The load balancer setup plays a vital role in client connection to Exchange Server. It helps establish the connection from the client to the Exchange Client Access Server (CAS) servers, which runs the client connection service, and distributes the client connection load across the multiple backend Exchange servers. Load balancers have various mechanism to check the health and availability of target CAS servers and establishes the connection to the most suitable one at any given time.

Configuring the Load Balancer when migrating from Exchange 2010 to Exchange 2013

When organizations are migrating from Exchange 2010 to Exchange 2013, it may take some time to complete the project. As a result, it is essential to configure the previous and new Exchange systems to coexist. A correctly configured load balancer setup can make this possible.

There are various protocols that clients use to connect to the Exchange server. They are:

1. Outlook Web App (OWA)
2. Autodiscover
3. Exchange Web services (EWS)
4. Exchange Active Sync(EAS)
5. Offline Address book (OAB)
6. Outlook Anywhere
7. MAPI
8. SMTP Protocol

Figure 1 shows a typical Exchange 2010 deployment with a load balancer.

Figure 1. Current Exchange 2010 organizations before introduction Exchange 2013

The table below shows the Exchange 2010 Internal and External URL configuration that will be used on the Exchange 2010 CAS Servers.

Exchange Organizations after introducing Exchange 2013 Server

As servers running Exchange 2013 Server are introduced into an organization the same CAS URLs and name space from Exchange 2010 can be used, with one addition for Outlook Anywhere as discussed below. Additionally, the same security certificates used in Exchange 2010 server can be used on Exchange 2013 Server as well. The Table below includes the additional Outlook Anywhere URL.

Outlook Anywhere is the default protocol for client connection on Exchange 2013. To allow co-existence with Exchange 2010 it should also be enabled to use Outlook Anywhere. All the Outlook clients should be using Outlook Anywhere as the default connection. The PowerShell script below can be used to enable Outlook Anywhere on Exchange 2010 Server:

Get-ExchangeServer | Where {($_.AdminDisplayVersion -Like “Version 14*”) -And ($_.ServerRole -Like “*ClientAccess*”)} | Get-ClientAccessServer | Where {$_.OutlookAnywhereEnabled -Eq $False} | Enable-OutlookAnywhere -ClientAuthenticationMethod Basic -SSLOffloading $False -ExternalHostName mail.domain.com -IISAuthenticationMethods NTLM, Basic

Figure 2 shows a typical deployment model for Exchange 2013 and Exchange 2010 co-existence. With Outlook Anywhere configuration in place the load balancers need configured to work with Exchange 2013 Server to use the Mail.domain.com and Autodiscover.domain.com URLs shown in the table. This allows the clients to connect and if the target mailbox is on an Exchange 2013 Server it directly connects to the user’s mailbox. If the target mailbox is on a legacy Exchange 2010 Server then the Exchange 2013 CAS server proxies the connection to the Exchange 2010 CAS server, and this sets up the connection to the mailbox. The proxying of this connection is entirely transparent to the users.

DNS changes will also be required on the load balancer that is handling requests to the CAS servers. This is necessary to ensure that the correct requests are sent to the right Exchange 2013 and Exchange 2010 servers during the co- existence. The same will be true for load balancers directing SMTP requests if in use. The DNS changes required will be unique to each Exchange organization.

Figure 2. Exchange 2013 and Exchange 2010 Co-existence.

The points below outline how various protocols are proxied from Exchange 2013 to Exchange 2010:

OWA Protocol

OWA Client -> Exchange 2013 CAS - > Proxies Connection -> Exchange 2010 CAS -> Exchange 2010 mailbox

Active Sync Protocol

Active Sync Client -> Exchange 2013 CAS - > Proxies Connection -> Exchange 2010 CAS -> Exchange 2010 mailbox

Exchange Web Service

Active Sync Client -> Exchange 2013 CAS - > Proxies Connection -> Exchange 2010 CAS -> Exchange 2010 mailbox

Outlook Anywhere

Active Sync Client -> Exchange 2013 CAS - > Proxies Connection -> Exchange 2010 CAS -> Exchange 2010 mailbox

Hopefully this article series will help you to understand how a load balancer plays a role in configuring coexistence between Exchange 2010, 2013, and 2016. The next two articles will cover coexistence when migrating from Exchange Server 2010 to Exchange Server 2016, and from Exchange Server 2013 to Exchange server 2016.

Amazon Web Services (AWS) is Amazon’s Cloud infrastructure platform. It delivers similar tools and services to those available from Microsoft Azure. One of the central services offered in AWS is Amazon EC2; this is Amazon’s method of providing scalable virtual servers on demand from an Elastic Cloud, hence the name EC2. It’s simple and cost effective to deploy however many server instances required via the EC2 web interface. These servers can run any of the popular operating systems in use today.

