Product: Loadbalancer.org Enterprise VA R16
Product Homepage: click here
Free Trial Download: click here
Load balancing equally distributes incoming traffic to a variety of endpoints. In case of Exchange Server, these endpoints are Client Access Servers. There are various load balancers (software or hardware) available to load balance incoming traffic for software applications. Some software applications might have built-in mechanisms to load balance the incoming traffic and some might require a third party appliance.
Microsoft Exchange Server does not have a built-in mechanism which can be used to distribute the incoming client connections over multiple Client Access Servers and also detect service outage for Exchange protocols/services. Although Microsoft provides Windows Network Load Balancing (WNLB), it doesn't work very well with Exchange Server for many reasons and that leads me to review Enterprise VA (Virtual Appliance) R16 load balancer from Loadbalancer.org.
Why not use WNLB for Exchange Servers?
Although it is true that other applications can benefit from WNLB, but Exchange Server does not. In certain scenarios, it makes sense to use WNLB for Exchange Servers from a cost perspective, but there are a few major drawbacks associated with WNLB and it is not a viable option for load balancing Exchange deployments in particular because:
- WNLB simply uses round robin for load balancing incoming traffic
- Since WNLB is incompatible with Window Failover Clustering, WNLB cannot be used for Exchange Servers where mailbox DAGs are also being used
- WNLB is not scalable. It cannot be used for more than eight Client Access Servers in an array
- Most importantly WNLB cannot detect service outage. It can only detect server outage by IP address. If a particular Exchange Server service, such as Outlook Web App, fails, WNLB cannot detect the failure and will still route requests to that Client Access Server
- Manual work is involved to remove the failed Client Access Server from the load balancing pool
- Due to performance issues, Microsoft team does not recommend WNLB
- It lacks good management tools to control each aspect of WNLB
- Adding or removing a single node causes all clients to reconnect to the Network Load Balancing array.
Why choose Enterprise VA R16?
There are several key technological differences between the different load balancing solutions available today. Since WNLB fails to meet the requirements, a third party LB is the first choice for Exchange Servers. When it comes to reviewing an Exchange Server load balancer, there are four important aspects of a load balancing solution I always take into consideration:
- The solution is simple to setup and manage.
- The solution provides different types of scheduling and load balancing algorithms.
- The solution supports core load balancing deployment methods.
- The solution should have methods to recover from disasters.
The Loadbalancer.org Enterprise VA R16 ships with a web user interface (WUI) for managing different aspects of the load balancer, which is much more flexible than any other software load balancing solution I have seen so far. I’ll talk more about this later.
There are various scheduling and load balancing algorithms supported by the Loadbalancer.org Enterprise VA R16 as listed below:
- Round Robin
- Weighted Round Robin (recommended by Microsoft for Client Access Server workloads)
- Least connection
- Weighted least connection
- Chained failover (Fixed weighting)
- Layer 7 content switching
Other than scheduling and load balancing mechanisms, it also supports a variety of features. To see all features supported by Enterprise VA R16, visit their page here: http://www.loadbalancer.org/var16.php
When it comes to load balancing deployment methods, there are three deployment methods available, which I will discuss later in this review.
To recover from disasters, the appliance uses various XML configuration files to store all its settings. All configuration details including local settings and load balanced services settings are stored in an XML file. This file can be backed up using the WUI and you can easily restore your configuration using the same WUI in case of any disaster.
Load Balancer Enterprise VA R16 Installation and Configuration
A good thing I have seen with Enterprise VA R16 is that it ships as a virtual machine which is Linux-kernel based. It is simple to install on Windows, Mac & Linux distributions. From the requirements perspective, there is not much needed. You only need a 64-bit computer and the hardware must support virtualization. Enterprise VA R16 supports VMware (Player/Workstation/Server & ESX/ESXi), Microsoft Hyper-V and KVM hypervisors.
I did not have to spend much time to get it up and running. A minimum four steps are required to install and configure the virtual appliance:
- Downloading Enterprise VA R16 Virtual machine ZIP file.
- Extracting files from the ZIP which also includes a quick start guide.
- Importing Enterprise VA R16 Virtual Machine into the hypervisor.
- Configuring initial network settings and creating VIPs.
As we know, VMware tools and Microsoft Integration Services are installed to improve the performance of virtual machines. The good thing about the Loadbalancer.org Enterprise VA R16 virtual machine is that the latest versions of all required drivers are included by default in the virtual machine and these drivers are kept up to date through periodic updates that are made available via the Loadbalancer.org's online software update feature in the WUI.
To get you started with Enterprise VA R16 load balancer, the appliance’s virtual machine can be downloaded for VMware, KVM or Microsoft Hyper-V from here: http://www.loadbalancer.org/downloads.php
After downloading the virtual machine appliance, I imported the virtual machine into my Hyper-V server. After turning it on, I saw Enterprise VA load balancer running on my host as shown in the below screenshot:
Next thing I had to do was to configure the appliance by following the quick start guide. The appliance provides built-in network setup wizard which helps you setup your initial network configuration quickly. By default appliance is pre-configured with an IP address 192.168.2.21 and subnet mask of 255.255.255.0. There are four NICs configured but only eth0 is connected.
As I stated in an earlier section, the solution should be simple to manage. The Enterprise VA R16 is simple to manage by accessing load balancing configuration via the web interface. To access the appliance configuration, you can open your web browser and point to either http:\\192.168.2.21:9080 or https:\\192.168.2.21:9443 as shown in the below screenshot:
Although it was easy for me to configure the initial network settings using built-in network setup wizard, I decided to do it from the web interface by navigating to the “Local Configuration” menu and then selecting the “Network Interface Configuration” sub-menu as shown in the screenshot below:
Once I finished with the required network configuration, I decided to follow the Exchange Server 2013 guide to see how I load balance my Client Access Servers and provide greater availability.
Enterprise VA R16 solution can be used for both Exchange Server 2010 and Exchange Server 2013 deployments.
Loadbalancer.org Enterprise VA R16 Deployment Methods for Exchange Server
Enterprise VA R16 offers three deployment methods; “Layer 4 Direct Server Return (DR Mode)”, “Layer 4 - Network Address Translation mode” and “Layer 7 SNAT Mode”. The Exchange Server deployment guide, found here, helps you understand how each deployment method works and configures your Exchange environment fast! As documented in the Exchange Server 2013 deployment guide, where possible, it is recommended that “Layer 4 Direct Routing (DR)” mode is used which has several advantages over other methods. It is because Exchange Server 2013 no longer requires persistence so a Layer 4 DR mode offers the best possible performance since replies go directly from the Real Servers to the client, not via the load balancer. It is also simple to implement compared to other deployment methods, but you can use other deployment methods depending on your requirement and network topology.
If you’re running Exchange Server 2010, the best possible solution would be to use Layer 7 SNAT mode.
As recommended by the vendor, for Exchange Server 2010, 4 VIPs are required for HTTP/HTTPS, RPC, IMAP/POP3 & SMTP services and for Exchange Server 2013, it is recommended to create 3 VIPs for HTTP/HTTPS, IMAP/POP3 & SMTP services. To configure Layer 4 DR VIPs, launch the appliance WUI, go to “Cluster Configuration” menu, and then click “Layer 4 – Virtual Service” sub-menu. In the “Layer 4 Virtual Services” page, click “Add a New Virtual Service” as shown in the below screenshot:
Clicking “Add a new Virtual Service” shows “Layer 4 – Add A New Virtual Service” page. On this page, enter the required detail to create a VIP for CAS role HTTPS services:
As shown in the above screenshot, there are three forwarding methods available; Direct Routing, NAT and Tunneling. Select “Direct Routing” to configure Layer 4 with DR mode and then click “Update” to create the VIP.
It is important to note that all the sessions to the CAS servers are stateless in Exchange Server 2013, the persistence is no longer required on the load balancer, but Enterprise VA R16 appliance provides persistent feature for previous versions of Exchange Servers. Since we are creating VIPs for Exchange Server 2013, we will disable the persistent feature. To disable persistent and modify VIP settings, click “Modify” button next to the VIP and then modify the required settings as shown in the below screenshot:
As shown in the VIP configuration window above, modify the following settings for VIP:
- Uncheck the “Persistent” option,
- set balance mode to “Weighted Round Robin”,
- set health check type to “Negotiate”,
- set protocol to check to “HTTPS”
- set request to send to “iisstart.htm”
- and set response expected to “microsoft”
Once done, click “Update” to finish the configuration for VIP. Once the VIP is created, repeat the above steps to create VIPs for other services, if required.
