We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
4 days, left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Exchange 2010 Multiple NICS in CAS and HUB Servers
Posted on 2012-12-22
We are setting up a new Exchange 2010 environment. We will have individual servers for each role. 2 CAS Servers, 2 HUBS, 3x Mailbox.
The CAS server will be front-ended with a HW LB, so we will not be using NLB. We will set the CAS in a CAS Array.
We are considering putting two NICS in the CAS and HUB servers. I'll call them the "Front End" and "Back End" NICs.
For the CAS servers one which will be facing towards the HW LBs (Front End) and ultimately the Internet to handle Internet based Client Access, which will be the only Client Access we will have for OutLook Anywhere and OWA, etc. The other NIC will be for the Back End MAPI network connecting to the mailbox and hub servers, etc. For the HUBs one will face the Internet for SMTP in/out and the other the MAPI network.
I have a few things I am trying to figure out with this approach.
1. Is it necessary and/or best practice to have two NICS in the CAS and/or HUB servers?
2. The "Internet Facing" NICS will have the gateway set to the FW/LB while the "backend" NIC will have no gateway, seeing as all the other Exchange servers are on the same subnet. That should be fine for now, but what if we put Exchange servers in another Data Center and need to and split a DAG across, and perhaps want to provide CAS and HUB servers from the secondary data center if the primary fails. Do we have to make sure that the CAS and HUB servers communicate via the MAPI nework rather than going out the "front-end"?
3. Finally, on the FW/LB facing NICS, should they be registered in AD DNS. I suspect note because we want all the MAPI traffic hitting the "backend" NICs.
The CAS server will be front-ended with a HW LB, so we will not be using NLB. We will set the CAS in a CAS Array.
We are considering putting two NICS in the CAS and HUB servers. I'll call them the "Front End" and "Back End" NICs.
For the CAS servers one which will be facing towards the HW LBs (Front End) and ultimately the Internet to handle Internet based Client Access, which will be the only Client Access we will have for OutLook Anywhere and OWA, etc. The other NIC will be for the Back End MAPI network connecting to the mailbox and hub servers, etc. For the HUBs one will face the Internet for SMTP in/out and the other the MAPI network.
I have a few things I am trying to figure out with this approach.
1. Is it necessary and/or best practice to have two NICS in the CAS and/or HUB servers?
2. The "Internet Facing" NICS will have the gateway set to the FW/LB while the "backend" NIC will have no gateway, seeing as all the other Exchange servers are on the same subnet. That should be fine for now, but what if we put Exchange servers in another Data Center and need to and split a DAG across, and perhaps want to provide CAS and HUB servers from the secondary data center if the primary fails. Do we have to make sure that the CAS and HUB servers communicate via the MAPI nework rather than going out the "front-end"?
3. Finally, on the FW/LB facing NICS, should they be registered in AD DNS. I suspect note because we want all the MAPI traffic hitting the "backend" NICs.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Active 1 day ago
No, it isn't best practise to have multiple NICs in this scenario and I don't see any benefit in doing so. The only server that multiple NICs are recommended is the mailbox servers, so that the MAPI traffic can be seperated from the DAG traffic.
Dual homing Exchange causes nothing but problems, so I would put in a single NIC only. I don't think I would even consider anything else and I don't remember it being in any of the design documentation from Microsoft, so might not even be a supported scenario!
Simon.
Dual homing Exchange causes nothing but problems, so I would put in a single NIC only. I don't think I would even consider anything else and I don't remember it being in any of the design documentation from Microsoft, so might not even be a supported scenario!
Simon.
Unless its a very large system, say for more than 10k users, or it generates a very large amount of mail, I can't see the logic in separating the HT and CAS roles.
I wouldn't expose the CAS servers directly to the Internet. I would always do this via TMG but sadly you can no longer buy TMG licences, you have to now buy UAG which also requires CALs.
I wouldn't expose the CAS servers directly to the Internet. I would always do this via TMG but sadly you can no longer buy TMG licences, you have to now buy UAG which also requires CALs.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| Exchange 2016 Self Signed Certs | 2 | 43 | |
| how to create DL in exchange 2010 and add outside users to the DL? | 3 | 40 | |
| how do i stop exchange 2010 sending attachments as winmail.dat | 3 | 34 | |
| Exchange 2010 to Exchange 2016 - VERY slow Mailbox Move | 4 | 111 |
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Servers >> Data…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month4 days, left to enroll
751 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.