Exchange 2010 Toplogy

Hi Experts. I would like some advise on our current exchange 2010 topology and the best fit for us moving forward.

We are a relatively small company support 150 users, mostly in one location. We have a main site and a disaster recovery site and are currently running the following:-

Main Site:-

2 x physical CAS servers
2 x virtual DAG servers

DR Site:-

1 x virtual CAS server
2 x virtual DAG servers

We would like if possible to collapse our roles and consolidate some of these servers along with virtualizng our CAS servers. My understanding is that to support load balancing on the CAS servers in a virtual environment we would need a physical hardware load balancer?

Ideally we would like to probably run 2 servers here each having all roles and one in our DR site. Is this configuration supported or a rational approach?

The other variable is we run Veeam Backup & Replication and can replicate our Exchange across to the DR site and failover there if necessary. Do we need to run another server in DR if we have that failover option?

Thanks in advance!
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

As you are using DAG so it will give you very High Avalability but also for CAS load balancing you can use windows Network load balancer that will work fine no need for hardware load balancer.
smcauleyAuthor Commented:
Thanks Ash,

I thought I read somewhere that what you suggested wasn't supported by Microsoft in virtual environments?
jbvernejTechnical Support EngineerCommented:

Could you please give more details of :
- your virtulization provider (vmware, hyperv, xen,...)
- how many DAG do you plan :
         1 stretched DAG (with 4 members) across your HQ and PRA sites
         or 2 DAGs (with 2 members on each site)

Some configuration of NLB and virtualization are supported, but usually the support of NLB relies more on the virtualisation provider than Microsoft. For example, vmware supports NLB in "Multicast mode" only, for Exchange CAS
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

gsmartinManager of ITCommented:
I am running a (4) Exchange 2010 DAG server configuartion behind a Hardware based load balancer (Citrix NetScaler) divided between two sites (DC/DR).  One of the three servers is configured as a LAG copy.  All servers are virtualized (VMware 4.x - upgrading to 5.x soon) in a boot from SAN configuration using RDMs for their data drives.  The File Share Witness is located at the primary site where the bulk of the users reside.  All Exchange roles are collapsed and equal on each server.  We have about 250 users and about 350 mailboxes.

Fyi... A three server DAG configuration won't automatically failover to the DR site.  This is why we choose the four server configuration.  Also, I prefer a hardware Load Balancer that is independent of your virtual infrastructure.  Also, according to Microsoft this is considered a backup-less Exchange configuration therefore you wouldn't require backups using Veeam or any other backup software.  However, you can use it as an extra measure in case of Database corruptions.  In our case, we are going to leverage CommVault for email backup/recovery, archive, and e-Discovery.  At the SAN level the backup data will be replicated.  This is pretty much overkill, but we will be doing it for extra measure.
gsmartinManager of ITCommented:
Additional notes, we are moving from a 2 cluster VMware environment (DC/DR) to a 4 ESX Cluster server split between sites with 1 Exchange 2010 DAG in each ESX cluster.  This configuration will be used from an HA perspective to spread out the risk.  This is required for our environment since our primary clusters are using HP C7000 chassis w/ BL490s (can be a single point of failure) and secondary clusters will be independent HP DL380 servers.
smcauleyAuthor Commented:
Thanks for the comments guys. To clarify our setup we are running on the following:-

Main Site:-

3 x HP DL380 G7 ESXi hosts running vSphere 5 Enterprise Plus (HA, DRS enabled)
2 x StorageWorks 8/8 FC switches
1 x HP MSA 2000 G3 FC

DR Site:-

1 x HP DL380 G5 running vSphere 4 Standard (soon to be upgraded)
1 x HP MSA 2312i iscsi

Exchange config is 1 x stretched DAG with 4 members between the sites. FSW is at the primary site.