Loadbalancer.org Enterprise VA R16 Configuration Options for Exchange Server
One-Arm and Two-Arm Options: Client Access Server can handle HTTPS, MAPI/IMAP4, POP3, and SMTP traffic from both inside or outside your organization. Enterprise VA R16 load balancer provides arm options for separating your clients and Exchange Servers completely using a two arm VLAN approach. The decision for separating the exchange traffic depends on your network topology and deployment method you choose.
Namespace Configuration: Enterprise VA R16 supports two Exchange Server deployment approaches; “Single Namespace Configuration” and “Expended Namespace Configuration”. In case of “Single namespace configuration”, a single VIP is used for all the HTTPS namespace/services. In case of “Expanded Namespace Configuration”, multiple VIPs can be created on Enterprise VA R16 load balancer and allow you to host services on multiple VIPs.
You can host OWA, ActiveSync, Outlook Anywhere, OAB, and EWS on a single HTTPS namespace along with the Autodiscover namespace. While a single namespace keeps the load balancer configuration simple and you can use a single FQDN which points to your VIP for all your Exchange client services, only a single Exchange URL can be maintained and health checked. On the other hand, utilizing “Expanded Namespace Configuration” approach provides you more granular health check options for each namespace you configure through your load balancer.
Whether you choose a single namespace or multiple namespace configuration approach, it is recommended to deploy the appliance as a cluster to achieve resiliency and high availability.
Layer 4 or Layer 7 Load Balancing: There have been a lot of architectural changes in the Exchange Server 2013 which greatly simplifies the process of Exchange deployment and implementing a load balancer. One of the improvements is that there is no need to maintain the user’s session information on the Client Access Servers. The user session information is maintained on the Mailbox Server role. The Client Access Server acts as a thin proxy to forward client requests to Mailbox server. By removing the need for maintaining the sessions at CAS, you can implement load balancer at Layer 4 without requiring much planning.
I have heard people saying that Layer 7 load balancing is no longer required with Exchange Server 2013 as Exchange Server 2013 includes the support for Layer 7 with the help of a new feature called “Managed Availability”. In fact, it is true that all you need to do is to setup load balancer at Layer 4 and get your Exchange deployment ready for production use, but it is important to note that a load balancer does a lot of other things other than just load balancing the incoming traffic. For example:
- Load balancer reduces the impact of a single Client Access Server failure, which ensures that your users continue to receive Exchange service in case of a server failure.
- Load balancers provide health check mechanisms to check availability of services based on the health check criteria you set.
Enterprise VA R16 can work on both Layer 4 and Layer 7. At Layer 4, it only acts as a forwarding agent and only has knowledge of the IP address and port. When operating at Layer 4, it does not have information about the availability of other services on the same server. In case of a single exchange service failure, all client requests will be redirected to another CAS even if other services are available. At Layer 7, the appliance can interact with application protocols and allows server health being measured by the protocol and not by the server alone.
Health Check: Appliances can be configured to do health checks of Layer 4 and Layer 7 services. These health checks give you better control over the load balancing process. You can configure from a simple ping to more complex negotiate options to determine the availability of an Exchange Service. There are various health checks available depending on whether services are deployed at Layer 4 or Layer 7 as shown in the below screenshot. Shown below are the health check options available for Layer 4 VIPs:
Layer 4 and Layer 7 Transparency: By default, transparency is enabled for both deployment methods; Layer 4 DR and NAT Mode but not enabled for Layer 7 SNAT mode. Transparency allows Real Server to see the source IP address of a client which provides you several benefits. For example, in case a client is experiencing connection issues, the source client IP address can be used to troubleshoot the issues.
Depending on your requirement and the deployment method you choose, you can enable/disable Layer 7 Transparency. To enable transparency for Layer 7, TProxy must be enabled on the load balancer, but this again depends on your network design. For example, you cannot implement Layer 7 Transparency if your clients are on the same subnet and default gateway on your Exchange Servers is not pointing to the load balancer IP address.
To enable Layer 7 Transparency, click “Cluster Configuration” menu, click “Layer 7 – Advanced Configuration” and then set “Transparent Proxy” to “On” as shown in the red circle of the below screenshot:
Limiting SMTP connections: As stated earlier, Layer 7 SNAT mode in Enterprise VA R16 is not transparent by default. In case you need to filter inbound SMTP connections by the IP address, you can do so using the built-in firewall available with the appliance. For example, you can use firewall settings to limit which hosts can connect to port 25. You can find more information about using the appliance firewall in Exchange Server Deployment and appliance documents. To download related documents, please see “Documentations and Blog” section later in this review.
Since Enterprise VA R16 is based on a Linux kernel and there is no GUI, it eats up less resource on the host operating system. I did not notice any major issues in the performance while I was running a single Enterprise VA R16 virtual machine on my Hyper-V Server but that completely depends on host operating system hardware. The VA load balancer performance and matrix can be found here: http://www.loadbalancer.org/matrix-virtual.php
Microsoft Approved Product
Since Loadbalancer.org Enterprise VA R16 has followed all the Microsoft standard guidelines for load balancing Microsoft Exchange Server 2010 and 2013 deployments, Microsoft has approved the product to be used in the production environment.
Since the solution understands the architectural changes introduced in Exchange Server 2013, it has greatly simplified both the deployment process and implementation of a load balancer.
The Loadbalancer.org Enterprise VA R16 is an exceptional virtual load balancing solution which provides you all these capabilities in one product and is a product qualified by Microsoft for Exchange Server 2010 and 2013 deployments. The solution not only provides different load balancing methods, but also enables your deployment to handle more traffic than one server can process while offering single namespace and expanded namespace deployment approaches for Exchange Server.
If you are looking for a small to midsized load balancing software solution, then go with Enterprise VA R16, but for larger environments go with F5 or similar available in the market. It is not a hard recommendation. It completely depends on your network design and requirements.
Documentations and Blog
It is easy to setup and configure the load balancer. Loadbalancer.org has ensured to provide the necessary documents on how to configure the virtual appliance. I downloaded the Exchange Server 2013 Deployment guide to walk me through the setup process. Not only can you find the documentation for load balancing Exchange Server 2010 and Exchange Server 2013, there are also documents available which help you understand the basics of load balancing.
- Full Administration Manual: http://pdfs.loadbalancer.org/loadbalanceradministrationv7.pdf
- Quick Start Guide: http://pdfs.loadbalancer.org/quickstartguideLBVMv7.pdf
- Exchange 2010 deployment guide: http://pdfs.loadbalancer.org/Microsoft_Exchange_2010_Deployment_Guide.pdf
- Exchange 2013 deployment guide: http://pdfs.loadbalancer.org/Microsoft_Exchange_2013_Deployment_Guide.pdf
There is also a dedicated blog maintained at http://blog.loadbalancer.org/ and you can find Rob Cooper and Malcolm Turnbull writing good posts on both Exchange Server and Enterprise VA family products.
Support, Pricing, Trial, and Online Demo
What I have heard from different sources is that the response time on support from Loadbalancer.org is fantastic and all technicians are knowledgeable on both Exchange Servers and Loadbalancer.org products. Your question is always answered even if you have multiple cases opened.
The Enterprise VA R16 is a very cost effective solution which is only restricted by the number of Virtual Servers (VIPs) and Real Servers (RIPs) and NOT by bandwidth. It supports up to 4 Virtual Servers, each with up to 4 Real Servers. A single Enterprise VA R16 unit costs $1,495. Personally, I recommend deploying two units for high availability and that will only cost you $2, 595 which also includes free 90 days installation support! From the decision maker point of view the price is good considering the high end features included in the product. You can also check on full pricing including various support options available at their web site: http://www.loadbalancer.org/quote_order/.
You can always upgrade your trial license to an unrestricted version at a later date without impacting your current environment.
They also have the online demo setup for the product which can be accessed by logging on to http://www.loadbalancer.org/online_demo.php
My Final Thoughts
Loadbalancer.org Enterprise VA R16 is a great software load balancer providing all the Exchange Server load balancing mechanisms you need at a reasonable price. Personally, I liked the product as it was very easy for me to setup and more than easy to follow the quick start guide and Exchange Server deployment guides. I would recommend this product for load balancing Exchange Server 2010 and 2013 deployments and I’ve given it MSExchange.org Gold Award with rating of 4.9 out of 5.
MSExchange.org Rating 4.9/5