SMTP load balancing with F5 LTM

In my previous blog I explained how to configure the F5 LTM for use with Exchange 2010 CAS servers. To do this properly it is recommended to use a template (iApp) because of the amount of work (and thus complexity).

Load balancing SMTP is much easier. The only things that need to be configured are:

  • Service Monitor for monitoring the SMTP service on the Exchange 2010 Hub Transport Servers;
  • A Pool containing the Exchange 2010 Hub Transport servers;
  • A VIP for the SMTP service with a listener on the public network.

To create a new Service Monitor select the Local Traffic and click the + symbol next to monitors. Give the new monitor a name like SMTP_Monitor and if needed adjust the service health monitoring interval.


The next step is to create a new pool. Again click Local Traffic and click the + symbol next to Pools. Give the new pool a name like SMTP_Pool, select the health monitor that was created in the previous step and add both Exchange 2010 Hub Transport Servers in the Resources field.


The last step is to create the Virtual Server. Click on Virtual Services and click the + symbol next to Virtual Server List.

Fill in the general properties like a new for the new Virtual Server (something like SMTP_VIP or so), the IP address of the VIP (where other SMTP hosts connect to) and the service port which is 25 for SMTP of course.

All other options can be left default. The only exception is the Default pool where we have to select the SMTP_Pool that was created in the previous step.

Now when you use Telnet on port 25 to connect to the SMTP VIP you’ll see that you connect to one Exchange server. The next Telnet session will end up on the 2nd Exchange servers since we use Round Robin for distribution.


When you open the SMTP Receive Connector log file (enable this first in the Exchange Management Console, the log file itself can be found on C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\ProtocolLog\SmtpReceive) you’ll see the entries of the service monitoring by the load balancer, but you’ll also see the entries from the Telnet test. Clearly visible is that the source IP address of the client is logged.


Perfect if you want to implement connection filtering on the Hub Transport servers (or Edge Tranport servers of course).

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s