Jump to content
Welcome to our new Citrix community!
  • Load Balancing Exchange SMTP Relay and IIS SMTP Relay


    cugcblogs

    danschlimmernd.png by Dan Schlimme

    I recently had to load balance our Exchange SMTP Relay and IIS SMTP Relay.  Both of these require the use of DSR which I was unfamiliar with and wanted to share my experience.

    Important Pieces of Information

    • Netscaler Firmware
      • NS 10.5 61.11.nc
    • Exchange Environment
      • Exchange 2010
    • Server OS
      • Server 2012 R2
    • Your vip needs to be on the same VLAN as your load balanced servers
    • You will need a SNIP for the VLAN of your load balanced servers
    • You will need to add the VLAN of your load balanced servers to your network port
    • MAC based forwarding needs to be enabled

    Netscaler and Server Networking configuration are the same for Exchange SMTP Relay and IIS SMTP Relay

    Netscaler Configuration

    • Add the VLAN you will be working with to your Netscaler
      • Navigate to System\Network\VLANs
        • Select Add
          • Enter the VLAN ID
          • Bind to the Interface you need
            • I tagged the traffic, but this may not be needed in your environment
    schlimme122716-01.png.684da769d15d5a45efa61f3eb2b67428.png
    • Add SNIP to the Netscaler on the VLAN you just added
      • Navigate to System\Network\IPs
        • Select Add
          • Enter the IP
          • Enter the Netmask
          • Select IP Type as Subnet IP
          • OPTIONAL STEP - Uncheck “Enable Management Access control to support the below listed applications”
    schlimme122716-02.png.62c2beb3299d0386e248d5723436f1f9.png
    • Add the servers you want to load balance
    • Create the SMTP Monitor
      • Standard Parameters
        • Give it a name
        • Set the port number to 25
    schlimme122716-03.png.2aacdfaa9568b53fee922d841b56afc5.png
    • Special Parameters
      • Select Script of nssmtp.pl
      • Set Dispatcher IP to 127.0.0.1
      • Set Dispatcher port to 3013
    schlimme122716-04.png.d57f74f6523ed7e2979443d125af64cb.png
    • Create the Service Group
      • Basic Settings Configuration
        • Give it a name
        • Set Protocol to ANY
    schlimme122716-05.png.431e72ef9ffe1811bb9ad2e0da874aff.png
    • Settings Configuration
      • Select Use Proxy Port
      • Select Down State Flush
      • Select Use Client IP
    schlimme122716-06.png.7d7ba4b5522a5eb822d8b984e080707b.png
    • Monitor Configuration
      • Add the SMTP Monitor you created earlier
      • You also need to add a second monitor of TCP/Ping/ARP
        • I used ARP
          • This has something to do with learning the MAC address. I am not entirely certain.
    • Service Group Members Configuration
      • Add the Servers you added earlier
    • Create the Virtual Server
      • Basic Settings Configuration
        • Give it a name
        • Set Protocol to ANY
        • Assign IP
        • Set Redirection Mode to MAC Based
    schlimme122716-07.png.7fbd1ba945db8eae7554f0a7f6c8c6c7.png
    • Service and Service Groups Configuration
      • Bind the Service Group you created earlier
    • Method Configuration
      • Set Load Balancing Method to Round Robin
    schlimme122716-08.png.737082282d3a83c35084698cebd4ba52.png
    • Persistence Configuration
      • Set Persistence to SourceIP
    schlimme122716-09.png.881cc8f22dd78d0a5548c9074f197ac7.png
    • Traffic Settings Configuration
      • Select Sessionless Load Balancing
    schlimme122716-10.png.6e5492de454ad84a7b50f7602a0ab4ec.png
    • Your Virtual Server is now configured

