Using HAProxy with MS Exchange 2010

While MS Exchange 2010 provides services arrays to ensure high-availability, it lacks a load balancing mechanism to balance traffic across services hosted by Client Access Servers (CAS) and Edge Transport Servers.

Using the HAProxy load-balancer with MS Exchange 2010 brings the following benefits:

  • Application aware health checks which provide the status of the service rather than a simple ping
  • Granular persistence methods adapted to the Exchange service and client software and architecture
  • SSL offloading to handle the SSL connection for CAS array servers so these can focus on their jobs
  • Scale up: Expand an architecture vertically
  • Scale out : Add more nodes to CAS array by splitting services on the load-balancer side and dedicating servers to services

Supported Versions

You can use HAProxy with the following versions of Microsoft Exchange: 2010, 2010 SP1, 2010 SP2, 2010 SP3

MS Exchange 2010: A Quick Recap

Microsoft Exchange 2010 provides businesses with email, calendar, and contacts on PC, phone, and web.

In Microsoft Exchange 2010, you can dedicate roles to servers, and build redundant platforms with a load-balancer to allow clients to connect to services. It is also scalable.

There are 5 server roles: Mailbox, Client Access, Hub Transport, Unified Messaging, and Edge Transport Server.

HAProxy can balance services from Client Access, Hub Transport, and Edge Transport Server.

Role Purpose
Client Access Front end servers where clients get connected to access their emails, contacts, and agenda
Edge Transport Server Handles the internet facing mail flow, with security features (anti-virus and anti-spam)
Hub Transport Exchange 2010 mail router within the organization
Mailbox Servers hosting emails (in mailboxes) public folders
Unified Messaging

Enables the ability to deliver fax and voice mail to Outlook 2010 clients

Disclaimer: The Exchange 2010 configuration tips in this section are for information only. For complete information about Microsoft Exchange 2010, refer to the Microsoft web site. This section does not show how to install and set up an Exchange 2010 cluster.

Exchange 2010 architecture

The diagram below shows how the different roles are used in a typical Exchange 2010 platform:

Client Access Services

The diagram below shows the services that the CAS host and the interactions with both Active Directory and mailbox server. It also shows the client type per service.

HAProxy stands between the clients and the CAS.

SMTP load-balancing

To do SMTP load-balancing, you can use either or a combination of the methods below:

  • Using DNS: Set up two or more DNS MX (Mail eXchanger) entries, with each one pointing to an Exchange HUB server. An SMTP client would use first the MX record with the lowest preference, then try the next higher preference.
  • Using a single MX entry pointing to the load-balancer. The load-balancer would balance requests between SMTP servers configured behind it.

Ports and protocols

The table below summarizes the different ports and protocol involved on the Client Access servers.

The static ports for both RPC Client Access and Address Book service are chosen randomly by default.

TCP port Protocol CAS Service
80 and 443 HTTP / HTTPs
  • Autodiscover (AS)
  • Exchange ActiveSync (EAS)
  • Exchange Control Panel (ECP)
  • Offline Address Book (OAB)
  • Outlook Anywhere (OA)
  • Outlook Web App (OWA)
110 and 995 POP3 / POP3s POP3
135 TCP RPC EndPoint Mapper (EPM)
143 and 993 IMAP / IMAPs IMAP4
60000 TCP Static port for RPC Client Access Service
60001 TCP Static port Address Book Service
Warning: Microsoft recommends that any port within the range 59531 to 60554 should be used, and that the same ports should be used on all Client Access Servers within the same AD site.

Service affinity

Affinity depends on the service. The table below summarizes the affinity requirements per service:

Persistence required Persistence recommended No persistence required
Exchange Control Panel (ECP) Address Book Service (AB) AutoDiscover (AD)
Exchange Web Service (EWS) Exchange ActiveSync (EAS) Offline Address Book (OAB)
Outlook Web App (OWA) Outlook Anywhere (OA) POP3
RPC Client Access Service Remote PowerShell IMAP4

Configuring MS Exchange 2010 for HAProxy

To ensure that your CAS array is compatible with the HAProxy load-balancer, follow the instructions provided by Microsoft.

You can also refer to these blogs for guidelines: