS?

    What is a jetPACK?

    Exchange 2010 Description

    Standard Exchange Diagram

    Modifying Exchange 2010

    jetNEXUS ALB-X Configuration

    Adding a channel

    Add another service to a channel

    Adding a Content Server

    Configuring RPC (End Point Mapper)

    Configuring Static RPC/CA/PF (Client Access/Public Folders)

    Configuring Static RPC/ADS (Address Book Service)

    Configuring HTTPS OWA – Layer 7

    Configuring HTTPS OWA – Layer 4

    Content Server Monitor

    SSL Certificates

    TCP Timeout Changes

    jetPACK Quick Installation

    Troubleshooting

    Contact Us

 

Synopsis

This document explains briefly the concept
of Exchange 2010 and how to use an ALB-X to load balance Exchange 2010
Traffic.

 

Pre-requisites

The following are general prerequisites and
configuration
notes for this guide:

  • It is assumed that the reader is a
    network administrator or person familiar with networking and general
    computer terminology
  • You have set-up your Microsoft
    Exchange 2010 environment and have installed your jetNEXUS
    ALB-X application delivery controller
  • When Microsoft refer to a hardware
    load balancer (HLB) it is equivalent to the industry term “Application
    Delivery Controller”
  • You are running Software Version 3.55.1 (Build 1559) or later on your jetNEXUS ALB-X<span

 

Overview

The ALB-X is an Application Delivery
Controller (ADC)
sometimes referred to as a next generation load balancer.

This document assumes that you are already
familiar
with using the ALB-X interface.

This document assumes that you are already
familiar with the process of installing Exchange, creating a DAG, and
creating a CAS Array.

 

Why jetNEXUS?

Server Health Monitoring Application layer server health
checks, detect and route around
problems to eliminate downtime
Layer 4 & Layer 7 Load
Balancing
Speedy layer 4 load balancing
with layer 7 health checks ensure the most efficient load balancing is
achieved
Reverse Proxy Traffic from external clients is
securely proxied by edgeNEXUS ensuring no external client can directly
access internal resource
Session persistence The CAS array in Exchange 2010
requires session persistence. jetNEXUS ALB-X provides IP and Cookie
based session persistence
Compression Compression is automatically
used to accelerate external web and mobile clients
SSL Re-Encryption Enables
end to end secure encrypted traffic between client and internal
resources whilst still being able to provide acceleration and traffic
manipulation with flightPATH
fliightPATH Our
intelligent application layer traffic manipulation engine can be easily
configured to redirect OWA clients to the correct service

 

What is a jetPACK?

A
jetPACK is a simple text file that you can upload to your appliance
that contains all of the configuration needed to deploy an application
such as Exchange 2013.

For more information on jetPACK – Click Here

Exchange 2010 description

Brief overview of Exchange 2010 load
balancing configuration is provided below:

Outlook Clients

The Outlook clients we have used
during testing are made up of Outlook 2003, Outlook 2007 & Outlook
2010 which send their requests to the CAS.

Client Access Server (CAS) Role

The Client Access Server (CAS) role
accepts connections from a variety of clients to allow them access to
the Exchange Server infrastructure.

Database Availability Group (DAG)

The Database Availability Group (DAG)
is made up of Exchange Server 2010 Mailbox servers that provide
automatic database-level recovery from a database, server, or network
failure.

Standard Exchange 2010
Diagram

 

 

Modifying
Exchange 2010 Client Access Servers

To enable load balancing on Exchange 2010 we will need to make some
changes to each of the servers within CAS Array. We need to set static
ports for RPC Client Access service, Address Book service and Public
folders.
By default they use a dynamic RPC port range (6005-59530) for outgoing
connections.
Microsoft recommends you set the RPC Client Access Service and Public Folders to a unique value
between 59531 and 60554. We have used 59534 in our example.
Microsoft recommends you set the RPC Address Book Service to a unique
value between 59531 and 60554. We have used 59535 in our example.

Please click on the following link for instructions:

How to configure Static RPC Ports on
an Exchange 2010
Client Access Server

jetNEXUS ALB-X  Configuration

Example of Completed Rule

Below you will see the completed set of services.

