DAG Exchange replication topology.

WIZU used Ask the Experts™
How do I setup a direct connection for replication network node in an exchange 2010 DAG?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Ideally you will have 2 NICs (or 4 with NIC teaming to make 2) on each server.  
Setup one set of NICs to be on the same network as the clients.  The other NIC is just for replication.  Give it a unique IP subnet just for the DAG.
Click on the DAG in EMC.  In the bottom pane you will see the DAG Networks.  You will see Replication Enabled for the different networks.  Only turn on replication on the unique subnetted NICs.

SERVER1              SERVER2              SERVER3    
LAN NIC              LAN NIC              LAN NIC
REP NIC    <<>>   REP NIC    <<>>   REP NIC

Word of advise, teaming replication nics is not recommended and unsupported. You can team the public mapi network but not the replication nics. If course you can use additional replication networks.

Ideally the replication network should be an isolated vlan using a seperate subnet, if possible use a seperate switch for replication traffic to prevent contention related failures and to mitigate against single points of failure.

Even node dags need an additional file share witness to maintain quorum, odd number dags don't need this for operation but a fsw is required In order to create a dag.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!


the instructions I got said to have a second nic for replication. I made a direct peer to peer conection and assigned them

So I should have replication disabled for the MAPI

and enabled for the other subnet?

Correct, replication disabled for MAPI and enabled for the replication only NICs.

Also Teaming as I recommended IS supported.

"Additional Replication networks can be added, as needed. You can also prevent an individual network adapter from being a single point of failure by using network adapter teaming or similar technology. However, even when using teaming, this does not prevent the network itself from being a single point of failure."

Taken from Technet article Planning for High Availability and Site Resilience found here:


I just tried to create the DAG the MBX2 joined succefully but MBX1 had the following error.

The operation failed CreateCluster errors may result from an incorrectly configured static IP address

Has anyone out there know why?

How many servers are you setting up in your DAG?  What other roles are you setting up on the same machines?


2 servers with Hub Mailbox and CAS

no other roles.
OK, then you have some special needs and setup requirements.  You will need to have a 3rd machine to add the File Share Witness on.  This can be added to any other server.  You can't use NLB with a DAG.  I recently did this exact setup.  Here are the steps I followed.

1. Install the Exchange 2010 prerequisites
•      .NET Framework 3.5 SP1
•      PowerShell v2.0
•      Microsoft Office System Converter Filter Pack
•      IIS
•      Set Net.Tcp Port Sharing Service to automatic
The PowerShell commands to perform the pre-req tasks are as per below:

Import-Module ServerManager

Add-WindowsFeature NET-Framework,RSAT-ADDS,Web-Server,Web-Basic-Auth,Web-Windows-Auth,Web-Metabase,Web-Net-Ext,Web-Lgcy-Mgmt-Console,WAS-Process-Model,RSAT-Web-Server,Web-ISAPI-Ext,Web-Digest-Auth,Web-Dyn-Compression,NET-HTTP-Activation,RPC-Over-HTTP-Proxy –Restart

Set-Service NetTcpPortSharing -StartupType Automatic

2. Install Exchange 2010 on x2 servers with the following roles.
•      Hub Transport
•      Client Access
•      Mailbox
•      Management tools (only 1 server if you wish)

3. Once Exchange is installed on both servers you’ll need to configure the following:
Organisation Configuration > Hub Transport > Accepted Domains – Add the domain(s) you own, i.e. mydomain.com and right click on the chosen domain to set as the default.
Organisation Configuration > Hub Transport > Email Address Policies – Set the email address domains including primary, for each mailbox.
Organisation Configuration > Hub Transport > Send Connectors – Set a send connection, type Internet, to allow mail to be sent from this org. Set the type as SMTP and address as * to allow all mail.
Organisation Configuration > Hub Transport > Send Connectors – Add both Exchange 2010 servers under the Source Server tab.
Server Configuration > Hub Transport > Receive Connectors (note: as this is under server config you’ll need to set up the following on both servers) – EITHER add the anonymous user (under permission groups) to the default connector OR create a new connector ‘Internet’ and add the anonymous user to this. If you do create a new connector you’ll need to alter the port on the default (or delete) to something other than 25 so this can be assigned to the new connector. The advantage with creating a new connector is that you can then alter the FQDN of the HELO field from your internal address (if you’re like me it’ll be on a .local/.internal etc) and you want it on your public domain, i.e. mail.mydomain.com.

4. Install Windows 2003 or 2008, 2008 R2 onto a member server as this will be used as the witness server. Add the Exchange Trusted Subsystem group to the local Administrators group on the member server.

If a DC will be the witness, add Exchange Trusted Subsystem to Enterprise Admins group.  Also edit the membership of Exchange Trusted Subsystem and add the DC machine account name as a member of the group.

