Introduction to Microsoft Exchange server 2013
Note: I’ll introduce exchange from a Load-Balancing point of view. For a detailed information about exchange history and new features, please read the pages linked in the Related links at the bottom of this article.
Exchange is the name of the Microsoft software which provides a business-class mail / calendar / contact platform. It’s an old software, starting with version 4.0 back in 1996…
Each new version of Exchange Server brings in new features, both expanding Exchange perimeter and making it easier to deploy and administrate.
Exchange 2007
Introduction of Outlook Anywhere, AKA RPC over HTTP: allows remote users to get connected on Exchange 2007 platform using HTTPs protocol.
Exchange 2010
In example, Exchange 2010 introduced CAS arrays, making client side services high-available and scalable. DAG also brings mail database high-availability. All the client access services required persistence: a user must be sticked to a single CAS server.
Exchange 2010 introduced as well a « layer » between the MAPI RPC clients and the mailbox servers (through the CAS servers), making the failover of a database transparent.
Exchange 2013
Exchange 2013 improved again the changes brought by Exchange 2010: the CAS servers are now state-less and independent from each other (no arrays anymore): no persistence required anymore.
In exchange 2013, raw TCP MAPI RPC services have disappeared and have definitively been replaced by Outlook Anywhere (RPC over HTTP).
Last but not least, SSL offloading does not seem to be allowed for now.
Load-Balancing Microsoft Exchange 2013
First of all, I’m pleased to announce that HAProxy and the ALOHA Load-Balancer are both able to load-balance Exchange 2013 (as well as 2010).
Exchange 2013 Services
As explained in introduction, the table below summarizes the TCP ports and services involved in an Exchange 2013 platform:
TCP Port | Protocol | CAS Service name (abbreviation) |
---|---|---|
443 | HTTPS | – Autodiscover (AS) – Exchange ActiveSync (EAS) – Exchange Control Panel (ECP) – Offline Address Book (OAB) – Outlook Anywhere (OA) – Outlook Web App (OWA) |
110 and 995 | POP3 / POP3s | POP3 |
143 and 993 | IMAP4 / IMAP4s | IMAP4 |
Diagram
There are two main types of architecture doable:
1. All the services are hosted on a single host name
2. Each service owns its own host name
Exhange 2013 and the Single host name diagram
Exhange 2013 and the Multiple host name diagram
Configuration
There are two types of configuration with the ALOHA:
– Layer 4 mode: the LB act as a router, infrastrcuture intrusive, ability to manage millions of connections
– layer 7 mode: the LB act as a reverse-proxy, non-intrusive implementation (source NAT), ability to manage thousands of connections, perform SSL offloading, DDOS protection, advanced persistence, etc…
The present article describe the layer 7 configuration, even if we’re going to use it at layer 4 (mode tcp).
Note that it’s up to you to update your DNS configuration to make the hostname point to your Load-Balancer service Virtual IP.
Template:
Use the configuration below as templates and just change the IP addresses:
– bind line to your client facing service IPs
– server line IPs to match your CAS servers (and add as many line as you need)
Once updated, just copy/paste the whole configuration, including the default section to the bottom of your ALOHA Layer 7 configuration.
Load-Balancing Exchange 2013 services hosted on a Single host name
######## Default values for all entries till next defaults section defaults option dontlognull # Do not log connections with no requests option redispatch # Try another server in case of connection failure option contstats # Enable continuous traffic statistics updates retries 3 # Try to connect up to 3 times in case of failure timeout connect 5s # 5 seconds max to connect or to stay in queue timeout http-keep-alive 1s # 1 second max for the client to post next request timeout http-request 15s # 15 seconds max for the client to send a request timeout queue 30s # 30 seconds max queued on load balancer timeout tarpit 1m # tarpit hold tim backlog 10000 # Size of SYN backlog queue balance roundrobin #alctl: load balancing algorithm mode tcp #alctl: protocol analyser option tcplog #alctl: log format log global #alctl: log activation timeout client 300s #alctl: client inactivity timeout timeout server 300s #alctl: server inactivity timeout default-server inter 3s rise 2 fall 3 #alctl: default check parameters frontend ft_exchange_tcp bind 10.0.0.9:443 name https #alctl: listener https configuration. maxconn 10000 #alctl: connection max (depends on capacity) default_backend bk_exchange_tcp #alctl: default farm to use backend bk_exchange_tcp server cas1 10.0.0.15:443 maxconn 10000 check #alctl: server cas1 configuration. server cas2 10.0.0.16:443 maxconn 10000 check #alctl: server cas2 configuration.
And the result (LB Admin tab):
– Virtual Service:
– Server Farm:
Load-Balancing Exchange 2013 services hosted on Multiple host names
######## Default values for all entries till next defaults section defaults option dontlognull # Do not log connections with no requests option redispatch # Try another server in case of connection failure option contstats # Enable continuous traffic statistics updates retries 3 # Try to connect up to 3 times in case of failure timeout connect 5s # 5 seconds max to connect or to stay in queue timeout http-keep-alive 1s # 1 second max for the client to post next request timeout http-request 15s # 15 seconds max for the client to send a request timeout queue 30s # 30 seconds max queued on load balancer timeout tarpit 1m # tarpit hold tim backlog 10000 # Size of SYN backlog queue balance roundrobin #alctl: load balancing algorithm mode tcp #alctl: protocol analyser option tcplog #alctl: log format log global #alctl: log activation timeout client 300s #alctl: client inactivity timeout timeout server 300s #alctl: server inactivity timeout default-server inter 3s rise 2 fall 3 #alctl: default check parameters frontend ft_exchange_tcp bind 10.0.0.5:443 name as #alctl: listener: autodiscover service bind 10.0.0.6:443 name eas #alctl: listener: Exchange ActiveSync service bind 10.0.0.7:443 name ecp #alctl: listener: Exchange Control Panel service bind 10.0.0.8:443 name ews #alctl: listener: Exchange Web Service service bind 10.0.0.8:443 name oa #alctl: listener: Outlook Anywhere service maxconn 10000 #alctl: connection max (depends on capacity) default_backend bk_exchange_tcp #alctl: default farm to use backend bk_exchange_tcp server cas1 10.0.0.15:443 maxconn 10000 check #alctl: server cas1 configuration. server cas2 10.0.0.16:443 maxconn 10000 check #alctl: server cas2 configuration.
And the result (LB Admin tab):
– Virtual Service:
– Server Farm:
Conclusion
This is a very basic and straight forward configuration. We could make it much more complete and improve timeouts per services, better health checking, DDOS protection, etc…
I may write later articles about Exchange 2013 Load-Balancing with our products.
Related links
– Exchange 2013 installation steps
– Exchange 2013 first configuration
– Microsoft Exchange Server (Wikipedia)
– Microsft Exchange official webpage