Sunday, May 16, 2021

Exchange 2019 behind Netscaler LB

Hello,

I am at a customer site and they've deployed Ex19, and an Netscaler LB. I'm newbie for this LB. I will deploy LB like below commands.

I am wondering , is there any extra suggestions ? or how are you using LB in your environment ?

Thanks,

Commands:

# Replace srv_exchange with the desired server name and ip address # Add one server object for each of your Exchange servers add server srv_exchange1 x.x.x.x add server srv_exchange2 x.x.x.y # Replace x.x.x.x with the desired IP address add cs vserver cs_vsrv_exchange SSL x.x.x.x 443 -cltTimeout 180 -caseSensitive OFF add lb vserver lb_vsrv_exchange_owa SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_ecp SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_ews SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_eas SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_oab SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_rpc SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_mapi SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add lb vserver lb_vsrv_exchange_autodiscover SSL 0.0.0.0 0 -persistenceType NONE -cltTimeout 180 add cs action cs_action_exchange_owa -targetLBVserver lb_vsrv_owa add cs action cs_action_exchange_ecp -targetLBVserver lb_vsrv_ecp add cs action cs_action_exchange_ews -targetLBVserver lb_vsrv_ews add cs action cs_action_exchange_eas -targetLBVserver lb_vsrv_eas add cs action cs_action_exchange_oab -targetLBVserver lb_vsrv_oab add cs action cs_action_exchange_rpc -targetLBVserver lb_vsrv_rpc add cs action cs_action_exchange_mapi -targetLBVserver lb_vsrv_mapi add cs action cs_action_exchange_autodiscover -targetLBVserver lb_vsrv_autodiscover add cs policy cs_pol_exchange_owa -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/owa\")" -action cs_action_exchange_owa add cs policy cs_pol_exchange_autodiscover -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/Autodiscover\")" -action cs_action_exchange_autodiscover add cs policy cs_pol_exchange_eas -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/Microsoft-Server-ActiveSync\")" -action cs_action_exchange_eas add cs policy cs_pol_exchange_ecp -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/ecp\")" -action cs_action_exchange_ecp add cs policy cs_pol_exchange_ews -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/EWS\")" -action cs_action_exchange_ews add cs policy cs_pol_exchange_mapi -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/mapi\")" -action cs_action_exchange_mapi add cs policy cs_pol_exchange_oab -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/OAB\")" -action cs_action_exchange_oab add cs policy cs_pol_exchange_rpc -rule "HTTP.REQ.URL.SET_TEXT_MODE(IGNORECASE).CONTAINS(\"/rpc\")" -action cs_action_exchange_rpc bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_owa -priority 100 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_autodiscover -priority 110 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_eas -priority 120 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_ecp -priority 130 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_ews -priority 140 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_mapi -priority 150 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_oab -priority 160 bind cs vserver cs_vsrv_exchange -policyName cs_pol_exchange_rpc -priority 170 add serviceGroup svcgrp_exchange_owa SSL add serviceGroup svcgrp_exchange_ecp SSL add serviceGroup svcgrp_exchange_eas SSL add serviceGroup svcgrp_exchange_ews SSL add serviceGroup svcgrp_exchange_rpc SSL add serviceGroup svcgrp_exchange_autodiscover SSL add serviceGroup svcgrp_exchange_oab SSL add serviceGroup svcgrp_exchange_mapi SSL add lb monitor mon_exchange_ecp HTTP-ECV -send "GET /ecp/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_ews HTTP-ECV -send "GET /EWS/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_eas HTTP-ECV -send "GET /Microsoft-Server-ActiveSync/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_oab HTTP-ECV -send "GET /oab/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_rpc HTTP-ECV -send "GET /rpc/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_mapi HTTP-ECV -send "GET /mapi/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_autodiscover HTTP-ECV -send "GET /autodiscover/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES add lb monitor mon_exchange_owa HTTP-ECV -send "GET /owa/healthcheck.htm" -recv "200 OK" -LRTM ENABLED -secure YES # Adjust the number of exchange servers per service group. This example binds two server objects to each service group bind serviceGroup svcgrp_exchange_owa srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_owa srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_owa -monitorName mon_exchange_owa bind serviceGroup svcgrp_exchange_ecp srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_ecp srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_ecp -monitorName mon_exchange_ecp bind serviceGroup svcgrp_exchange_eas srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_eas srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_eas -monitorName mon_exchange_eas bind serviceGroup svcgrp_exchange_ews srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_ews srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_ews -monitorName mon_exchange_ews bind serviceGroup svcgrp_exchange_rpc srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_rpc srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_rpc -monitorName mon_exchange_rpc bind serviceGroup svcgrp_exchange_autodiscover srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_autodiscover srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_autodiscover -monitorName mon_exchange_autodiscover bind serviceGroup svcgrp_exchange_oab srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_oab srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_oab -monitorName mon_exchange_oab bind serviceGroup svcgrp_exchange_mapi srv_exchange1 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_mapi srv_exchange2 443 -CustomServerID "\"None\"" bind serviceGroup svcgrp_exchange_mapi -monitorName mon_exchange_mapi bind lb vserver lb_vsrv_exchange_owa svcgrp_exchange_owa bind lb vserver lb_vsrv_exchange_ecp svcgrp_exchange_ecp bind lb vserver lb_vsrv_exchange_eas svcgrp_exchange_eas bind lb vserver lb_vsrv_exchange_ews svcgrp_exchange_ews bind lb vserver lb_vsrv_exchange_rpc svcgrp_exchange_rpc bind lb vserver lb_vsrv_exchange_autodiscover svcgrp_exchange_autodiscover bind lb vserver lb_vsrv_exchange_oab svcgrp_exchange_oab bind lb vserver lb_vsrv_exchange_mapi svcgrp_exchange_mapi # Replace cert-key-pair with the desired SSL key-pair name bind ssl vserver lb_vsrv_exchange_ecp -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_ews -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_eas -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_oab -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_owa -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_rpc -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_mapi -certkeyName cert-key-pair bind ssl vserver lb_vsrv_exchange_autodiscover -certkeyName cert-key-pair bind ssl vserver cs_vsrv_exchange_exchange -certkeyName cert-key-pair set ssl vserver lb_vsrv_exchange_ecp -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_ews -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_eas -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_oab -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_owa -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_rpc -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_mapi -ssl3 DISABLED set ssl vserver lb_vsrv_exchange_autodiscover -ssl3 DISABLED 


No comments:

Post a Comment