I’ve been reading some posts about why not use the Windows Network Load Balancing for Exchange environment. The main reasons are:
- Can only load balance at the Transport Layer
- Can only perform Client-IP based affinity
- Has no service awareness
- Port floods by nature and causes excessive network traffic
- Works fine in a vacuum but has many incompatibilities with Anti-Virus filters, hypervisors, and network equipment
Lastly and most importantly, WNLB is incompatible with Windows Failover Clustering, which is required on a Database Availability Group (DAG) member server. In other words, it is impossible to have a DAG node also be a member of a WNLB cluster. In Exchange 2010/2013, this restriction required dedicated Client Access Servers if WNLB was employed. However, because Exchange 2016 now has one consolidated server role, there is no longer an option to install only a Client Access Server. In light of this architectural change, customers must either implement a third-party load balancing solution or use Exchange 2016 servers with no active mailboxes on them (and not members of a DAG) in a WNLB load balanced pool. Since the latter option is a waste of an Exchange Server license, added complexity, and offers no added technical benefit, I strongly recommend against it.
Therefore multiple DNS record comes handy as a fake load balancing best practice. Creating common client namespace pointing to different CAS servers will take the load off with the help of round robin. The DNS server will randomly choose which DNS record is resolved and so the client access will vary among the servers.
If you have multiple sites geographically separated the DNS network mask ordering will help not to divert the traffic across networks. If you have subnetted network than you might need it to configure the LocalNetPriorityNetmask key on your DNS servers with DNSCMD /config /LocalNetPriorityNetmask 0x000000ff (in case of 255.255.255.0 network)
If your network has a different subnet mask than you need to priority accordingly. Here is an example: A /20 netmask is 255.255.240.0. Subtract from 255.255.255.255 to get 0.0.15.255. Which in hex is 00000fff (15 decimal is F hex). So all I have to do is put this value as
LocalNetPriorityNetMask on the DNS server, restart the service, and now the server will correctly return subnet prioritized answers for my /20 network.
More to read: