Solved

DAG Exchange replication topology.

Posted on 2012-03-12
21
1,294 Views
Last Modified: 2012-10-09
How do I setup a direct connection for replication network node in an exchange 2010 DAG?
0
Comment
Question by:WIZU
21 Comments
 
LVL 13

Expert Comment

by:vishal_breed
ID: 37713159
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37715294
Ideally you will have 2 NICs (or 4 with NIC teaming to make 2) on each server.  
Setup one set of NICs to be on the same network as the clients.  The other NIC is just for replication.  Give it a unique IP subnet just for the DAG.
Click on the DAG in EMC.  In the bottom pane you will see the DAG Networks.  You will see Replication Enabled for the different networks.  Only turn on replication on the unique subnetted NICs.

SERVER1              SERVER2              SERVER3    
LAN NIC              LAN NIC              LAN NIC
REP NIC    <<>>   REP NIC    <<>>   REP NIC
0
 
LVL 14

Expert Comment

by:Radweld
ID: 37716169
Word of advise, teaming replication nics is not recommended and unsupported. You can team the public mapi network but not the replication nics. If course you can use additional replication networks.

Ideally the replication network should be an isolated vlan using a seperate subnet, if possible use a seperate switch for replication traffic to prevent contention related failures and to mitigate against single points of failure.

Even node dags need an additional file share witness to maintain quorum, odd number dags don't need this for operation but a fsw is required In order to create a dag.
0
 

Author Comment

by:WIZU
ID: 37716223
the instructions I got said to have a second nic for replication. I made a direct peer to peer conection and assigned them 150.100.100.0/16

So I should have replication disabled for the MAPI

and enabled for the other subnet?
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37716361
Correct, replication disabled for MAPI and enabled for the replication only NICs.
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37716429
Also Teaming as I recommended IS supported.

"Additional Replication networks can be added, as needed. You can also prevent an individual network adapter from being a single point of failure by using network adapter teaming or similar technology. However, even when using teaming, this does not prevent the network itself from being a single point of failure."

Taken from Technet article Planning for High Availability and Site Resilience found here:
http://technet.microsoft.com/en-us/library/dd638104.aspx
0
 

Author Comment

by:WIZU
ID: 37716925
I just tried to create the DAG the MBX2 joined succefully but MBX1 had the following error.

The operation failed CreateCluster errors may result from an incorrectly configured static IP address

Has anyone out there know why?
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37716955
How many servers are you setting up in your DAG?  What other roles are you setting up on the same machines?
0
 

Author Comment

by:WIZU
ID: 37717331
2 servers with Hub Mailbox and CAS

no other roles.
0
 
LVL 15

Accepted Solution

by:
markdmac earned 500 total points
ID: 37717479
OK, then you have some special needs and setup requirements.  You will need to have a 3rd machine to add the File Share Witness on.  This can be added to any other server.  You can't use NLB with a DAG.  I recently did this exact setup.  Here are the steps I followed.

1. Install the Exchange 2010 prerequisites
•      .NET Framework 3.5 SP1
•      PowerShell v2.0
•      Microsoft Office System Converter Filter Pack
•      IIS
•      Set Net.Tcp Port Sharing Service to automatic
The PowerShell commands to perform the pre-req tasks are as per below:

Import-Module ServerManager

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart

Set-Service NetTcpPortSharing -StartupType Automatic

2. Install Exchange 2010 on x2 servers with the following roles.
•      Hub Transport
•      Client Access
•      Mailbox
•      Management tools (only 1 server if you wish)

3. Once Exchange is installed on both servers you’ll need to configure the following:
Organisation Configuration > Hub Transport > Accepted Domains – Add the domain(s) you own, i.e. mydomain.com and right click on the chosen domain to set as the default.
Organisation Configuration > Hub Transport > Email Address Policies – Set the email address domains including primary, for each mailbox.
Organisation Configuration > Hub Transport > Send Connectors – Set a send connection, type Internet, to allow mail to be sent from this org. Set the type as SMTP and address as * to allow all mail.
Organisation Configuration > Hub Transport > Send Connectors – Add both Exchange 2010 servers under the Source Server tab.
Server Configuration > Hub Transport > Receive Connectors (note: as this is under server config you’ll need to set up the following on both servers) – EITHER add the anonymous user (under permission groups) to the default connector OR create a new connector ‘Internet’ and add the anonymous user to this. If you do create a new connector you’ll need to alter the port on the default (or delete) to something other than 25 so this can be assigned to the new connector. The advantage with creating a new connector is that you can then alter the FQDN of the HELO field from your internal address (if you’re like me it’ll be on a .local/.internal etc) and you want it on your public domain, i.e. mail.mydomain.com.

4. Install Windows 2003 or 2008, 2008 R2 onto a member server as this will be used as the witness server. Add the Exchange Trusted Subsystem group to the local Administrators group on the member server.

If a DC will be the witness, add Exchange Trusted Subsystem to Enterprise Admins group.  Also edit the membership of Exchange Trusted Subsystem and add the DC machine account name as a member of the group.

