Exchange 2013 load balancing per preferred architecture
I'm new-ish to Exchange and to the f5 LTM platform, and I'm trying to get a handle on the best way to implement a load balancing configuration that aligns with Microsoft's Exchange Preferred Architecture and their recommendations regarding load balancing.
If I understand correctly, the preference is for layer 7, no session affinity, and per-protocol availability. They want to the availability of services on the load balancer to match closely the availability of services on the Exchange server itself, as the Exchange Managed Availability service monitors and responds to service issues.
The f5 Exchange 2013 Deployment Guide appears to use a dedicated user account to perform actual connections to OWA in order to check availability, rather than leveraging the /healthcheck.htm URL as recommended by Microsoft.
My questions:
-
Is anyone in the community here has configured their LTM to monitor Exchange service availability using the healthcheck.htm URL?
-
Do you encounter any problems with Kerberos when using SSL Offloading?
-
Do you use Layer 4 instead? How do you do nPath routing with two sites and separate vLANs for each? (My two data centers are a few miles apart, with 20 Gb connection between them, so I'm planning to have both sites active.)
My team and I aren't particularly enthusiastic about iApp and templates (and $$$) for a config that doesn't align with Microsoft's recommendations.
Any suggestions and pointers to docs, sample configs would be most appreciated.