In Part 1 and Part 2 of the article series, we deployed Exchange 2013 servers in each AD site, deployed Kemp LoadMaster and configure it for Exchange services in each AD site.
In this final part of the article series, we will configure LoadMaster with Global Balancing, where if Dallas AD site goes down then client request (internal and external) will route to Exchange 2013 servers in the Pittsburg AD site and vice versa. Global Balancing provide redundancy for both Exchange and LoadMaster itself. Below is the figure 3.1 is the current diagram for the Exchange 2013 lab using Kemp Free LoadMaster
Figure 3.1 Exchange 2013 and Kemp LoadMaster LAB configuration.
Configure Static Routes on Kemp LoadMaster
From the above Figure 3.1, Dallas LoadMaster Eth0 interface is configured with network 192.168.1.0/24 network and LAB router with DHCP have assigned DNS and Default gateway for this interface. Using DNS and default gateway, Eth0 interface can reach any external network including Pittsburg Eth0 interface.
Figure 3.2 DNS Name Server IP address
But, Dallas LoadMaster Eth1 interface is on 10.10.10.0/24 and it does not configured with DNS and default gateway. Since, two network interface (NIC) on the same machine cannot be configured with two different DNS and Gateway. Hence Eth1 interface has no information on how to reach Eth1 network (20.20.20.0/24) of Pittsburg LoadMaster or any other network internally. To archive this, we need to add manual static routes on the Dallas LoadMaster. Below is the steps to configure the same.
1. Connect to Dallas LoadMaster using Internet Explorer
2. Expand System Configuration -> Additional Routes
3. Add route to reach 20.20.20.0/24 network using gateway 10.10.10.101 (It is the default gateway for 10.10.10.0/24 network to reach Pittsburg network). Below Figure 3.2 is the reference image.
Figure 3.3 Adding new Fixed Static Routes on Dallas LoadMaster
Similarly, Pittsburg LoadMaster Eth1 interface is on 20.20.20.0/24 and it is not configured with DNS and default gateway. It has no information on how to reach Eth1 10.10.10.0/24 Dallas network or any other network. Hence we need to add static routes on the Pittsburg LoadMaster to reach Dallas Eth1. Below is the steps to configure the same.
1. Connect to Pittsburg Loadmaster using Internet Explorer
2. From the Left menu , expand System Configuration -> Additional Routes
3. Add route to reach 10.10.10.0/24 network using gateway 20.20.20.101 (It is the default gateway for 10.10.10.0/24 network). Below is the reference image.
Figure 3.4 Adding new Fixed Static Routes on Pittsburg LoadMaster
Configuring LoadMaster to Synchronize Configuration each other:
Synchronization lets to replicate the configuration changes or additions done one LoadMaster to another. Below are the steps to synchronize two LoadMaster on Dallas and Pittsburg network.
1. Connect to Dallas LoadMaster from the browser using the IP Address https://192.168.1.100
2. From the main menu ,expand System configuration -> remote Access
3. Under GEO Settings, specify GEO LoadMaster Partners IP Address and click on set Geo LoadMaster Partners. In our case it is Pittsburg LoadMaster Eth0 interface IP address – 192.168.1.101
Figure 3.5 Configuring GEO LoadMaster Partner Settings at Dallas
4. Now, connect to Pittsburg LoadMaster from the browser using the IP address https://192.168.1.101
5. From the main menu ,expand System configuration -> remote Access
6. Under GEO Settings, specify GEO LoadMaster Partners IP Address – 192.168.1.100 and click on Set Geo LoadMaster Partners. In our case it is Dallas LoadMaster Eth0 interface IP address
Figure 3.6 Configuring GEO LoadMaster Partner Settings at Pittsburg
7. Now we have configured the synchronization between Dallas and Pittsburg LoadMaster, we just make configuration on any one LoadMaster and it gets replicated to other.
Configuring Global Balancing for FQDN – mail.happy.com
1. Connect to Dallas LoadMaster and from the main menu Expand Global Balancing -> Manage FQDNs
2. Input the new FQDN name – mail.happy.com and click on Add FQDN
Figure 3.7 Configure Mail.happy.com FQDN at LoadMaster
3. Enter the LoadMaster Dallas External Virtual IP Address – 192.168.1.90 and click on Add Address
Figure 3.8 Configure Mail.happy.com FQDN with Dallas External Virtual IP Address
4. Similarly add Pittsburg Loadmaster External Virtual IP address – 192.168.1.91 and click on Add Address
Figure 3.9 Configure Mail.happy.com FQDN with Pittsburg External Virtual IP Address
5. Then finally, add Dallas LoadMaster internal Virtual IP – 10.10.10.90 and then Pittsburg LoadMaster Virtual IP – 20.20.20.91
Figure 3.10 Mail.happy.com FQDN updated with Dallas and Pittsburg External and Internal Virtual IP Address
6. To provide better health check for the HTTPS services, change the checker from ICPM Ping to TCP Connect for the Virtual IP Address on port 443 and then click on Set Addr
Figure 3.11 Configure Mail.happy.com FQDN with Health settings to determine the availability of the services.
7. We could now see that all the Servers are Available and healthy and ready to take connection for mail.happy.com
Configuring Global Balancing for FQDN – autodiscover.happy.com
Since, we have one Virtual IP for all the Exchange HTTPS services on each LoadMaster, we would need to create another FQDN name autodiscover.happy.com and follow the same instruction provided for same IP address and port number used for FQDN name mail.happy.com.
Figure 3.12 Configure autodiscover.happy.com FQDN with Pittsburg External and internal Virtual IP Address
Configuring Global Balancing for FQDN – smtp.happy.com
1. Connect to Dallas LoadMaster using Internet Explore
2. Expand Global Balancing -> Manage FQDN
3. Add a FQDN name smtp.happy.com’ and click Add FQDN
Figure 3.13 Creating new FQDN smtp.happy.com
4. Input each of the internal and external Virtual IP (VIP) address of both Dallas and Pittsburg LoadMaster and click Add Address. Then, make sure that checker is to set TCP connect for port 25.
Figure 3.14 Adding External VIPs for smtp.happy.com FQDN
Since Dallas and Pittsburg is configured to sync with each other, we should be able see the configuration synced from Dallas LoadMaster to Pittsburg LoadMaster in real-time. To validate the same, connect to Pittsburg LoadMaster and Navigate to Global Balancing -> Manage FQDNs.
Figure 3.15 Validation Global Balancing synchronization at Pittsburg LoadMaster.
DNS Configuration:
We are almost done with the LoadMaster configuration at both Dallas and Pittsburg AD site. Now we need to configure Internal and External DNS with delegated subdomain for mail.happy.com and autodiscover.happy.com pointing to LoadMaster Virtual IP Address defined in the below table.
To accept SMTP emails from internet for happy.com, configure MX records on the external DNS to point to the external DNS VIP of both Dallas and Pittsburg LoadMaster and below are the details.
Configure Exchange send connector with option ‘Route mail through smart host’ and specify the LoadMaster SMTP Internal VIP Address – 10.10.10.103 and 20.20.20.104.
This configuration will help clients to connect to all the HTTPS service and also mail flow between internal and internet.
Below is the final diagram with complete IP Address, DNS, LoadMaster and Exchange server details.
Figure 3.15: Final LAB diagram
Finally, we are at the end of the articles series, completely installed, configured Kemp Free LoadMaster in both the AD sites and also configured Global balancing between the sites. Same steps can be followed to implement LoadMaster in production environment, but we need public IP address NATed to the DMZ VIPs to communicate with other external domains.
SMTP Port 25 