When Microsoft Windows Server is deployed as the operating system on EC2 virtual machines, then any of the Microsoft business server applications can be installed, including Microsoft Exchange Server 2007 through to the latest 2016 version.

Key Features of Deploying Exchange on AWS

Deploying Windows Server and Exchange Server on EC2 based infrastructure provides all the benefits associated with Cloud delivery, including the ability to quickly scale the compute and storage capacity up and down as needs change. Here are some of the key features and benefits that come along with AWS EC2 deployment:

1. No upfront capital outlay for initial or future servers.
2. Easy to start implementation with just the server instances required, and then scale up quickly if capacity needs to be enhanced.
3. Easy, automated deployment of virtual machines via a simple Web-based interface and template-based workflows.
4. Provides full load balancing with KEMP LoadMaster for AWS to provide high availability and Site Resilience. LoadMaster can work in conjunction with and enhance the following AWS features:
   1. High Availability with the AWS Availability Zone functionality.
   2. Site Resiliency across the zone within the AWS region
5. Exchange High Security and compliance features are fully available when deploying on EC2.
6. The Microsoft Preferred Architecture for Exchange Server deployments can be fully realised when deploying on EC2 hosted virtual machines.
7. Complete control of the Exchange servers and environment.

How the deployment works

Deploying Microsoft Exchange Server to AWS EC2 is done with the same planning and design stages as an on-premises deployment. A summary of this process is given below:

1. Collect all the requirements and users profile information for the deployment.
2. Use Exchange Role Requirement Calculator to input all the design requirement and user profile information.
3. Determine the CPU specifications needed from requirements calculator and design the servers needed with High Availability and Site Resiliency in mind.
4. Based on design, deploy virtual servers in a Zone within Amazon EC2.
5. Install and configure Exchange Server on the virtual machines and configure High Availability using DAG settings.
6. Deploy a KEMP LoadMaster Load balancer in First zone and configure High Availability for Exchange services.
7. Deploy Virtual Servers in a second Zone in the same AWS region to provide Site resilience.
8. Install and Configure Exchange servers on virtual machines in the second Zone and configure site resiliency using DAG settings.
9. Deploy a KEMP LoadMaster Load balancer in the second zone and configure High Availability for Exchange services.

The diagram below shows the final design layout for a two Zone Exchange Server deployment on EC2.

AWS is an ideal replacement for Exchange Server on premise deployments. It provides the server, storage, and site infrastructure needed to implement Microsoft’s preferred architecture on Exchange database resilience. AWS also delivers all the other resources required for successful deployment. KEMP LoadMaster for AWS integrates seamlessly into AWS EC2 deployments, giving you the best Cloud infrastructure from Amazon and the best Application Delivery Controller and load balancer from KEMP Technologies.

* Supported by other services with AWS

Virtual LoadMaster is available in the AWS GovCloud(US) with Free and BYOL licensing options. The Free version delivers 20Mbps throughput and is used in both development and production environments, simplifying DevOps-oriented delivery methodologies. Customers may optionally upgrade this license to one with greater throughput with the purchase of a perpetual license. Kemp’s VLM for BYOL provides a wide range of throughput options ranging from 200Mbps to 10Gbps with varying ranges of SSL TPS, option to include Web Application Firewall and with an option to obtain GSLB multi-site Load Balancing.

Kemp cloud experts are available to help with integration and migration needs at all stages of a project, from inception to production.

Fig 1. LoadMaster load balancing topology for NGNIX

Kemp’s Virtual LoadMaster (VLM) for the cloud is a full-featured, advanced Layer 4-7 load balancing, content management engine capable of performing advanced application delivery functions such as Multi-protocol support, Clustering, SSL-Offload & re-encryption, Content Caching & Compression with advanced authentication options, among others.  Available in the Azure Government, it offers a rich set of features, resulting in an effortless transition of applications from on-premises data centers to the cloud.

Virtual LoadMaster is available in the Azure Government with Free and BYOL licensing options.  The Free version delivers 20Mbps throughput and is used in both development and production environments, simplifying DevOps-oriented delivery methodologies.  Customers may optionally upgrade this license to one with greater throughput with the purchase of a perpetual license.  Kemp’s VLM for BYOL provides a wide range of throughput options ranging from 200Mbps to 10Gbps with varying ranges of SSL TPS, option to include Web Application Firewall and with an option to obtain GSLB multi-site Load Balancing.

Kemp cloud experts are available to help with integration and migration needs at all stages of a project, from inception to production.