DAG Replication over Sattelite Links

Hi all -

We have four sites in South Africa (SA) who share a combined 5Mbps down/10Mbps up sattelite link back to a centralized infrastructure in London which houses a single CAHT server and mailbox server (see attached Visio).  95% of the company works primarily in SA where the options for connectivity are limited and pricey.  In addition, staff in SA have 5 weeks on/2 weeks off work schedule so when they are in leave they could be connecting from anywhere in the world.  ALL traffic (web, mail, etc.) is currently being forced up and down the link.

In other words, if I am site A in SA and send an email to site B in SA the email must travel up the link to London to our CAHT server and the recipient must retrieve it from the MB server also located in London.

This presents several issues.  First and foremost it causes users who are sending attachments to see the status bar in Outlook as the mail is being transferred up.

Our idea is to place a second CAHT in SA so that at least when a user sends a mail it 'appears' to be instatntly delivered (obviously it would simply be queued on the SA CAHT until it gets delivered to the London CAHT).  This would be our smoke and mirrors approach to ease end user consternation as far as sending email is concerned.

Secondly, we are wondering if placing a secondary MB server SA and configure DAG replication would be of benefit.  Of concern is saturatnig the link with replication traffic.  Is it possible to pre-populate a copy and fly it into country and connect it to a newly built MB server?  If a user is on leave and connects with Outlook anywhere to London I assume that they would then be connected to their MB copy in London rather than their home server in SA should we deploy one there.

Is it safe to assume that the amount of replication traffic we would see would be equal to the change in MB database size?  Can we schedule it?  Are there any metrics out there for what we can expect to see if we go that route?

In a few weeks time we will have a microwave network in place in SA connecting the local sites at 100Mbps.  That should at least allow SA generated emails that are destined for another SA mailbox to be delivered in a timely fashion.

Clearly we are hobbled by the hard fact that connectivity back to London is limited to sattelite communications.  We've been tossing and turning tryng to figure out how to improve the user experience and I wanted to shoot this out to the wider community to see if anyone has any outside-of-the-box ideas.

I apologize for the length of this question but I want to cover my bases before suggesting a solution or telling the CIO that he needs to dump another 20,000£ a month for additional satteliet bandwidth.


Many kind regards!

(attached is an overview of the infrasructure)


 South-Africa-Connectivity.vsd
LVL 1
wrenmottAsked:
Who is Participating?
 
Antonio VargasConnect With a Mentor Microsoft Senior Cloud ConsultantCommented:
The idea behind putting a HT in SA is so that when a user sends an email it immediately leaves their Outbox.  We realize that it wouldn't actually be immediately delivered, but to the user it would appear to be.  For us that's good enough.  So, if we add an MB server to SA, and as long as an SA user's mailbox resides on that server and he sends an email to anyone in the company (SA or LNDN) if there is a HT in SA it will go there first immediately leaving the outbox of the user, correct?  If it is destined for London it will simply queue there until it can be sent over the VSAT.  Is that correct?

R: Thats correct. As long as you have your Active Directory sites and services well configured, user will send the mail trough the HT on the MBX site. If they are both on SA then mail goes out more quickly and then communications between HT in SA and London wont be visible to the user.

Agreed.  Way to much latency to depend on DAGs for high-availability, HOWEVER we're not really using them for that (conceptionally any way).  We're prepared to configure lagging copies and are not concerned that the DBs stay immediately up to date.  The reason we want to set them up is so that a copy of the SA mailboxes also resides in London.  The only reason we want this is for when a user is travelling and connects to Outlook Anywhere (or Mobile).  They can only connect to the London entrypoint from outside of the network.

Its my understanding that the CAS server handling that request will connect to the closest MB server that has a copy of the user's mailbox.  In this case it would be the replicated copy in London.  Am I wrong in thinking this?  Would the London Outlook Anywhere CAS still pull their mail from the SA loaction rather than the copy inLondon?

R: You are wrong. Fist things first, creating a DAG between SA and London can cause unexpected failovers, cause by high latency or momentaneus link failures. For example, if London as a passive copy and for a couple of seconds cannot communicate with SA then it will assume that the SA copy is down and activate the London copy. That on a slow link and with lagged copies can be a disaster on up time.
Next the CAS. When a user connects from outside to the London office, the process will be:
1- User connects to internet facing CAS
2- Internet facing CAS finds were is the mailbox (what database) and whats the rpcclientaccessserver of the mailbox database
3- Internet facing CAS PROXIES the request to the internal CAS serving the mailbox database
4- User accesses mailbox (Outlook anywhere, Active Sync, OWA)

also having a passive copy in London will not serve for the user to connect there. User will allways connect to the ACTIVE copy of your Mailbox Database.

We definitely plan on doing this.  Great suggestion.  Can it really be as simple as just changing the IP address?

R: Yes it's very simple to change the IP

onde again very carefull with DAG between SA and London.

Hope it helps
0
 
endital1097Commented:
Unfortunately, putting a CAHT would not instantly appear delivered because the message would be sent which would trigger the mail submission service on the MBX server to notify at HT. There is no guarantee which HT will pick up the message.

Your best bet is to install an all-in-one server in SA to host these mailboxes. DAG replication is not supported where the round trip latency is > 250ms. Depending on your traffic you may hit this, but it does not mean it will not work. You could still have the Internet facing CAS servers be London, but Outlook Anywhere users may still experience issues (put them in cached mode).

The networking limitations and user experience should be the determining factors in how the design is finalized.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
"Our idea is to place a second CAHT in SA so that at least when a user sends a mail it 'appears' to be instatntly delivered (obviously it would simply be queued on the SA CAHT until it gets delivered to the London CAHT).  This would be our smoke and mirrors approach to ease end user consternation as far as sending email is concerned."

This wont happen because the user will always send the mail trough the Hub transport server in the same site of the mailbox server is hosted.

"Secondly, we are wondering if placing a secondary MB server SA and configure DAG replication would be of benefit.  Of concern is saturatnig the link with replication traffic.  Is it possible to pre-populate a copy and fly it into country and connect it to a newly built MB server?  If a user is on leave and connects with Outlook anywhere to London I assume that they would then be connected to their MB copy in London rather than their home server in SA should we deploy one there."

They will connect to the Cas Server configured as rpcclientaccessserver of the mailbox database they are in.
Also Microsoft does not support DAG between site with a latency of more than 500ms. I think that you can have an issue with latency here.

"Is it safe to assume that the amount of replication traffic we would see would be equal to the change in MB database size?  Can we schedule it?  Are there any metrics out there for what we can expect to see if we go that route?"

The first replication would be the database size. But you can install and do the first replication in London and then ship the server to SA. Just have to change the IP. You can delay the replication with "lagged copies" to be done during the night for example. But once again be well aware of the latency.

Finally my recomendation. Get dedicated server to SA and dont add then to the DAG with London. Use a backup plan to send the data to London for DR purposes.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
wrenmottAuthor Commented:
Hi all -  (I wish we could colorize responses to make the threads easier to read, but here it goes....)

-----[forget about DAGs for a sec]

The idea behind putting a HT in SA is so that when a user sends an email it immediately leaves their Outbox.  We realize that it wouldn't actually be immediately delivered, but to the user it would appear to be.  For us that's good enough.  So, if we add an MB server to SA, and as long as an SA user's mailbox resides on that server and he sends an email to anyone in the company (SA or LNDN) if there is a HT in SA it will go there first immediately leaving the outbox of the user, correct?  If it is destined for London it will simply queue there until it can be sent over the VSAT.  Is that correct?


-----[OK, now DAGs and CAS whilst travelling]

Agreed.  Way to much latency to depend on DAGs for high-availability, HOWEVER we're not really using them for that (conceptionally any way).  We're prepared to configure lagging copies and are not concerned that the DBs stay immediately up to date.  The reason we want to set them up is so that a copy of the SA mailboxes also resides in London.  The only reason we want this is for when a user is travelling and connects to Outlook Anywhere (or Mobile).  They can only connect to the London entrypoint from outside of the network.

Its my understanding that the CAS server handling that request will connect to the closest MB server that has a copy of the user's mailbox.  In this case it would be the replicated copy in London.  Am I wrong in thinking this?  Would the London Outlook Anywhere CAS still pull their mail from the SA loaction rather than the copy inLondon?

Again, we realize that with latency the mailbox may not be up to date.

On that note, when a user goes on vacation is there anything we can do to the rpcaccessclient setting to ensure that they connect to the London copy?

-----[Pre-building the server]

We definitely plan on doing this.  Great suggestion.  Can it really be as simple as just changing the IP address?


Thanks allL!  I feel like we are getting closer to a valid solution for a tricky environment .

0
 
wrenmottAuthor Commented:
GreatVargas, sir, you are a star.  You have scared me away from using DAGs.  Well done.  :)  I didn't even consider the 'accidental' failover scenario and suppose there is no way to prevent it.

The only remaining question what is the best way to get the 900+ mailboxes to our new MB server in SA without moving them over the VSAT or losing data?  We have a private jet so we can get them there in less than 12 hours but how do we account for incoming mail forthose users while the server is being relocated?
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
The only remaining question what is the best way to get the 900+ mailboxes to our new MB server in SA without moving them over the VSAT or losing data?  We have a private jet so we can get them there in less than 12 hours but how do we account for incoming mail forthose users while the server is being relocated?

R: Install the mailbox Server on London and then you have two options:

1- Move the mailboxes there and assume the downtime when the server goes to SA
2- Add them to the DAG, replicate the DB, fly the server to SA, activate the DB there (it will replicate remaing logs) and then remove the copy from london
0
 
wrenmottAuthor Commented:
Brilliant!!  Thank you!
0
 
wrenmottAuthor Commented:
GreatVargas deserves his reputation.

Will post an update once solution is in place.
0
 
Antonio VargasMicrosoft Senior Cloud ConsultantCommented:
Thanks

glad to be helpful
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.