Robert’s Rules of Exchange: Multi-Role Servers

Please correct me if I am wrong - I think, one of the possible options to load-balance multi-role Exchange servers in a DAG using WNLB, is the TMG (that’s just my theoretical suggestion and not a proven in the field scenario at all). The easiest way to describe my thought, I think, is this sample scenario:

Customer already has pair of TMG servers that are part of the corporate AD forest. Each TMG has one NIC in DMZ and another NIC in corpnet. NICs in DMZ are in WNLB and the customer is publishing Exchange to the Internet thru them.

So far that’s an obvious scenario. Now the suggestion: publish Exchange to the corpnet using these TMG servers. Additional configuration for that:

1) Join TMG servers existing NICs in corpnet in WNLB (if not already done so) or install additional NICs for that purpose and join them in WNLB;

2) Change existing Exchange publishing rules to allow traffic from corpnet or create additional rules to publish Exchange to corpnet. The key thing here is the ability of TMG to publish Exchange RPC protocol and we need a new rule for publishing RPC to corpnet. I’ve never tried such RPC publishing, so it’s a theoretical suggestion, as the whole scenario by the way ;)

3) In the internal DNS, repoint CAS Array DNS entry to the TMG WNLB IP address in the corpnet. Internal URLs for different Exchange services also must lead to this IP.

So, in the end of the day, TMG servers are in WNLB, internal traffic somehow spreads amongst them thru WNLB functionality, and then TMG servers use server farm concept to proxy this traffic to CASs inside corpnet and to test, does each CAS is alive, to continue to proxy the traffic to it if it is alive. Of cause, additional load on these TMG servers must be taken into account before such a reconfiguration.