@gsmartin. Setup sounds close to what we have or are looking at albeit you are supporting a lot more users. I just wonder if what we are doing is overkill for our size. Perhaps not though and our best option is a hardware load balancer with 4 Exchange Servers (2 per side) with fully collapsed roles?
gsmartinManager of ITCommented:
Typically, you'd say it's even overkill for my company size, but what's more important to the Business is to ensure mail is always available.  Email these days is one of the most critical services for businesses.  Therefore, given it's critical nature you either host it internally with a DAG configuration or outsource it to Microsoft Online Hosted services; which we are only using for Anti-virus and Anti-Spam filtering.  This is much better than hosting it internally because you can't match the same level of protection hosted internally.

How many information stors (exchange databases) are you using?  We have ours broken down into 4 databases and are thinking of dividing it even further.  We had experience a couple database corruptions that we succesfully recovered from, but are planning thin the databases out further to minimize the impact in case of future events.  The main databases are divided between the two primary servers at our DC.
smcauleyAuthor Commented:
We are running 3 DBS in total, one for standard users, 1 for execs and an online archive for all users. Email is the most critical component of our business so it needs to be HA 24/7. Just hoped we could do it with less servers and still have that redundancy! Maybe the best we can hope for is the collapsed CAS roles with a H/W load balancer and 4 servers.
gsmartinManager of ITCommented:
Agreed.  All four of my servers have equal roles CAS, HUB, Mailboxes, UM (will add role soon), and EDGE.  My original configuration was 2 CAS/HUB/EDGE and 3 MAILBOX servers divided accross both sites until I learned about the DAG configuration.  I first considered the 3 server DAG, but didn't like the manual failover aspect.  

FYI...  One caveat to having your FSW at the your Primary site is if the site goes down the failover site (DR) won't be able to go online.  Personally, I am looking at implementing a DFSR solution to this issue.
smcauleyAuthor Commented:
Yes, we do use replication as the moment to copy the FSW to the DR site.

One other question in regards to what you said about backups not being necessary in your current setup (although I know you do). How would logs ever get truncated without a backup?

gsmartinManager of ITCommented:
By using circular logging.  We also have one DAG server with a 14-day Lagged copies for all mailbox databases.

"Go backup-less with +3 DB copies
When having 3 or more copies of a mailbox database, it is programmed to backup-less. This means that you basically enable circular logging on all mailbox databases protected by DAG, and no longer perform backups as we know them. This thinking of course requires enterprise organizations to change their mindset in regards to how they think mailbox databases should be protected."


We don't rely on this a 100% eventhough we could according to Microsoft.  But, what happens if a database corruption gets replicated?  Been there!  So, we also leverage our SAN's Continuous Replay technology (SAN Snapshots - every 15 Minutes) that works in conjunction with VSS at the OS level, for an extra level of protection.

We are also planning to leverage CommVault that has a VSS snap component and the ability to drill down into mailbox to recover email plus an Achive and E-Discovery solution.

We are going to with both our SAN vendor and CommVault to remove any redundancies.  We are wirking on this portion over the next couple of months.

On a another note if you have basic backup needs only then Appasure has a good product for Exchange snapshot VSS based backups/recovery with very simple tool for drilling down and recovering mailboxes and individual emails.  We check this out last week, but is limited no Archiving or E-Dicovery capabilities.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
smcauleyAuthor Commented:
Thanks for all your comments gsmartin. We will collapse the CAS roles which will drop 3 servers for us and go with the hardware load balancer with 4 Exchange DAG servers.

Interesting stuff about the circular logging, not sure I'm brave enough to recommend that path though!
gsmartinManager of ITCommented:
I wasn't sure about circular logging as well, but our PS vendor also recommended it.  

One direction I am changing since my last post is with Archiving and E-Discovery (CommVault term); I have decided to leverage Exchange 2010 capabilities vs CommVault this will cut back on our CommVault licensing, and lose de-dup capabilities.  However, we be to leverage de-dup in the near future with our SAN.  We will most likely only use CommVault for backup and recovery as a fail-safe; still deciding this.  This should be okay assuming our SAN and CommVault can play harmonious with each-other, which they having a good partnership and I expect it won't be an issue given previous conversations with our vendor.

Good luck with your project!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Hardware

From novice to tech pro — start learning today.