CAS NLB Internal URL
Hi,I have a question related to the architecture of CAS NLB. I have three sites and each has two CAS servers running NLB and only one of them is internet facing which is made externally available usig ISA 2006. There is an article on TechNet called "Understanding Proxying and Redirection"that has my exact scenario and pointsoutwhat valuestouse forthe Internal URLs for various virtual directories which has created a lot of confusion for me but does not explain why it recommends that. Here are their recommendations: /OWA should always point to https://computername/OWA for every CAS server. Why the server name and why not NLB hostname? /OAB should point to https://computername/OAB for internet facing but to https://NLBName/OAB for the non-internet facing. Why should the two be different? The rest including ActiveSync, UnifiedMessaging, and EWS have the same setup as OAB where the internet facing CAS internal URL points to the server name whereas the non-internet facing CAS internal URL points to the NLB hostname. This make no sense to me. Any help with underdtanding this would be very helpful.Thanks,Anupam Agarwal
May 3rd, 2009 7:03am

hi,http://social.technet.microsoft.com/forums/en-US/exchangesvrdeploy/thread/067029c2-08a6-4d86-a6c9-ede3fa9996de/http://social.technet.microsoft.com/Forums/en-US/exchangesvravailabilityandisasterrecovery/thread/6525873b-65ed-4da1-8bb7-54fa032692daregards,Exchange - MVP | www.cozumpark.com | www.mumincicek.com
Free Windows Admin Tool Kit Click here and download it now
May 3rd, 2009 10:07am

Sorry but neither post really answers the questions I am asking. One post says that two CAS servers cannot have the same internal URL. According to the TechNet article, that is not true. CAS servers serving as nodes for the same NLB use NLB hostname for internal URL and therefor are bound to have the same URL. So that suggestion is in conflict with TechNet recommendation. The second post talks about load balancing smtp which is not what my question is about.Any help with regard to understanding internal URLs in an NLB as described in the TechNet article would be appreciated.Thanks.
May 4th, 2009 12:36am

Sorry but neither post really answers the questions I am asking. One post says that two CAS servers cannot have the same internal URL. According to the TechNet article, that is not true. CAS servers serving as nodes for the same NLB use NLB hostname for internal URL and therefor are bound to have the same URL. So that suggestion is in conflict with TechNet recommendation. The second post talks about load balancing smtp which is not what my question is about. Any help with regard to understanding internal URLs in an NLB as described in the TechNet article would be appreciated. Thanks. HI You can point NLB host name to point CAS Services. First you must configure FQDN in DNS server for NLB then add ip address you use for FQDN in the NLB configuration. Refer below How to article http://www.msexchange.org/articles_tutorials/exchange-server-2007/high-availability-recovery/load-balancing-exchange-2007-client-access-servers-windows-network-technology-part1.html Regards Chinthaka
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2009 4:00am

Thanks. I am very familiar with how the NLB works andthere is no issue with NLB in this case. The question is about providing values to the internal URL for various virtual directories - namely OAB, OWA, Microsoft-Server-ActiveSync, UnifiedCommunications, and EWB. Below is a cut and paste from the Technet acticle:---------------------------------------------------------------------------------------------------------------------- Proxying with Network Load Balancing In an organization that has multiple ActiveDirectorysites and multiple Client Access servers in each site, you can use Network Load Balancing (NLB) to distributetraffic among the Client Access servers in each site for failover redundancy. We do not support including Client Access servers from different ActiveDirectorysites within the same load balancing array. You can deploy NLB in an Internet-facing ActiveDirectorysite and in a non-Internet-facing ActiveDirectory site. The following figure illustrates two ActiveDirectory sites that implement NLB. Proxying in an organization that uses NLB The following table lists the settings for the virtual directories that are on the Client Access servers CAS-01 and CAS-02 for the Internet-facing ActiveDirectorysite www.contoso.com. Virtual directory settings for Internet-facing Client Access servers in an organization that uses NLB Virtual directory InternalURL setting /OWA https://computername/OWA /OAB https://computername/OAB /UnifiedMessaging https://computername/UnifiedMessaging /Microsoft-Server-ActiveSync https://computername/Microsoft-Server-ActiveSync /EWS https://computername/EWS The non-Internet-facing ActiveDirectorysite has three servers: CAS-03, CAS-04, and CAS-05. The following table lists the settings for the virtual directories for all three servers. Virtual directory settings for non-Internet-facing Client Access servers in an organization that uses NLB Virtual directory InternalURL setting /OWA https://computername/OWA /OAB https://NLBname/OAB /UnifiedMessaging https://NLBname/UnifiedMessaging /Microsoft-Server-ActiveSync https://NLBname/Microsoft-Server-ActiveSync /EWS https://NLBname/EWS -----------------------------------------------------------------------------------I just would like to underdtand why we are using server names for the CAS NLB thatis in the internet facing site versus NLB names for CAS NLB in thenon-internet facing site.Thanks,Anupam Agarwal
May 4th, 2009 6:42am

