[c-nsp] ace loadalance exchange servers
Eugeniu Patrascu
eugen at imacandi.net
Wed Feb 29 01:08:34 EST 2012
On Tue, Feb 28, 2012 at 18:03, Arne Larsen / Region Nordjylland
<arla at rn.dk> wrote:
> Hi all.
Hi,
>
> Can someone help me out here.
> We have to deploy a loadbalancing in front of an Microsoft Exchange cluster.
> We have an ACE deployed as one-armed today.
> Has anyone made a setup like this before, and if how did you get around the mail-relay screening.
> Is there a way to put the src addr into the mail, so that it is possible to validate the relay on the src.addr
> How did you get around the rpc udp calls.
- regarding the incoming SMTP connections: the easiest way is to not
load balance them, just add MX records in your DNS for them with the
same priority and over time you'll get an almost even distribution of
traffic across the servers
- regarding the RPC stuff:
a) check to see if the ACEs have support for Exchange CAS role and if
yes, they should be able to deal with dynamic ports opened up using
RPC
b) at least on Exchange 2010 (not sure about 2007) you can set static
RPC ports for CAS access and this should make it easier to
firewall/load balance requests without opening up a few thousand ports
HTH,
Eugeniu
More information about the cisco-nsp
mailing list