5. Open Organisation Configuration > Mailbox > Database Availability Groups – right click > New Database Availability Group.
•      Enter a name for the DAG
•      Check the Witness Server check box and enter the FQDN of the member server created in step 4.
•      The default witness directory will be created on the member server at: C:\DAGFileShareWitnessesDAG FQDN – check the witness directory check box if you wish to alter this.
n.b after the DAG is created it’ll attempt to contact a DHCP server. If you don’t have a DHCP server on your network you’ll have to manually assign an IP via the Exchange Management Shell (as per below:
Set-DatabaseAvailabilityGroup -identity “DAG” -DatabaseAvailabilityGroupIpAddress IP
(replacing “DAG” with your DAG name and “IP” with the ip address to be assigned to the DAG)
The DAG will also create an object under the Computers container in AD (assuming you haven’t altered the location of new objects) and also a new DNS A record.

6. Once the DAG is created you’ll need to add the Exchange member servers to it. This can be achieved by right-clicking on the DAG and selecting Manage Database Availability Group Membership. Add your Exchange 2010 servers as required.

7. Open Organisation Configuration > Mailbox >Database Management – Select the databases that will be handled by the DAG – right click > Add Mailbox Database Copy.

8. You’ll now need to create a Client Access Server Array. I created a new DNS record for this that distinguished that it was the CAS array element. This DNS record should point to the DAG IP address.
The array can be created via the Exchange Management Shell using the following command:
New-ClientAccessArray –Fqdn “cas.mydomain.local” –Site “Default-First-Site-Name”
You can then use the following command to make sure that the CAS Array has been configured correctly.
Get-ClientAccessArray
n.b this only has to be performed on one Exchange 2010 server.

9. The final step is to add all mailboxes to the new CAS array. This can be done by using the command below:
Get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer “cas.mydomain.local”
To check the mailboxes are using the correct RPCClientAccessServer (i.e. The Cas Array) you can use the command:
Get-MailboxDatabase |fl Identity, RpcClientAccessServer

10. Finally you’ll need to point Outlook to the new CAS Array DNS name (as previously created).
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 
LVL 15

Expert Comment

by:markdmac
ID: 37717487
Also, please note that you should get some kind of hardware load balancers to balance out the CAS Array.  We used Kemp Loadmaster 2000's which were very easy to setup and not very expensive.
0
 

Author Comment

by:WIZU
ID: 37717530
I have a do have a witness server only runing HUB transport, and it found it when I created the DAG, but when I add tried to add the 2 mailbox servers to the DAG  MBX1 and MBX2 only MBX2 is added sucessfully, and MBX2 is mounted to the on premise server MBX1
MBX1 gets the error that CreateCuster errors may result from incorectly configured static IP

also I noticed that there was a warning the failover clustering computer account is not online and to check that the IP address configuration fro the database availability group is correct.
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37717554
Temporarily disable your replication NICs in Windows and see if it works then.

You have to do a witness server for the DAG because you only have 2 servers.  If you have 3 servers in the DAG you don't need a witness.  The steps I provided should setup everything for you.
0
 

Author Comment

by:WIZU
ID: 37717563
Ok I think I found something both MBX1 and MBX2 can not resolve to the DAGs IP address. How can I put a static IP on the DAG account?
0
 

Author Comment

by:WIZU
ID: 37717603
My DAG is not on a subnet with DHCP. So if My DAGs name is "testdag" What would the commands be to assign an IP through power shell?

Or could I assighn it a static through clustering management?
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37717816
I am worried for you that you are not referring to the instructions I provided.  From step 4 above:

Set-DatabaseAvailabilityGroup -identity “TESTDAG” -DatabaseAvailabilityGroupIpAddress 192.168.1.4

You didn't say what IP so I just made one up.
0
 

Author Comment

by:WIZU
ID: 37717863
Yes I followe your instructions and it worked thanks!! Everything is looking good except I am not sure exactly how this works. MBX2 has a copy of MBX2 mailbox and it mounted to MBX1s database. The preference is set to 1 on both.

So all email on MBX1 is replicated to MBX2 database. If MBX1 goes down MBX2 takes over.

Is that the whole Idea ?
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37717972
Yes, the idea of the DAG is that both servers have all the same data and if one server goes down the other takes over.  

If you divide your data up into multiple information stores, for example let's say 4 stores.  Then you could set 2 databases per server to be active to increase performance by limiting the load on each server.  So in addition to being redundant, you are also distributing work load during normal operation.  If a DAG member goes down then the other server will bring those database online.  When the other server comes back online then you manually need to verify that the databases are in sync and then you can set the database to be active on the other server again.

Sounds like you are in good shape now, please don't forget to mark the accepted solution.

Regards,
Mark
0
 

Author Comment

by:WIZU
ID: 37720604
Thanks!! Is there a way that I can be notified when the DAG is broken?
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37720869
Take a look at this reference for how to monitor your DAG.  Note you could also use SCOM for more proactive notification.

http://www.ntweekly.com/?p=531
0
 
LVL 15

Expert Comment

by:markdmac
ID: 37721001
Another reference, this one from Microsoft:  http://technet.microsoft.com/en-us/library/dd351258.aspx

You could schedule the scripts in the above technet article to run and send the results to yourself in an email.  PowerShell Send Email- http://technet.microsoft.com/en-us/library/dd347693.aspx
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Suggested Solutions

Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now