Forum Discussion

MJS_62463's avatar
Icon for Nimbostratus rankNimbostratus
Jun 23, 2011

Multiple Sites - Multiple F5's - Multiple Exchange Servers

2 AD Sites


4 Exchange Servers - 2 Per Site


4 F5 Load Balancers - 2 Per Site


1 DAG with 2 Databases (One per site - with copies on each Exchange server)



- I have to have 2 CAS-Arrays (1 Per Site) correct?


- Presently there are 2 IP addresses assigned to the F5's (1 for each site)


- Each CAS-array has a DNS entry created to resolve it to the respective F5 VIP in its site.



Everything appears to be functioning however my I am questioning the relationship on the F5's to the CAS-Arrays. My question is, do we need 1 F5 VIP per site? Or can/should we have all 4 F5's with 1 VIP?



Both of our sites are active and we have users moving between sites all the time so I am not entirely sure as to what is the best approach.






5 Replies

  • How are you directing users between two sites now? Are you using GTM? This setup sounds reasonable, and having a separate VIP in each location allows you to better persist/pin connections to a certain site.
  • This is where we are facing some complexity. Our network team have proposed an interesting solution whereby everything is routed at the network level. So using OSPF. If you are a user in site A then you will get directed (based on your IP) to siteA F5 VIP. Same thing for SiteB. The primary issue is that the F5's at site A would have the same VIP as the F5's at Site B. They would never be aware of each other. I would need to set both CAS arrays to the same IP and I am not sure what this will do to exchange on the backend.



    We aren't using GB


  • So, it's like route health injection..... That is not an issue, as long as it is setup properly. How are things setup active-active today? Each site has unique DNS name, or else how are you distributing users across them?
  • Currently we are in the proof of concept stage with prod deployment coming soon. We have it configured with each site having its own DNS name. We have 1 F5 in SiteA which DNS for CAS-Array A points to and then one for SiteB as well. We have created 2 DNS records for outlook.x.x each of which points to one of the F5's (for round robin). This is what we use initially to configure client outlook profiles and (i presume) they are being directed to the appropriate cas-array/f5 from.



    So you are saying that having both CAS-Arrays resolved to the same IP wont cause any issues or loops for exchange?



  • I won't as long as this is for internal-only deployment - in which case the network team has full control over all the paths and traffic. Externally, it might be harder to achieve.


    The biggest drawback of such deployment in general is that it is not impossible for you to access Exchange through a specific BigIP for troubleshooting or any other purposes. You will also need to have OSPF configured on each BigIP and have it participate in OSPF, as BigIP will have to do route health injection for Exchange virtuals. While certainly possible, this approach complicates overall setup and troubleshooting of live production deployment.