Hi,The article below may be helpful to youEWS CAS to CAS Request Proxying http://msexchangeteam.com/archive/2008/07/18/449289.aspxRegards,Xiu
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2009 11:06am

I have see this article also. It explains why NLBBypassURL is important for EWS but does not say anything abuut the internal URL values proposed by the TechNet article above.
May 4th, 2009 4:37pm

Up! Somebody knows why we are using server names for the CAS NLB that is in the internet facing site versus NLB names for CAS NLB in the non-internet facing site?
Free Windows Admin Tool Kit Click here and download it now
December 7th, 2011 1:58pm

Hello. I found this http://technet.microsoft.com/en-us/library/bb310763.aspx Proxying with Network Load Balancing In an organization that has multiple Active Directory sites and multiple Client Access servers in each site, you can use Network Load Balancing (NLB) to load balance traffic proxied between the Client Access servers in each site and for users directly accessing those servers. Just deploying a load balancer isn't enough to ensure traffic is balanced effectively. You must also perform some additional configuration of the InternalURL and ExternalURL properties. We recommend that you include only Client Access servers within the same Active Directory site in a load-balancing array. You can deploy NLB in an Internet-facing Active Directory site and in a non-Internet-facing Active Directory site. The following table lists the settings you should configure for the virtual directories on the Client Access servers in both Internet-facing and non-Internet-facing sites. The FQDN of the NLB should be configured in DNS to resolve to the load balancing device or service. The load balancing solution will then be responsible for forwarding the traffic to the appropriate Client Access servers. Virtual directory settings for Client Access servers in an organization that uses NLB Virtual directory /service InternalURL ExternalURL (Internet-facing Active Directory site) ExternalURL (non-Internet-facing Active Directory site) /OWA NLB FQDN (see the following guidelines) NLB FQDN $null /ECP NLB FQDN (see the following guidelines) NLB FQDN $null /Microsoft-Server-ActiveSync NLB FQDN NLB FQDN $null /OAB NLB FQDN NLB FQDN $null /EWS NLB FQDN NLB FQDN $null POP/IMAP (InternalConnectionsSettings) NLB FQDN Not applicable Not applicable The InternalURL settings for the /OWA and /ECP virtual directories depend on how internal access within your network is configured and whether Outlook 2010 has been deployed. Use the following guidelines to set the InternalURL property. If the Active Directory site is Internet facing and will never have other Client Access servers proxying Outlook Web App or ECP traffic to it, the InternalURL property for the /OWA and /ECP virtual directories on all Client Access servers in that Active Directory site should be set to the NLB FQDN of the servers in that site. This ensures that Outlook 2010 clients who receive the ECP URL from Autodiscover will be proxied with a load-balanced value, not a single server FQDN. If an Active Directory site is not Internet facing and will be the target of an Outlook Web App or ECP proxy request from a Client Access server in any other Active Directory site and there are internal Outlook 2010 users, the InternalURL property for the /OWA and /ECP virtual directories on all Client Access servers in that Active Directory site should be set to the NLB FQDN of the servers in that site. Individual server names on the certificate aren't needed. In this case, its important to configure your load balancer to ensure affinity is maintained because the Client Access server in the Internet-facing site cant choose a server for each individual request and maintain its own affinity. The InternalURL property for the /OWA and /ECP virtual directories on all Client Access servers in an Active Directory site can be set to either the NLB FQDN of the servers in that site or to the server FQDN if all of the following are true: The Active Directory site isnt Internet facing. It will be the target of an Outlook Web App or ECP proxy request from a Client Access server in any other Active Directory site. There are no internal Outlook 2010 users.
February 13th, 2012 5:05am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics