http://exchangeserverpro.com/kemp-vlm-100-exchange-2010-load-balancer/
In this article I am going to take a quick walk through of the Kemp LoadMaster VLM-100, a virtual load balancer appliance from Kemp Technologies.
Load balancing has become one of those skills that Exchange Server administrators need to learn, like Active Directory, storage, and PKI. With Exchange 2010 we can load balance and provide high availability for client RPC/MAPI traffic on the Client Access servers.
Of course you can use Windows NLB to load balance an Exchange 2010 CAS Array, but that approach has some downsides in terms of scalability, but more importantly it is simply not as good at covering the number of different failure scenarios that can occur with Client Access servers. In short, NLB is server-aware but not service-aware, so a partial failure (eg the RPC Client Access Service stopping) will cause clients to disconnect rather than be reconnected to another available CAS.
For those of you who are interested in learning about hardware load balancing for Exchange Server 2010, Kemp Technologies offers free 30 day trials of their virtual appliances like the VLM-100.
Disclosure: Kemp Technologies has also provided me a permanent license for other versions of their LoadMaster range as part of their support for the Exchange MVP and blogging communities.
I chose the Hyper-V VM download and imported it into my test lab environment. They also offer VMware and Xen versions, and frankly it is pretty cool how quickly you can get the VLM up and running this way, although you do also need to request a temporary license which can take 24-48 hours to be issued (more on that in a moment).
GETTING STARTED WITH THE KEMP LOADMASTER VLM-100
When your new VLM has started you’ll see a Linux-style console and login prompt. You can ignore that though, and instead open your web browser and browse to https://ipaddress where “ipaddress” is the IP shown on the console of the VLM.
The Kemp LoadMaster VLM console
The first thing you’ll need to do when you connect with your web browser is acquire your license key by following the instructions on the page. Because this can take 24-48 hours to be sent to you, if you want to spend the weekend playing with load balancing in your test lab then you should do this step on a Wednesday/Thursday so you’re all ready to go.
With the license key installed you are prompted to login to the VLM.
The default login credentials are provided in the quick start guide that you’ll want to download a copy of from the Kemp documentation page. You’ll then be presented with the opportunity to set your own password.
Log in one more time with the new password and you’re ready to begin configuring the VLM.
CONFIGURING THE KEMP LOADMASTER
In my scenario I have two Exchange 2010 servers in a site that are both installed with the Client Access, Hub Transport and Mailbox server roles. They are also both members of a database availability group.
When I was deploying the servers in this site I did configure a CAS array, however because the DAG members cannot also be members of an NLB cluster, the CAS array’s DNS record simply points at one of the servers. In other words, I have no high availability or load balancing for the CAS array at the moment.
[PS] C:\>Get-ClientAccessArray Name Site Fqdn Members ---- ---- ---- ------- cas-headoffice HeadOffice outlook-ho.exchangeserverpr... {HO-EX2010-MB1, HO-EX2010-MB2} [PS] C:\>nslookup outlook-ho Server: ho-dc.exchangeserverpro.net Address: 10.1.1.3 Name: outlook-ho.exchangeserverpro.net Address: 10.1.1.21 [PS] C:\>nslookup ho-ex2010-mb1 Server: ho-dc.exchangeserverpro.net Address: 10.1.1.3 Name: ho-ex2010-mb1.exchangeserverpro.net Address: 10.1.1.21
So my goal is to configure the VLM-100 and then point the CAS array’s DNS record at the load balancer to improve the resilience of the Client Access services in this site. To keep things simple I’ll be deploying a one-armed configuration.
So to begin with I configure a suitable IP address for my test lab environment (obviously this IP address should be reachable from an existing computer on your network so you can reconnect and continue configuration after setting it).
After configuring the IP address you should also configure the default gateway.
CONFIGURING VIRTUAL SERVICES
Next it is time to configure the virtual services. There are two approaches you can take for this. The first is to work through the documentation from Kemp and configure everything manually. In fact reading the documentation is a good idea if you’re new to load balancing as the LoadMaster Configuration Guide covers a lot of the concepts before it gets to the actual configuration steps.
The other approach is to use a template file, which Kemp provides on their documentation page as well. I’ve downloaded the “Core” template and that is the one that I’ll be using in this scenario.
After installing the template the following virtual service templates are created for me.
This means that when I go to add a new virtual service, I can select from those imported templates.
Next I can add in the real server IP addresses (my Client Access servers).
The virtual service has been configured and shows a status of “Up”.
So the next step is to update the DNS record for the CAS array and point it at the virtual IP address I configured for this virtual service.
After making sure the old DNS entry had expired and all of my test clients were resolving the name to the new IP I re-launched Outlook on each of them. With four clients connecting to the CAS array the LoadMaster shows the following connection stats.
So it seems to be load balancing the connections just fine. Not only that, if one of the servers’s goes offline the VLM-100 detects that and updates the status accordingly.
I also wanted to create a virtual service to handle OWA, ActiveSync, and Outlook Anywhere. I added a new virtual service using the Exchange HTTPS template.
And then once again I configured the real server IP addresses for HTTPS services and then update the DNS record for the OWA/ActiveSync/Outlook Anywhere namespace(s) to point to the load balancer virtual IP address.
FURTHER CONFIGURATION SCENARIOS
After you have a basic load balancing configuration in place there are some more scenarios you can explore to learn more about hardware load balancing for Exchange Server 2010.
My suggestions are to look at:
Load Balancing with Microsoft Exchange Server 2010 (TechEd Australia 2011)
Enabling Kerberos Authentication for MAPI Clients
Configure the Availability Service for Network Load Balanced Computers