    Server Configuration

    • Add a loopback network adapter
    • Rename Ethernet adapter to Ethernet
    • Rename the Loopback adapter to Loopback
    • Open properties of the Loopback adapter
      • Uncheck everything except Internet Protocol Version 4 (TCP/IPv4)
    schlimme122716-11.png.6f17cfd368b8645a08efc769b96648a9.png
    • Select Internet Protocol Version 4 (TCP/IPv4) and select Properties
      • General Settings Configuration
        • Add the IP you used for your SMTP Virtual Server
        • Set the Subnet Mask to 255.255.255.255
        • Do not set DNS
    schlimme122716-12.png.80c190e227957d368ead2b3bf6db14c3.png
    • Advanced Configuration Settings
      • IP Settings
        • Uncheck Automatic metric
        • Set Interface Metric to 254
          • This prevents the ip from arping
    schlimme122716-13.png.315c5711552c0b5dbf7c38259e996a1c.png
    • DNS
      • Uncheck Register this connection’s address in DNS
    schlimme122716-14.png.55d2ba348b6f22f576a10fe8d2ff3389.png
    • WINS
      • Select Disable NetBIOS over TCP/IP
    schlimme122716-15.png.62e637be741b227631f9aefe0174c33c.png
    • From command line run the following commands with elevated privileges
      • netsh int ipv4 set int "Loopback" weakhostreceive=enabled weakhostsend=enabled
      • netsh int ipv4 set int "Ethernet" weakhostreceive=enabled
      • arp -d *
    • Your Server is now configured for DSR

    IIS SMTP Relay Configuration

    • Open IIS on your Relay server
    • Go to properties of your SMTP Virtual server in IIS
      • General Settings
        • You will see an IP in the middle, this is the IP of the Relay server itself.
        • Select Advanced next to the Relay Server IP
    schlimme122716-16.png.af85af6edb8b97c23818353ee1826377.png
    • Select Add
      • Choose the IP of the VIP created earlier
      • Set the port to 25
    schlimme122716-17.png.ff359fd8d2ae392276a488bfe5c06ef8.png
    • Access Settings
      • Select Relay
    schlimme122716-18.png.3d7202508fc5bf0a128deced5cfb0162.png

    Select Add

    schlimme122716-19.png.9eb19601e120e3ab738aeb40e7fef33b.png

    Add the VIP you created earlier

    schlimme122716-20.png.9c6959cb131068101d0619a5bde931f7.png
    • IIS SMTP Relay is now configured

    Exchange SMTP Relay Configuration

    • Open Exchange Management Console
    • Expand Server Configuration
      • Select Hub Transport
        • Select a Hub Transport
    schlimme122716-21.png.d34b3478df10faee695c5334a2dcf937.pngschlimme122716-22.png.aca281846d6a3308f371e28188857068.png
    • In the “Use these local IP addresses to receive mail” section, select Add
      • Select “Specify an IP address”
      • Enter the VIP you created earlier
      • Set the Port to 25
    schlimme122716-23.png.f357d778ddefa336f7430bad1ad1210f.png
    • You now need to do the same step to all of your Hub Transport Servers
    • Your Exchange SMTP Relay is now Configured

    Read this if DSR and Netscaler isn't working for you

    https://discussions.citrix.com/topic/361612-exchange-and-source-ip/

    As per the comment from rbarrick on the above article, I also found the same problem. I had more than one VIP with the same IP and even though they were disabled it would not connect until I deleted the disabled Virtual Servers with the same IP. I had them setup after following this article on Exchange Load balancing so when it came to configuring DSR I had multiple VIP's with the same IP. Deleting them or changing the IP they use is the only solution. Hope this saves someone some head scratching.


    User Feedback

    Recommended Comments

    Guest Securing Exchange SMTP Relay Hosts with Citrix ADC – BLOGS

    Posted

    […] of through the Citrix ADC appliance. This process is actually documented in a great article here (credit to Dan Schlimme on the CUGC blog) but this approach wouldn’t be able to meet the […]
    Link to comment
    Share on other sites



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...