Virtual IP address 192.168.1.247 The address that Outlook
clients should resolve the FQDN to
Virtual Service for MAPI clients 135, 59534, 59535 Static RPC ports needs for
Outlook clients
Virtual Service for Outlook Web
App
443 Secure Outlook Web App port
Virtual Service for Redirect 80 Used to redirect clients to from
http to https and add in the correct /owa path
Client Access Server 1 192.168.1.215 Real server address of CAS 1
Client Access Server 2 192.168.1.216 Real server address of CAS 2

 

 

Adding a Virtual Service

The IP Service configuration
screen is the main configuration screen
for load balancing functionality and it can be found in (Setup – IP Services).

 

  1. Click Add IP. This will
    add a blank row
  2. Double Click on a column to edit.
  3. Start with the IP Address column and tab to each column in turn
  4. Click Update once all available columns have been completed

 

Adding another
Service to the Same Channel

To set up another service on the same IP Address click “Add Port

This will add another group of settings similar to the first set. This
time you do not need to specify the listening IP or subnet as it has
already been added.
This now allows you to set up the new ports to each of the content CAS
servers.

Adding a Content Server

To add a Client Access Server navigate to the bottom section of the
page called “Content Servers

  1. Click Add New, this will
    add a blank row.
  2. Double Click on the IP Address column and add in your IP Address.
  3. Tab to the Port column
    and enter in the port number for your service
  4. Tab to the Notes section
    and add in the name of the client access server.

 

Configuring RPC

Configure the new channel with the IP details for your new service.
In this example we will configure the following IP details, based on a
One-Armed Configuration.

Channel
Details:

Primary: n/a
IP Address: 192.168.1.247
Subnet Mask: 255.255.255.0
Port: 135
Service Name: Exchange 2010 RPC
Service Type: Layer4
Max Connection: n/a

 

Destination:

Content Server
Details:
Exchange 2010 Client Access
Server 1
Content Server IP: 192.168.1.215
Content Server Port: 135

 

Actions:

Server Monitoring: TCP Connection
Load Balancing Policy IP-Bound (Formerly “IP Based”)
Connectivity: Reverse Proxy (Formerly
“Managed”)
Cache: Off
SSL: No SSL
Content SSL: No SSL
Enable Connection Pooling: N/A
Connection Pool Size: N/A

 

Configuring Static RPC/CA/PF (Client Access Service & Public Folders)

Configure the new channel with the IP details for your new service.
In this example we will configure the following IP details, based on a
One-Armed Configuration.

Channel Details:

Primary: n/a
IP Address: 192.168.1.247
Subnet Mask: 255.255.255.0
Port: 59534
Service Name: Exchange 2010 RPC/CA/PF
Service Type: Layer4
Max Connection: n/a

 

Destination:

Content Server
Details:
Exchange 2010 Client Access
Server 1
Content Server IP: 192.168.1.215
Content Server Port: 59534
Notes `Client Access Server 1

 

Actions:

Server Monitoring: TCP Connection
Load Balancing Policy IP-Bound (Formerly “IP Based”)
Connectivity: Reverse Proxy (Formerly
“Managed”)
Cache: Off
SSL: No SSL
Content SSL: No SSL
Enable Connection Pooling: N/A
Connection Pool Size: N/A

 

Configuring Static RPC/ADS (Address Book Service)

Configure the new channel with the IP details for your new service.
In this example we will configure the following IP details, based on a
One-Armed Configuration.

Channel Details:

Primary: n/a
IP Address: 192.168.1.247
Subnet Mask: 255.255.255.0
Port: 59535
Service Name: Exchange 2010 RPC/ADS
Service Type: Layer4
Max Connection: n/a

 

Destination:

Content Server
Details:
Exchange 2010 Client Access
Server 1
Content Server IP: 192.168.1.215
Content Server Port: 59535

 

Actions:

Server Monitoring: TCP Connection
Load Balancing Policy IP-Bound (Formerly “IP Based”)
Connectivity: Reverse Proxy (Formerly
“Managed”)
Cache: Off
SSL: No SSL
Content SSL: No SSL
Enable Connection Pooling: N/A
Connection Pool Size: N/A

 

 Configuring Exchange HTTPS
(OWA) – Layer 7

Channel Details:

