Load Balancing with DNS records

I’ve been reading some posts about why not use the Windows Network Load Balancing for Exchange environment. The main reasons are:

  • Can only load balance at the Transport Layer
  • Can only perform Client-IP based affinity
  • Has no service awareness
  • Port floods by nature and causes excessive network traffic
  • Works fine in a vacuum but has many incompatibilities with Anti-Virus filters, hypervisors, and network equipment

Lastly and most importantly, WNLB is incompatible with Windows Failover Clustering, which is required on a Database Availability Group (DAG) member server. In other words, it is impossible to have a DAG node also be a member of a WNLB cluster. In Exchange 2010/2013, this restriction required dedicated Client Access Servers if WNLB was employed. However, because Exchange 2016 now has one consolidated server role, there is no longer an option to install only a Client Access Server. In light of this architectural change, customers must either implement a third-party load balancing solution or use Exchange 2016 servers with no active mailboxes on them (and not members of a DAG) in a WNLB load balanced pool. Since the latter option is a waste of an Exchange Server license, added complexity, and offers no added technical benefit, I strongly recommend against it.

Therefore multiple DNS record comes handy as a fake load balancing best practice. Creating common client namespace pointing to different CAS servers will take the load off with the help of round robin. The DNS server will randomly choose which DNS record is resolved and so the client access will vary among the servers.


If you have multiple sites geographically separated the DNS network mask ordering will help not to divert the traffic across networks. If you have subnetted network than you might need it to configure the LocalNetPriorityNetmask key on your DNS servers with DNSCMD /config /LocalNetPriorityNetmask 0x000000ff (in case of network)


If your network has a different subnet mask than you need to priority accordingly. Here is an example:  A /20 netmask is Subtract from to get Which in hex is 00000fff (15 decimal is F hex). So all I have to do is put this value as LocalNetPriorityNetMask on the DNS server, restart the service, and now the server will correctly return subnet prioritized answers for my /20 network.

More to read:



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s