Solved

Exchange 2010 Toplogy

Posted on 2012-04-09
13
533 Views
Last Modified: 2012-04-16
Hi Experts. I would like some advise on our current exchange 2010 topology and the best fit for us moving forward.

We are a relatively small company support 150 users, mostly in one location. We have a main site and a disaster recovery site and are currently running the following:-

Main Site:-

2 x physical CAS servers
2 x virtual DAG servers

DR Site:-

1 x virtual CAS server
2 x virtual DAG servers

We would like if possible to collapse our roles and consolidate some of these servers along with virtualizng our CAS servers. My understanding is that to support load balancing on the CAS servers in a virtual environment we would need a physical hardware load balancer?

Ideally we would like to probably run 2 servers here each having all roles and one in our DR site. Is this configuration supported or a rational approach?

The other variable is we run Veeam Backup & Replication and can replicate our Exchange across to the DR site and failover there if necessary. Do we need to run another server in DR if we have that failover option?

Thanks in advance!
0
Comment
Question by:smcauley
13 Comments
 
LVL 9

Expert Comment

by:ash007
Comment Utility
As you are using DAG so it will give you very High Avalability but also for CAS load balancing you can use windows Network load balancer that will work fine no need for hardware load balancer.
0
 

Author Comment

by:smcauley
Comment Utility
Thanks Ash,

I thought I read somewhere that what you suggested wasn't supported by Microsoft in virtual environments?
0
 
LVL 8

Expert Comment

by:jbvernej
Comment Utility
Hello,

Could you please give more details of :
- your virtulization provider (vmware, hyperv, xen,...)
- how many DAG do you plan :
         1 stretched DAG (with 4 members) across your HQ and PRA sites
         or 2 DAGs (with 2 members on each site)

Some configuration of NLB and virtualization are supported, but usually the support of NLB relies more on the virtualisation provider than Microsoft. For example, vmware supports NLB in "Multicast mode" only, for Exchange CAS
0
 
LVL 8

Expert Comment

by:gsmartin
Comment Utility
I am running a (4) Exchange 2010 DAG server configuartion behind a Hardware based load balancer (Citrix NetScaler) divided between two sites (DC/DR).  One of the three servers is configured as a LAG copy.  All servers are virtualized (VMware 4.x - upgrading to 5.x soon) in a boot from SAN configuration using RDMs for their data drives.  The File Share Witness is located at the primary site where the bulk of the users reside.  All Exchange roles are collapsed and equal on each server.  We have about 250 users and about 350 mailboxes.

Fyi... A three server DAG configuration won't automatically failover to the DR site.  This is why we choose the four server configuration.  Also, I prefer a hardware Load Balancer that is independent of your virtual infrastructure.  Also, according to Microsoft this is considered a backup-less Exchange configuration therefore you wouldn't require backups using Veeam or any other backup software.  However, you can use it as an extra measure in case of Database corruptions.  In our case, we are going to leverage CommVault for email backup/recovery, archive, and e-Discovery.  At the SAN level the backup data will be replicated.  This is pretty much overkill, but we will be doing it for extra measure.
0
 
LVL 8

Expert Comment

by:gsmartin
Comment Utility
Additional notes, we are moving from a 2 cluster VMware environment (DC/DR) to a 4 ESX Cluster server split between sites with 1 Exchange 2010 DAG in each ESX cluster.  This configuration will be used from an HA perspective to spread out the risk.  This is required for our environment since our primary clusters are using HP C7000 chassis w/ BL490s (can be a single point of failure) and secondary clusters will be independent HP DL380 servers.
0
 

Author Comment

by:smcauley
Comment Utility
Thanks for the comments guys. To clarify our setup we are running on the following:-

Main Site:-

3 x HP DL380 G7 ESXi hosts running vSphere 5 Enterprise Plus (HA, DRS enabled)
2 x StorageWorks 8/8 FC switches
1 x HP MSA 2000 G3 FC

DR Site:-

1 x HP DL380 G5 running vSphere 4 Standard (soon to be upgraded)
1 x HP MSA 2312i iscsi

Exchange config is 1 x stretched DAG with 4 members between the sites. FSW is at the primary site.

