Disclaimer:
All the information in this blog post is subject to change as Exchange Server 2013 is still under construction. Although it’s not very likely that big changes will occur between now an RTM, it might.
Following one of my previous articles in which I described how you could configure a Database Availability Group to achieve high availability for the Mailbox Server Role, we will now take a look at the process of how to configure high availability for the Client Access Server.
CAS Array
To achieve high availability, you create a load-balanced array of Client Access Servers just like in Exchange Server 2010. Other than before, layer-4 load balancing now becomes a viable options, though that would only be in the smallest deployments where there’s no budget for load balancers.
Layer-4 load balancing only takes into account the IP (and TCP port). Yes, you are no longer required to configure “affinity”. The latter is the process where a connection – once it was built – had to be persisted through the same Client Access Servers. This is because CAS in Exchange Server 2013 doesn’t do any data-rendering anymore: everything happens on the backend (Mailbox servers).
I hear you thinking: does this mean we could use DNS load balancing (a.k.a. round-robin). The answer is yes and no. Yes, because it will load-balance between multiple Client Access Servers; no because if a server would fail, you’d have to remove the server (manually) from DNS and wait for the record to time-out on all the clients. While this might be a cost-effective way to have load-balancing and a very, very basic form of high availability, it is not a real viable solution for most deployments…
Ever since the CAS Array was first introduced, it was subject to quite some misconceptions. A lot of them were addressed by Brian Day in a very interesting article he wrote. What I find is that people tend to mix up the RPC Client Access Array and the load-balanced array used for http-based traffic. Yes, the use of the term CAS Array can be a little confusing. No, they’re not the same! 
Now, since Exchange Server 2013 dumped using RPC-over-TCP, I no longer see the purpose in creating the RPC Client Access Array object (New-ClientAccessArray). Instead, it suffices to configure multiple Client Access Servers with the same internal hostname for Outlook Anywhere.
To understand what happens, let’s take a look at the following examples:
In the case where you’re using two Client Access Servers in the same AD site, by default Exchange will “load balance” traffic between the two end points. This means that the 1st request will go to CAS1, the second to CAS2, the third to CAS1 etc… While this does provide some sort of load-balancing, it doesn’t really provide high-availability. Once Outlook is connected to a CAS, it will keep trying to connect to that same server, even after the server is down. Eventually, it will try connecting to the other CAS, but in the meantime your Outlook client will be disconnected.
If we add a load balancer, we need to configure the Internal Hostname for OA to a shared value between the Client Access Servers. For example: outlook.exblog.be. This fqdn would then point to the VIP of the load balancer which, in turn, would take care of the rest. Because we’re using a load balancer, it will automatically detect a server failure and redirect the incoming connection to the surviving node. Since there is no affinity required, this “fail over” happens transparently to the end user:
As explained before, this load balancer could be anything from simple DNS load balancing, to WNLB or a full-blown hardware load balancer that’s got all the kinky stuff! However, in contrast to before (Exchange 2010), most of the advanced options are not necessary anymore…
Configuring Outlook Anywhere
To configure the internal hostname for Outlook Anywhere, run the following command for each Client Access Server involved:
[sourcecode language=”powershell”]Get-OutlookAnywhere – Server <server> | Set-OutlookAnywhere –InternalHostname <fqdn>[/sourcecode]
Configuring the Load Balancer
As I explained earlier, Layer-4 is now a viable option. Although this could mean that you’d just be using DNS load balancing, you would want to use some load balancing device (physical or virtual).
The benefit of using a load balancer over e.g. WNLB is that these devices usually give you more options towards health-checking of the servers/service that you’re load balancing. This will allow you to better control over the load balancing process. For example: you could check for a particular HTTP-response code to determine whether a server is running or not. It definitely beats using simple ICMP Pings…!
The example below is based on the load balancer in my lab: a KEMP Virtual Load Master 1000. As you will see, it’s setup in the most basic way:
I’ve configured no persistency and – because it’s a lab – I’m only checking the availability of the OWA virtual directory on the Exchange servers. Alternatively, you could do more complex health checks. If you’re looking for more information on how to configure a KEMP load balancer, I’d suggest you take a look at Jaap Wesselius’ blogs here and here. Although these articles describe the configuration of a Load Master in combination with Exchange 2010, the process itself (except for the persistency-stuff etc) is largely the same for Exchange Server 2013. Definitely worth the read!
This one’s cool after your DAG article & its been informative…!
Hi,
I have configured 2 exch2013 in 2 diff’nt windows boxs..I need to configure cas array on exch2013.And i have 1 lb.Please find the details.
1.Ipaddress : 192.168.1.1 (ADS,DNS)xyz.com
2.Ipaddress : 192.168.1.2 (Member of domain,Exch2012)
3.Ipaddress : 192.168.1.3 (Member of domain,Exch2012)
4.Ipaddress : 192.168.100 (Vip address of Lb)FQDNS lb.cas.com
Regards,
Prashant
Hi there,
sorry for my belated answer. I’ve been away during the holidays, leaving little time to take a look at your question.
A CAS Array doesn’t exist anymore. There is no need to create this object using the New-ClientAccessArray cmdlet. In fact, what you have to do is just configure your load balancer to balance traffic between 192.168.1.2 and 192.168.1.3.
Then, you assign a namespace to the VIP (192.168.1.100). For example, this could be “outlook.mydomain.com”.
in DNS you make sure that outlook.mydomain.com points to 192.168.1.100. Next, you need to configure the Outlook Anywhere hostnames. Depending on your DNS topology the Internal/External Hostnames will be the same (or different).
Using the Set-OutlookAnywhere cmdlet you can change the InternalHostname and ExternalHostname parameters. Once this is done, you should be fine.
Of course, there’s plenty of other things to keep in mind (like e.g. Autodiscover etc); but that would drive us to far here 🙂
Cheers,
Michael
Hi!
Awesome article. Quick question, do you know if you can have the CAS role and Mailbox role on the same server if the Mailbox server is also a member of a DAG? Functionally I can’t see any issues with this based on the new way CAS functions as a stateless role.
Keen to know your perspective on this.
Cheers,
Thang
Hi,
thanks! And sure, you can have CAS & MBX co-located on the same server; even in a DAG. The only thing you cannot do is use NLB to load-balance CAS when part of a DAG…
Cheers!
Michael
Hi,
I am unable to send and revice e-mails.When i am sending a emails geting stuck on draft.