Primary: n/a
IP Address: 192.168.1.247
Subnet Mask: 255.255.255.0
Port: 443
Service Name: Exchange 2010 HTTPS
Service Type: Accelerate HTTP
Max Connection: n/a

 

Destination:

Content Server
Details:
Exchange 2010 Client Access
Server 1
Content Server IP: 192.168.1.215
Content Server Port: 443

 

Actions:

Server Monitoring: Monitoring OWA
Load Balancing Policy Cookie
Connectivity: Reverse Proxy (Formerly
“Managed”)
Cache: Off
SSL: Exchange2010Certificate
Content SSL: Any
Enable Connection Pooling: N/A
Connection Pool Size: N/A

 

Configuring Exchange  HTTPS
(OWA) – Layer 4

Channel Details:

Primary: n/a
IP Address: 192.168.1.247
Subnet Mask: 255.255.255.0
Port: 443
Service Name: Exchange 2010 HTTPS
Service Type: Layer4
Max Connection: n/a

 

Destination:

Content Server
Details:
Exchange 2010 Client Access
Server 1
Content Server IP: 192.168.1.215
Content Server Port: 443

 

Actions:

Server Monitoring: TCP Connection
Load Balancing Policy IP-Bound (Formerly “IP Based”)
Connectivity: Reverse Proxy (Formerly
“Managed”)
Cache: Off
SSL: No SSL
Content SSL: No SSL
Enable Connection Pooling: N/A
Connection Pool Size: N/A

 

Content Server Monitor

For Exchange 2010 HTTPS OWA service you can create a Layer 7
application layer health check to ensure a server is capable of serving
content.

Navigate to the Configure –
Content-Server Monitoring
section.

  1. Click Add Records
  2. A new blank row will be created
  3. Double Click on the Name column to edit then tab to each subsequent tab and complete each column
    as below
  4. This rule name will now appear in the Actions – Monitoring which you can
    select to apply to the 443 channel.

 

 

SSL Certificates

If you have chosen the option to configure OWA as a layer 7 service you
will need to create or import a certificate in to the ALB-X.

Once you have either imported an existing certificate or created it on
the jetNEXUS ALB-X you will then be able to select it from the SSL drop
down within the Actions section.

Please refer to the userguide for more information how to manage SSL certificates.

TCP Timeout Changes

By default the jetNEXUS ALB-X has a 90 second timeout for TCP
connections. Whilst this is very efficient for web traffic it is more
desirable to extend this for Exchange 2010 deployment.

Please email support@edgenexus.io with your preferred TCP timeout
value.

Values between 5 Minutes and 2 hours are recommended but we can
customise this to any value you require.

Support@edgenexus.io will send you a custom configuration update file
which you then upload on to the ALB-X. This is a very quick and simple
procedure that can be completed from within the GUI in around 15
seconds.

You can download a 2 hour TCP timeout jetPACK update here

To apply the jetPACK update

  1. Navigate to Advanced – Update Software – Configuration
  2. Click Browse (for the file above)
  3. Click Upload and wait for approximately 15s
  4. When the screen returns the TCP update has been applied

 

jetPACK Quick Installation

The jetNEXUS ALB-X can be
configured automatically with a Exchange 2010
jetPACK”, template which is
fully-tuned with all of the
application-specific settings that you need in order to enjoy optimised
service delivery from your ALB-X
If you supply the virtual IP
address and real server IP addresses to support@edgenexus.io we will
send you a custom jetPACK that you simply upload to the jetNEXUS ALB-X
The upload can be done via the
GUI and will be fully configured in less
than 1 minute
The relevant jetPACK can be
applied to multiple jetNEXUS ALB-X
appliances saving valuable time and eliminating simple mistakes
To download a jetPACK please
visit  here

 

Troubleshooting

Further help can be found on the edgeNEXUS websites

http://www.edgenexus.io/support

UserGuides

 

Contact Us

I hope you have found this Deployment Guide informative, but if you
need any clarification or further information, please do not hesitate
to get in contact with edgeNEXUS Support:

E-mail

support@jetNEXUS.com

Phone

+44 (0870) 382 5529

Blog

http://jetNEXUS.blogspot.com/

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

Forgot your details?