@gsmartin. Setup sounds close to what we have or are looking at albeit you are supporting a lot more users. I just wonder if what we are doing is overkill for our size. Perhaps not though and our best option is a hardware load balancer with 4 Exchange Servers (2 per side) with fully collapsed roles?
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 8

Expert Comment

by:gsmartin
Comment Utility
Typically, you'd say it's even overkill for my company size, but what's more important to the Business is to ensure mail is always available.  Email these days is one of the most critical services for businesses.  Therefore, given it's critical nature you either host it internally with a DAG configuration or outsource it to Microsoft Online Hosted services; which we are only using for Anti-virus and Anti-Spam filtering.  This is much better than hosting it internally because you can't match the same level of protection hosted internally.

How many information stors (exchange databases) are you using?  We have ours broken down into 4 databases and are thinking of dividing it even further.  We had experience a couple database corruptions that we succesfully recovered from, but are planning thin the databases out further to minimize the impact in case of future events.  The main databases are divided between the two primary servers at our DC.
0
 

Author Comment

by:smcauley
Comment Utility
We are running 3 DBS in total, one for standard users, 1 for execs and an online archive for all users. Email is the most critical component of our business so it needs to be HA 24/7. Just hoped we could do it with less servers and still have that redundancy! Maybe the best we can hope for is the collapsed CAS roles with a H/W load balancer and 4 servers.
0
 
LVL 8

Expert Comment

by:gsmartin
Comment Utility
Agreed.  All four of my servers have equal roles CAS, HUB, Mailboxes, UM (will add role soon), and EDGE.  My original configuration was 2 CAS/HUB/EDGE and 3 MAILBOX servers divided accross both sites until I learned about the DAG configuration.  I first considered the 3 server DAG, but didn't like the manual failover aspect.  

FYI...  One caveat to having your FSW at the your Primary site is if the site goes down the failover site (DR) won't be able to go online.  Personally, I am looking at implementing a DFSR solution to this issue.
0
 

Author Comment

by:smcauley
Comment Utility
Yes, we do use replication as the moment to copy the FSW to the DR site.

One other question in regards to what you said about backups not being necessary in your current setup (although I know you do). How would logs ever get truncated without a backup?

Thanks.
0
 
LVL 8

Accepted Solution

by:
gsmartin earned 500 total points
Comment Utility
By using circular logging.  We also have one DAG server with a 14-day Lagged copies for all mailbox databases.


"Go backup-less with +3 DB copies
When having 3 or more copies of a mailbox database, it is programmed to backup-less. This means that you basically enable circular logging on all mailbox databases protected by DAG, and no longer perform backups as we know them. This thinking of course requires enterprise organizations to change their mindset in regards to how they think mailbox databases should be protected."

Article:
http://www.msexchange.org/articles_tutorials/exchange-server-2010/high-availability-recovery/uncovering-exchange-2010-database-availability-groups-dags-part1.html


We don't rely on this a 100% eventhough we could according to Microsoft.  But, what happens if a database corruption gets replicated?  Been there!  So, we also leverage our SAN's Continuous Replay technology (SAN Snapshots - every 15 Minutes) that works in conjunction with VSS at the OS level, for an extra level of protection.

We are also planning to leverage CommVault that has a VSS snap component and the ability to drill down into mailbox to recover email plus an Achive and E-Discovery solution.

We are going to with both our SAN vendor and CommVault to remove any redundancies.  We are wirking on this portion over the next couple of months.

On a another note if you have basic backup needs only then Appasure has a good product for Exchange snapshot VSS based backups/recovery with very simple tool for drilling down and recovering mailboxes and individual emails.  We check this out last week, but is limited no Archiving or E-Dicovery capabilities.
0
 

Author Comment

by:smcauley
Comment Utility
Thanks for all your comments gsmartin. We will collapse the CAS roles which will drop 3 servers for us and go with the hardware load balancer with 4 Exchange DAG servers.

Interesting stuff about the circular logging, not sure I'm brave enough to recommend that path though!
0
 
LVL 8

Expert Comment

by:gsmartin
Comment Utility
I wasn't sure about circular logging as well, but our PS vendor also recommended it.  

One direction I am changing since my last post is with Archiving and E-Discovery (CommVault term); I have decided to leverage Exchange 2010 capabilities vs CommVault this will cut back on our CommVault licensing, and lose de-dup capabilities.  However, we be to leverage de-dup in the near future with our SAN.  We will most likely only use CommVault for backup and recovery as a fail-safe; still deciding this.  This should be okay assuming our SAN and CommVault can play harmonious with each-other, which they having a good partnership and I expect it won't be an issue given previous conversations with our vendor.

Good luck with your project!
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
how to add IIS SMTP to handle application/Scanner relays into office 365.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now