Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Lost client connectivity in Exchange 2013

Posted on 2014-11-10
3
Medium Priority
?
579 Views
Last Modified: 2014-11-11
We have updated to Exchange 2013 CU6 w/ coexistance with 2007. We've migrated all resouces and settings to exchange 2013 and have shutdown the 2007 environment (3 weeks ago) with no negative impact.

An issue we've been dealing with for about 2.5 months is client connectivity. Randomly all outlook users will disconnect and email will no longer be delivered to mobile devices. There are no log entries leading up to the failure or during.

To resolve the issue I do the following:
Reboot both CAS servers
Make the active node passive and the passive node active
Client connectivity restored

**Note: After talking with multiple VARs and collegues I now know that NLB clusters are not recommended by Microsoft and we should be using hardware for load balancing. We're in the process of purchasing a hardware load balancer, but we're 2 month from having one in house.

Environment:

Front End- 2 virtual Windows server 2012 R2 on VMware 5.1. Each have 2 cpu and 8gb ram. Running Exchange server 2013 cu6 Standard in A active/passive NLB configuration (unicast).

Back End- 2 virtual Windows server 2012 R2 on VMware 5.1. Each 12 cpu and 32gb ram. Running Exchange server 2013 cu6 Standard in a DAG.
Questions:
1. Has anyone seen this behavior before?
2. Any suggestions on tools/troubleshooting?
3. Recommendations?

We've used the following VMware links to configure and QC server settings:

3) VMware: Articles and Blog

• Microsoft Network Load Balancing Multicast and Unicast operation modes (1006580)
http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1006580

• Sample Configuration - Network Load Balancing (NLB) unicast mode configuration (1006778)
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006778
Comments:
If your Windows Network Load Balancing is configure with unicast communication mode, review the section on RARP packets in this article .
The transmission of RARP packets is prevented on the portgroup / virtual switch as explained in the later part of the article.
Microsoft NLB not working properly in Unicast Mode (1556)
http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1556
Check out this blog:
Back To Basics: Configuring Standard vSwitch (Part Two of Three)
http://blogs.vmware.com/smb/2014/04/back-basics-configuring-standard-vswitch-part-two-three.html
Scroll to the “Notify Switches” section where you will see:
Microsoft NLB software when configured in a unicast mode is incompatible with Notify Switches set to Yes.

• Sample Configuration - Network Load Balancing (NLB) Multicast Mode Configuration (1006558)
http://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=1006558
0
Comment
Question by:Mwaddams
  • 2
3 Comments
 
LVL 125

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 2000 total points
ID: 40433688
1. Has anyone seen this behavior before?

More times, that I've had hot dinners, and regular question on EE!

2. Any suggestions on tools/troubleshooting?

Switch to multicast.

3. Recommendations?

firstly to pick holes, I would not use NLB in unicast mode, switch to Multicast, this is what is recommended in a VMware environment.

and when you have switched to Multicast, it is important to follow the documents you have referenced to statically allocate ARP MAC and IP addresses in your routers, and every physical port and uplink you would expect multicast traffic to appear on needs to be in the config!

OF ALL the NLB configurations we visit on a monthly basis, this is the reason for failure, someone does not configure the physical switches!

If you cannot do the above, abandoned NLB, and wait for your hardware load balancer, or you could try...

http://www.zenloadbalancer.com/

which is a virtual appliance!
0
 

Author Comment

by:Mwaddams
ID: 40434154
Andrew,

Thank you for taking the time to respond to my question.
We've decided to abandon NLB and do the following:

Build a new standalone CAS server
Point the firewall to the new server
Shutdown CAS Array
Purchase and install a hardware load balancer
Stand up additional CAS servers as necessary after load balancer installed.

By simply removing NLB from the environment do you believe all of our random client connectivity outages will go away?
0
 
LVL 125
ID: 40434167
Yes, otherwise you've got another issue!
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Upgrading from older Exchange server to the latest Exchange server can be tiresome, error-prone and risky, without being a seasoned exchange server administrators. It can become even problematic if you're an organization that runs on tight timeline…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question