Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 290
  • Last Modified:

Using dual nics on an Exchange 2003 server for performance increase potential

Our Exchange 2003 Server has 2 nic cards in it.  Only one is active.  The nic card that is active has an IP address that is in our DMZ.  So, while all of our other servers on the LAN, that make up the rest of 2003 domain, have an internal IP addressing scheme of 172.16.10.x, the Exchange server is 172.16.30.x and is LAN accessible.  

The Exchange server is a single box doing everything - data/information stores/mailboxes/OWA/SMTP gateway.  Occasionally we have intermittent connectivity issues, where users will receive the dreaded 'Requesting Data from Exchange Server' message.  

I wonder if taking the current nic card and its IP (172.16.30.x) and dedicating it exclusively for SMTP/OWA traffic and taking the other nic and giving it a (172.16.10.x) address and changing the internal DNS reflect the 172.16.10.x address for the Exchange Server's hostname, would give any kind of performance benefit on the local LAN.

I've found one article where it seems like this practice would not be recommended and causes issues.  Noting that Exchange knows what IP (nic) the SMTP traffic points to, I don't see traffic segregation as being an issue.  But, what I have in my head is only theoretical at best right now.

I've done individual research on the 'Requesting Data from Exchange Server' message and have made changes/tweaks based on what Microsoft would say in KB articles and various solutions I've found around here to no avail.  The server itself is an HP ML350 w/ 4 gig of RAM and has all the data hosted on respective partitions on an HP SAN unit.  I think the machine is spec'd well for the task and the SAN unit is very fast.  

I think I've painted a pretty good picture of the scenario at hand.  Please ask for any other information I may need to provide.  
0
djhath
Asked:
djhath
2 Solutions
 
VahikCommented:
0
 
cjtramanCommented:
djhath,
Try tweaking the following registry setting in client side registry. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Exchange Provider\RPC_BINDING_ORDER. Ensure ncacn_ip_tcp,netbios are listed before other protocols.
I too faced similar kind of problem but I am not sure how it went off. I did the following thing
1. As my server has 2 GB of RAM, you need to add /3GB /userva=3030 along with changing the setting in registry for HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager HeapDeCommitFreeBlockThreshold = REG_DWORD 0x00040000
I changed the registry setting as I was getting store related error stating that  memory allocation is not done properly.

It is always recommended to build layers of defence for any service. You have installed Exchange in DMZ and have all mail related services running in DMZ. As email is critical medium/channel for any business today, you have shown no sense of security in protecting your email infrastructure. Moreover, you are contemplating of connecting exchange server in 2 networks (LAN & DMZ). You are moving towards worse from bad scenario.

I suggest you install only SMTP/https based OWA service in DMZ and move all the other resorces to the local network. You can achieve this by setting up desktop class machine.

0
 
pseudocyberCommented:
I'm not an Exchange guru, or much of a server guru either - but from a networking perspective, I have to agree with cjtraman's comments about going from "bad to worse" if you dual home it and bypass your firewall.

If its redundancy and some load balancing you want, then connecting both NICs (teaming) is the way to go.  But not dual homing and spanning your dmz to internal bypassing your firewall.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now