Designing a resilient Exchange 2010 system

Posted on 2013-01-14
Last Modified: 2013-01-24
I am in the process of designing an email system capable of providing uninterrupted access to email in case of hardware failure or data corruption on one of two sites where Exchange will be deployed.
So far I have planned 2 scenarios

Scenario 1

Site A:
2 CAS servers
1 Witness server for CAS
2 Mailbox servers DB-A-Active, DB-A-Passive & DB-B-Recovery (2 DBs on 1 server)
Site B:
2 CAS servers
2 Mailbox servers: DB-B-Active, DB-B-Passive & DB-A-Recovery (2 DBs on 1 server)
1 Witness serer for DAG
Questions: Can I create 2 DAG groups as follow:
DAG1: DB-A-Active, DB-A-Passive, DB-A-Recovery
DAG2: DB-B-Active, DB-Passive, DB-B-Recovery

Scenario 2

Site A:
3 CAS servers
3 Mailbox servers MB-A-1, MB-A,2, MB-A-3
Databases: DB-A-Active, DB-A-Passive, DB-B-Recovery
DAG members: DB-A-Active, DB-A-Passive, DB-A-Recovery
Site B:
3 CAS servers
3 Mailbox servers MB-B-1, MB-B,2, MB-B-3
Databases: DB-B-Active, DB-B-Passive, DB-A-Recovery
DAG members: DB-B-Active, DB-B-Passive, DB-B-Recovery

What I am not clear is the number of servers on each site, all examples I found on technet and other sites mention 2, 4, 8 servers  for CAS and DAG, I did not find any references to 3 servers.  Some documents state that for an array of 2 CAS servers I need to have either a witness or another CAS server. That prompted me to set up 3 CAS servers at each site, having 2 members at site A, and 1 member at site B.
Just to confirm I need an enterprise level server license to create DAGs and perhaps CAS. Another question is related to DNS, let’s assume both sites are named and How would computers accessing mailboxes at site A automatically redirected to site B in case of any problems at site A? Would it happen automatically or rather manual redirection is preferred.
Appreciate any suggestions.
Question by:Coffinated
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 500 total points
ID: 38774959
You do not need Enterprise version of Exchange for anything, and don't need Enterprise edition of Windows for the CAS/Hub role. You only need it for The mailbox role.
However if you are putting the CAS roles on the same physical machines (via VMs) then you can use Enterprise edition of Windows if you wish.

Personally i wouldn't bother with seperate CAS role holders. Have all roles on the same server and then use load balancers.

Don't try and do Active/Active over two sites as that will be unpredicible. If you want data on both sites, with live users in both sites, then have four servers at a minumum, Active and Passive in each site. Again use load balancers.

When it comes to cross site failure, manual activate is preferred. DAG only protects the data, it doesn't protect the client access. Therefore you will need some mechanism to move the client connectivity across - load balancers would be the answer here.


Author Comment

ID: 38775068

I was planning on virtualizing all servers and putting CAS-1, MBX-1 on the save VM. Live users will be on both sites, both having identical set up, Site A: Active, Passive and the Recovery DB on site B.

Is there a requirement when it comes to even/odd number of servers at each site or over all? All examples I found so far had either 2, 4, 8, 16 servers. When 2 CAS servers are deployed they require a witness server or another CAS member. Would you recommend one over another? I am leaning towards 3 CAS members as it provides desired functionality and provides additional CAS member.

As far as load balancers, how reliable are they? This would be a single point of failure for each site, should I have faith in them or deploy 2 at each site? Can you recommend any brand/models?

Thank you
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38775103
Seperating the CAS role out is no longer best practise. Most locations are now putting all roles on the same server. It makes life a lot easier. Why are you insistent on having seperate CAS?
Without knowing about number of users, load etc it is impossible to say whether the design is good or not. However the most common design I am seeing now is to have six servers, three in each location. These could be on two physical machines.
Active/Active/Passive in each location, with two copies locally and one copy remote.
All roles on all servers, RPC CAS Array in both.
You would need to have load balancers in both sites - the most common one suggested is Kemp, I am currently playing with the open source Zen Load Balancer - which has clustering and as it is open source you can have as many as you like.

If you have even numbers in a DAG then you need a witness. This can be anything - another Exchange server is preferable, but a member server will do the job. I am doing a lot of implementions where database servers are used.


Author Comment

ID: 38776645

There will be anywhere from 500-1000 users per site. I can create 3 EX'10 servers per site all having all roles installed. Would it be a secure set up against server penetration?
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38782602
Number of servers and the role they have has NOTHING to do with server security. If you are concerned about server security then you will have to put something in front of Exchange to publish it to the internet.

Two servers in active/active per location with a passive in a second location would most likely be fine for that number of users, although do run it through the Microsoft tools to see what they actually say. For example 1000 users with 25mb of email would be fine on a single mailbox. 500 users who send 1000 emails a day would not!


Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question