GTM and Exchange 2010 RPC Client Access

Question

Hi,&nbsp;&nbsp;I have followed the newest Exchange 2010 deployment guide and configured RPC client access using 3 different virtual servers and static RPC port assignments.&nbsp;&nbsp;&nbsp;One thing that the guide does not cover is using GTM to load balance the RPC client access role across two datacenters.  Since the "RPC Client Access Service" actually consists of 3-4 virtual servers, on different ports, and using different TCP health monitors, I'm having a hard time figuring out how to properly configure the GTM side of things.&nbsp;&nbsp;&nbsp;I need to be able to properly redirect users to either datacenter based on the overall health of the RPC client access services at each datacenter (LTM).  Can someone give me some advice on how to properly configure the GTM side of things for this?&nbsp;&nbsp;&nbsp;Thanks,&nbsp;&nbsp;&nbsp;Josh&nbsp;

mikeshimkus_111 · Answer

Hi Josh, you should be able to configure a GTM pool for each datacenter, containing the RPC client access virtual servers you've set up for that datacenter. The GTM will consume the LTM monitors for each virtual, but you can also create GTM TCP monitors for each service and apply them to the GTM pool.  If you select advanced config under the pool properties, you can set the availability requirements for that pool by choosing the number of monitors that need to be up to consider that pool healthy.  You can then create topology records to make decisions on where to send clients (you'd need to choose topology as your LB method of course). 
&nbsp;  
&nbsp; That said, is there a reason you're using RPC client access rather than OutlookAnywhere?  With the HTTP-based Exchange services, the BIG-IP can do better monitoring, offload SSL, and use APM to secure access to the virtuals.  
&nbsp;  &nbsp;

josh_41258 · Answer

I wish we could just use OA.  The reason that we can't is because we have to support a legacy public folder database.  Doing so through OA (HTTPS) requires additional authentication.  So, we are stuck with MAPI/RPC at the moment.

helen_johnson_1 · Answer

Hi Josh, 
&nbsp;  
&nbsp; Thanks for reaching out. 
&nbsp;  
&nbsp; What you're describing looks like a good use case for the distributed applications feature in GTM.  I've included a link to our manual on the subject here:  http://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm_config_10_2/gtm_logical_network.html?sr=18065490 
&nbsp;  
&nbsp; I hope that points you in the right direction. 
&nbsp;  
&nbsp; Cheers, 
&nbsp; Helen

josh_41258 · Answer

Hi Helen, 
&nbsp;  
&nbsp; Isn't a distributed application only useful if your application consists of multiple Wide-IP's?  This use case only has one wide-IP, but several virtual servers on the LTM with multiple service ports. 
&nbsp;  
&nbsp; Thanks, 
&nbsp;  
&nbsp; Josh

josh_41258 · Answer

Here's an update on how I solved the problem (thanks to Riley over at F5 Support): 
&nbsp;  
&nbsp; 3 VIPs - one for RPC endpoint, one for MAPI, one for Address Book. 
&nbsp;  
&nbsp; On the GTM virtual server definition for the RPC endpoint, made the MAPI and AB VIP's dependencies of the RPC endpoint VIP.  This means that all if any of the dependent virtual servers are marked down, so will the RPC endpoint virtual server.  I did this for all three RPC related VIPs. 
&nbsp;  &nbsp;

Forum Discussion

GTM and Exchange 2010 RPC Client Access

Recent Discussions

user alert on apm logs

Adding New BigIP Units Using Free CPUs on i7800 (LB13 & LB14) to an existing HA Pair

LTM + GTM on same box

How to backup automation Which BIG IP already integration to BIG IQ CM

kerberos authentication on the F5 APM not working

Related Content

About client profile (apm-forwarding-client-tcp)

Exchange iapp for multiple Exchange servers (different customers)

APM authentication for Exchange 2010

No more http Portal Access

Second authentication prompt when accessing Exchange 2013 Outlook Web app using BigIP LTM.