5. Open Organisation Configuration > Mailbox > Database Availability Groups – right click > New Database Availability Group.
•      Enter a name for the DAG
•      Check the Witness Server check box and enter the FQDN of the member server created in step 4.
•      The default witness directory will be created on the member server at: C:\DAGFileShareWitnessesDAG FQDN – check the witness directory check box if you wish to alter this.
n.b after the DAG is created it’ll attempt to contact a DHCP server. If you don’t have a DHCP server on your network you’ll have to manually assign an IP via the Exchange Management Shell (as per below:
Set-DatabaseAvailabilityGroup -identity “DAG” -DatabaseAvailabilityGroupIpAddress IP
(replacing “DAG” with your DAG name and “IP” with the ip address to be assigned to the DAG)
The DAG will also create an object under the Computers container in AD (assuming you haven’t altered the location of new objects) and also a new DNS A record.

6. Once the DAG is created you’ll need to add the Exchange member servers to it. This can be achieved by right-clicking on the DAG and selecting Manage Database Availability Group Membership. Add your Exchange 2010 servers as required.

7. Open Organisation Configuration > Mailbox >Database Management – Select the databases that will be handled by the DAG – right click > Add Mailbox Database Copy.

8. You’ll now need to create a Client Access Server Array. I created a new DNS record for this that distinguished that it was the CAS array element. This DNS record should point to the DAG IP address.
The array can be created via the Exchange Management Shell using the following command:
New-ClientAccessArray –Fqdn “cas.mydomain.local” –Site “Default-First-Site-Name”
You can then use the following command to make sure that the CAS Array has been configured correctly.
n.b this only has to be performed on one Exchange 2010 server.

9. The final step is to add all mailboxes to the new CAS array. This can be done by using the command below:
Get-MailboxDatabase | Set-MailboxDatabase -RpcClientAccessServer “cas.mydomain.local”
To check the mailboxes are using the correct RPCClientAccessServer (i.e. The Cas Array) you can use the command:
Get-MailboxDatabase |fl Identity, RpcClientAccessServer

10. Finally you’ll need to point Outlook to the new CAS Array DNS name (as previously created).

Also, please note that you should get some kind of hardware load balancers to balance out the CAS Array.  We used Kemp Loadmaster 2000's which were very easy to setup and not very expensive.


I have a do have a witness server only runing HUB transport, and it found it when I created the DAG, but when I add tried to add the 2 mailbox servers to the DAG  MBX1 and MBX2 only MBX2 is added sucessfully, and MBX2 is mounted to the on premise server MBX1
MBX1 gets the error that CreateCuster errors may result from incorectly configured static IP

also I noticed that there was a warning the failover clustering computer account is not online and to check that the IP address configuration fro the database availability group is correct.

Temporarily disable your replication NICs in Windows and see if it works then.

You have to do a witness server for the DAG because you only have 2 servers.  If you have 3 servers in the DAG you don't need a witness.  The steps I provided should setup everything for you.


Ok I think I found something both MBX1 and MBX2 can not resolve to the DAGs IP address. How can I put a static IP on the DAG account?


My DAG is not on a subnet with DHCP. So if My DAGs name is "testdag" What would the commands be to assign an IP through power shell?

Or could I assighn it a static through clustering management?

I am worried for you that you are not referring to the instructions I provided.  From step 4 above:

Set-DatabaseAvailabilityGroup -identity “TESTDAG” -DatabaseAvailabilityGroupIpAddress

You didn't say what IP so I just made one up.


Yes I followe your instructions and it worked thanks!! Everything is looking good except I am not sure exactly how this works. MBX2 has a copy of MBX2 mailbox and it mounted to MBX1s database. The preference is set to 1 on both.

So all email on MBX1 is replicated to MBX2 database. If MBX1 goes down MBX2 takes over.

Is that the whole Idea ?

Yes, the idea of the DAG is that both servers have all the same data and if one server goes down the other takes over.  

If you divide your data up into multiple information stores, for example let's say 4 stores.  Then you could set 2 databases per server to be active to increase performance by limiting the load on each server.  So in addition to being redundant, you are also distributing work load during normal operation.  If a DAG member goes down then the other server will bring those database online.  When the other server comes back online then you manually need to verify that the databases are in sync and then you can set the database to be active on the other server again.

Sounds like you are in good shape now, please don't forget to mark the accepted solution.



Thanks!! Is there a way that I can be notified when the DAG is broken?

Take a look at this reference for how to monitor your DAG.  Note you could also use SCOM for more proactive notification.


Another reference, this one from Microsoft:  http://technet.microsoft.com/en-us/library/dd351258.aspx

You could schedule the scripts in the above technet article to run and send the results to yourself in an email.  PowerShell Send Email- http://technet.microsoft.com/en-us/library/dd347693.aspx

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial