Mail.domain.com : – 192.168.80.25

Mail.domain.com : – 192.168.80.26

autodiscover.domain.com: – 192.168.80.25

autodiscover.domain.com: – 192.168.80.26
In the internal environment, it is ok to run but the WAN environment is problematic.
Ip WAN: 10.10.10.1, 10.10.10.2

2 nat: 10.10.10.1-> IP: 192.168.80.25 port 25, 443,80
2 nat: 10.10.10.2-> IP: 192.168.80.26 port 25, 443,80
But external NAT DNS public does not support load balance robin
Can you help me?
thanks

Exchange 2016 no longer has separate roles. So would this still be considered a “hack”?

Thanks for your reply. I have an existing exchange 2007 with 600 mailbox. I installed the server role as I mentioned and migrated some mail box to new server. DAG also in place. So is it possible or required to go back?

First point I will make is that the best practice is to use multi-role servers, instead of separating CAS and Mailbox roles like you have. If it’s not too late for you to rebuild your environment, it would be beneficial to do so.

For your question, normally a load balancer is used. If you don’t have a load balancer, and you want to use DNS RR instead, you will need two public IPs.

1 MBX1 –Mailbox Role
2 MBX2- Mailbox Role
and configured as DAG

3) CAS1-CAS Role- with Private IP 192.168.10.20
4) Cas1- CAS Role- with Private IP 192.168.10.21

I have created the internal DNS record for mail.domain.com with 2 IP(192.168.10.20 and192.168.10.21) as you mentioned .I have public IP x.x.x. 41 to X.x.x.47.
How I will configure external DNS for both CAS.Is I need to configure the “mail.domain.com “ with 2 public IP ?

Thanks for your reply .

In some of the blogs i have found we may get those details by using the below mentioned URL’s ? Does Microsoft explains anything about the given URL’s ?

Please replace with your namespace when you are testing these URL’s in your environment.

https://nithya.test.com/mapi/nspi

https://nithya.test.com/mapi/emsmdb

https://nithya.test.com/mapi/emsmdb/?showdebug=yes

Reference link : http://www.msftexchange.org/mapi-over-http/

Thanks for your reply .

Additionally in some of the blogs i have found we may get those details by using the below mentioned URL’s ? Does Microsoft explains anything about the given URL’s in any of official blogs ?

Please replace with your namespace.

https://nithya.test.com/mapi/nspi

https://nithya.test.com/mapi/emsmdb

https://nithya.test.com/mapi/emsmdb/?showdebug=yes

Reference link : http://www.msftexchange.org/mapi-over-http/

I would still look at the IIS logs. Running netstat on 156 servers isn’t going to be useful, in my opinion. IIS logs can be quickly parsed using tools like Logparser or Logparser Studio, or custom scripts. If that’s too slow for you, invest in a log monitoring tool.

Thanks for your reply .

Yes correct , I can search for the IIS logs but here the problem is i am having around 156 exchange servers and it is very difficult to parse the logs in all the servers while troubleshooting any issues , So how should i identify to which servers my load balancer is assigning the connections when i open my outlook ?

So to track that server name details – i will open outlook in my machine and simultaneously on the other end i will execute the netstat command against all of my exchange servers by filtering my machine ip address and port no 443 . If my understanding is wrong for my requirement then please share your views and thoughts to find out the name of the servers to which the LB has is assigning the connections when the user has opened the outlook.

The load balancer will send traffic to any of the servers in your load balancing pool. The load balancer has no knowledge of where your mailbox lives. It is only aware of servers. The server that receives the traffic on its frontend (Client Access) services will proxy the connection to wherever the mailbox is active. This is the basic architecture of Exchange and you can read more details about it on TechNet.

I don’t think that Netstat command is going to tell you anything. If you want to see where users have been connecting via the load balancer, look at your IIS logs on each Exchange server. That will show the HTTPS connections with usernames and other details.