MSExchangeGuru.com

Load Balancing is the distribution of workload across different available servers, so as to accomplish optimal resource utilization, maximized throughput, minimized response time and avoidance of overload. They are referred to as Application Delivery Controller.

With Load Balancing we can increase the capacity by allocating more servers under the load balancing thereby enhancing the traffic handling capacity. This will also result in High availability. When a server failure occurs, the load balancer will redirect traffic to other servers under the load balancer.

SSL Offloading is not supported in Exchange 2013  

SSL Offloading is supported in Exchange 2013 post service pack 1. – update 7/4/2014

Additional Options Available Under Load Balancing

• SSL Offloading- Through SSL offloading, the load balancer will re-crypt/decrypt the SSL traffic from clients. This thus offloads the task of decryption/re-cryption from the application server saving essential application server resources.
  
• Maintenance Mode- When a server is marked under maintenance mode, no traffic is sent to that server. This can be particularly useful in cache servers.
  
• Caching- Facilitates cache application items that are required frequently eliminating the need to reload them.
  
• Compression- Enables traffic Compression
  
• Pre-Authentication- As the name suggests, with this option exchange can pre authenticate users before allowing them access to servers.
  
• Service Aware- With this feature, the load balancer checks the availability status of a server before sending traffic to it.

SSL Offloading is not supported in Exchange 2013 update 7/4/2014

Essential Components

Service has its own Persistence settings, Distribution Settings, Time Out Settings and SSL Offloading settings. Multiple services can be configured in the load balancer to publish the exchange services. Virtual IP Address (VIP) is attached to the service. Each service will have a unique VIP. It is through this VIP that applications connect to its attached service. Behind the service are the Server/Nodes/Members. These can be given to more than one service.

Principals

We shall now look into the different principles involved in Load Balancer in Exchange 2013.

Persistence / Affinity / Stickiness

Since there are multiple servers available when using load balancer, traffic may not always be sent to the same server which will result in increased network traffic. But to avoid this, persistence is used in load balancer which ensures that traffic is sent to the same server.

Different Types of Persistence Are:

• Source IP
  
• HTTP Cookie
  
• SSL ID
  
• Hash Persistence
  

In Source IP, persistence is based on the source IP address.

In HTTP Cookie based persistence, an http cookie is generated to track the server by identifying the session.

In SSL ID based persistence, an SSL ID is used to track the session.

In Hash Persistence a Hash is used to track the server.

Distribution

Load balancing of traffic among servers is done by distribution. Different types of distribution are:

• Round Robin- It uses basic round robin technique to choose the server.
  
• Weighted Round Robin- In weighted round robin, the weight pulled on the server is also considered while performing round robin calculations.
  
• Least Connections- It routes the traffic to the server with least connections. This mechanism however shows issues while rebooting the cache server as cache server will use many connections while rebooting.
  
• Least Response Time- It routes traffic to the server with quickest response time.
  

SSL Offloading

Through SSL offloading, the load balancers will re-crypt/decrypt the SSL traffic from clients. This thus offloads the task of decryption/re-cryption from the application server saving essential application server resources. Thus the CAS is now free from performing decryption and encryption, hence freeing considerable amount of processor utilization from it. Also, SSL can be applied between Load Balancer and Exchange. Here, exchange will send SSL encrypted data to load balancer. Load balancer encrypts it, re crypts it and sends it to exchange. And finally system without Offloading only permits 2 types of persistence- Source IP and SSL Session whereas a system with SSL Offloading permits all persistence schemes.

Layer 4

Layer 4 is the external network layer. It works on the data in the network and transport layer. They require lesser resources and have a better performance.

Layer 7

Layer 7 acts in the application layer of the server model. It is application aware, requiring decryption of the traffic.

Routing Options

• Source Address Network Translation (SNAT)
  

  The Source address of the incoming packet is modified. The IP address of the client is hidden. This however poises issues while trouble shooting.
  

• Load Balancer Default Gateway
  

  In this technique, the default gateway of the server is pointed to the VIP of load balancer.
  

• Direct Server Return
  

  In this schema, all incoming requests are passed through the load balancer. This requires a local loopback interface on server, which does not answer to ARP requests. The loopback interface is configured with the VIP of the load balancer.
  

Possible Configurations

• One Armed
  

  In ONE ARMED configurations both clients/servers and VIP are housed in the same subnet. The available routing options are:
  

  • SNAT
    
  • Direct Server Return
• Two Armed

  A two armed configuration requires 2 networks and separate VLAN for each exchange servers. The routing options available are:

  • Load Balancer Default Gateway
    
  • Direct Server Return.
    

What’s New In Exchange 2013 Load balancing

• Session Affinity No Longer required
  
• SSL Offloading not supported
  
• Layer 7 Load balancing no longer required
  
• Only CAS needs to be load balanced
  
• Health Check for Workloads
  

Features Retained

Can load balance same workloads

Available Configurations

• Single VIP
  

  In single VIP a single VIP is used to publish all protocols and they share the same settings. Layer 7 of the network model will be used to find out the destination.

• Multiple VIP
  

  A separate VIP can be assigned to each protocol. Each protocol can hence be assigned specific settings.
  

While single VIP is easier to configure as it has only one rule, features like scale out and scale up, logging options, client traffic segmentation are not available in single VIP. Multiple VIP has all these features and enhanced persistence capabilities and multiple availability protocols. But it requires multiple IP address.

Ratish Nair

Microsoft MVP | Exchange Server

Team @ MSExchangeGuru

Posted June 5th, 2013 under CAS, Exchange 2013. RSS 2.0 feed. Leave a response, or trackback.