Link to home
Start Free TrialLog in
Avatar of ASITech
ASITechFlag for United States of America

asked on

Exchange 2010 HA design

I am looking for suggestions and input with the following Exchange 2010 HA Design.

Our setup:
Edge/Hub servers are VM’s running Exchange 2010 Standard SP2 on Windows 2008 R2 Standard
CAS/MB servers are physical servers running Exchange 2010 Standard SP2 on Windows 2008 R2 Enterprise
Hardware Load Balancers handle our outside balancing to the active CAS/MB server

Datacenter 1: (DC1)
1 Edge Server
1 Hub Server
1 CAS/MB Server
Hardware Loadbalancer

Datacenter 2: (DC2)
1 Edge Server
1 Hub Server
1 CAS/MB Server
Hardware Loadbalancer

DC 1 & 2 have a dedicated point to point link for replication of the DAG. I should also mention that none of our users are in either datacenter.

Office 1:
Has a Site 2 Site VPN with both DC1 and DC2 but has no exchange servers.

Existing setup:
•      We use DC1 as our primary site and failover to DC2 when we do maintenance on DC1. We placed the witness server at DC1 since that is where the active server would be most of the time.
•      We do not have a cas array, as you can’t create an array that spans multiple sites, as far as I know.
•      Users access email via Outlook anywhere which is handled by our hardware loadbalancers and webmail if Outlook is unavailable.
•      We use DAC mode to prevent split brain issues

 Issues with this setup:
•      Because we do not have an array, we point our rpc clients to Server1 in DC 1 because it is hosted there 99.9% of the time.
•      We are ok with only having webmail access during our maintenance periods, however it would be nice to have full functionality during our maintenance.
•      If we are running at Datacenter 2, during datacenter 1 maintenance, we experience a total outage if our point 2 point, DC1 firewall/switch or both Datacenter 1 sever and witness servers go down. This is obviously because Server2 loses quorum.

Questions regarding HA:
•      Can the RPC server you specify for a database be a cname to another server? (Ex: Cas.domain.local points to either server1 or server2 depending on which is active)
•      Am I correct in the assumption that you can’t do a CAS array that spans multiple sites?
•      What will happen if I lose my p2p and both servers can still communicate with the witness server? Will DAC save me in this solution and not activate both servers?
•      If the witness server is down, and the 2 DAG servers can still communicate, will there be any issues?

Possible changes to fix existing issues:
•      Move witness server to Office 1 so both CAS/MB Servers will be able to communicate to the witness server in case any of the outages occur.
•      Possibly change our rpc server name from Server1 to CAS.domain.local so that we can point it to the CAS/MB server that is hosting the databases.


Any suggestions or comments would be much appreciated.
Avatar of Amit
Amit
Flag of India image

I want you to read this first:
http://www.tino.nl/index.php/2010/06/11/answers-to-the-10-most-common-questions-on-the-exchange-cas-array/

Current design is okay, however you seems to be worried about High Availability for Non-Mailbox Server Roles. Am i right?
Avatar of ASITech

ASKER

Yes because what good is a mailbox server if you can't access it. It just seems to me that there has to be ways to improve it to get rid of our issues.

I know I can setup separate arrays per site but then whenever we failover, our customers have to change where they point for their outlook anywhere to work, correct?

What about the possible changes? Should we move our witness server to another location, or will that cause us bigger issues down the road?

Thanks again.
Yes because what good is a mailbox server if you can't access it - Agree :)

I know I can setup separate arrays per site but then whenever we failover, our customers have to change where they point for their outlook anywhere to work, correct? - How is the CAS setup ?

Should we move our witness server to another location, or will that cause us bigger issues down the road? - What exactly are you looking for.

- Rancy
It is always advisable to keep witness server at 3rd location.
Avatar of ASITech

ASKER

We have CAS setup on both MB servers however, without the array we still have the rpcclients pointing to our main server (Server1) on our outlook clients. So if we are running on Server2 during Server1 maintenance, we have issues with outlook anywhere clients because of the Server1 name being in their setup. Webmail works great because it does not use the RPC name that is required for Outlook Anywhere.

A thought was to use a cname, that we move based on which CAS/MB server is active. So when Server1 is active, cas.domain.local will point to server1 and when server2 is active it will point to server2. I just wasn't sure if this would work with Outlook anywhere.

The idea for the witness server being moved is so that Exchange will continue to run, if we lose an entire datacenter. With the witness server at DC1, we have no exchange if that dc goes down. I just wasn't sure if that might cause other issues if both CAS/MB servers could communicate to the witness but not each other. I'm assuming we will be covered by DAC.
Avatar of ASITech

ASKER

For what we are trying to do, this seems like it may be our best option to handle our HA. Comments/Concerns are very welcome.

Change the RPC server for our main DB from Server1.domain.local to CAS.domain.local
Create an internal dns entry for cas.domain.local that points to Server1.domain.local
Change the cas.domain.local entry if we move the CAS/MB to Server2

Move our witness from DC1 to Office1 so it can communicate to both MB/CAS servers during normal operation or it can communicate to either if one of the Datacenters goes offline.

This should allow us full datacenter failover with very little manual interventions, especially not having to touch a single users Outlook setup.

Thoughts on this setup?
ASKER CERTIFIED SOLUTION
Avatar of Manpreet SIngh Khatra
Manpreet SIngh Khatra
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial