Forum Discussion
Jason_L_40779
Nimbostratus
Nov 24, 2010Exchange 2010 COnfiguration
I have a question regarding Exchange 2010 implementation. I'm newer to working with LTM so forgive me if some of the questions I ask may seem basic. I will be load balancing OWA, Active Synch, and Autdiscover and RPC using a single FQDN or VIP. I'm thinking about using a one armed configuration. Not sure if this is good or bad.
The way our internal network is setup, we kind of limited to a one armed configuration. First off, is using a one -armed configuration better than using a routed. The way our internal network is setup, the CAS servers sit on the same Vlan as the VIP. I do realize I will be using a snat so the source IP address will look like the egress vlan IP of the F5. All of the server logs will then show this and it may be difficult for a windows admin to look in the logs and troubleshoot..
On the other hand, My understanding is, if using a routed configuration, I do NOT need to create a snat if the node's default gateway is the floating IP if the VLan the node is on. The source IP address of the client would not be change and the server logs would show the true client IP address. I would however also need to create a route so when that node sent its' traffic back to the BigIP as the DG he it would know where to send it. Say if i'm using a 10.0.0.0 network, and I have 2 trunks going to 2 different sets of switches, how do I make sure that traffic coming in from Trunk A goes back out trunk A. The 10.0.0.0 also lives on trunk B. Finally,how do I allow admins to be able to access their servers that sit behind the F5. Do I need to create a seperate management VIP so they can telnet or connect to it? Thanks in Advance..
- nitass
Employee
Posted By jayson on 11/24/2010 07:58 AM - Jason_L_40779
Nimbostratus
I appreciate the input. I'm newer to F5 and an really enjoying being an administrator for them, but want to get better. I more used to doing a one armed configuration so this is all new to me... - nitass
Employee
SO if the nodes are using the floating self IP of the Vlan on the LTM as their default gateway, I do NOT need to create snats for any of those VIPS associated with those nodes correct? - L4L7_53191
Nimbostratus
Jayson: I'd have a listen to devcentral podcast 154, which deals with your use-case exactly. Joel Moses, who is the guest speaker for this session, has done some fantastic work with this and I'd strongly suggest anyone out there with a 2010 environment give it a listen. In particular, you'll learn about a bunch of specific gotchas that can arise if you're using SNAT with these environments. Joel also walks through solutions.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects