Solved

Designing a resilient Exchange 2010 system

Posted on 2013-01-14
5
350 Views
Last Modified: 2013-01-24
I am in the process of designing an email system capable of providing uninterrupted access to email in case of hardware failure or data corruption on one of two sites where Exchange will be deployed.
So far I have planned 2 scenarios

Scenario 1

Site A:
2 CAS servers
1 Witness server for CAS
2 Mailbox servers DB-A-Active, DB-A-Passive & DB-B-Recovery (2 DBs on 1 server)
Site B:
2 CAS servers
2 Mailbox servers: DB-B-Active, DB-B-Passive & DB-A-Recovery (2 DBs on 1 server)
1 Witness serer for DAG
Questions: Can I create 2 DAG groups as follow:
DAG1: DB-A-Active, DB-A-Passive, DB-A-Recovery
DAG2: DB-B-Active, DB-Passive, DB-B-Recovery


Scenario 2

Site A:
3 CAS servers
3 Mailbox servers MB-A-1, MB-A,2, MB-A-3
Databases: DB-A-Active, DB-A-Passive, DB-B-Recovery
DAG members: DB-A-Active, DB-A-Passive, DB-A-Recovery
Site B:
3 CAS servers
3 Mailbox servers MB-B-1, MB-B,2, MB-B-3
Databases: DB-B-Active, DB-B-Passive, DB-A-Recovery
DAG members: DB-B-Active, DB-B-Passive, DB-B-Recovery

What I am not clear is the number of servers on each site, all examples I found on technet and other sites mention 2, 4, 8 servers  for CAS and DAG, I did not find any references to 3 servers.  Some documents state that for an array of 2 CAS servers I need to have either a witness or another CAS server. That prompted me to set up 3 CAS servers at each site, having 2 members at site A, and 1 member at site B.
Just to confirm I need an enterprise level server license to create DAGs and perhaps CAS. Another question is related to DNS, let’s assume both sites are named owaA.example.com and owaB.example.com. How would computers accessing mailboxes at site A automatically redirected to site B in case of any problems at site A? Would it happen automatically or rather manual redirection is preferred.
Appreciate any suggestions.
0
Comment
Question by:Coffinated
  • 3
  • 2
5 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 38774959
You do not need Enterprise version of Exchange for anything, and don't need Enterprise edition of Windows for the CAS/Hub role. You only need it for The mailbox role.
However if you are putting the CAS roles on the same physical machines (via VMs) then you can use Enterprise edition of Windows if you wish.

Personally i wouldn't bother with seperate CAS role holders. Have all roles on the same server and then use load balancers.

Don't try and do Active/Active over two sites as that will be unpredicible. If you want data on both sites, with live users in both sites, then have four servers at a minumum, Active and Passive in each site. Again use load balancers.

When it comes to cross site failure, manual activate is preferred. DAG only protects the data, it doesn't protect the client access. Therefore you will need some mechanism to move the client connectivity across - load balancers would be the answer here.

Simon.
0
 
LVL 5

Author Comment

by:Coffinated
ID: 38775068
Simon,

I was planning on virtualizing all servers and putting CAS-1, MBX-1 on the save VM. Live users will be on both sites, both having identical set up, Site A: Active, Passive and the Recovery DB on site B.

Is there a requirement when it comes to even/odd number of servers at each site or over all? All examples I found so far had either 2, 4, 8, 16 servers. When 2 CAS servers are deployed they require a witness server or another CAS member. Would you recommend one over another? I am leaning towards 3 CAS members as it provides desired functionality and provides additional CAS member.

As far as load balancers, how reliable are they? This would be a single point of failure for each site, should I have faith in them or deploy 2 at each site? Can you recommend any brand/models?

Thank you
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38775103
Seperating the CAS role out is no longer best practise. Most locations are now putting all roles on the same server. It makes life a lot easier. Why are you insistent on having seperate CAS?
Without knowing about number of users, load etc it is impossible to say whether the design is good or not. However the most common design I am seeing now is to have six servers, three in each location. These could be on two physical machines.
Active/Active/Passive in each location, with two copies locally and one copy remote.
All roles on all servers, RPC CAS Array in both.
You would need to have load balancers in both sites - the most common one suggested is Kemp, I am currently playing with the open source Zen Load Balancer - which has clustering and as it is open source you can have as many as you like.

If you have even numbers in a DAG then you need a witness. This can be anything - another Exchange server is preferable, but a member server will do the job. I am doing a lot of implementions where database servers are used.

Simon.
0
 
LVL 5

Author Comment

by:Coffinated
ID: 38776645
Simon,

There will be anywhere from 500-1000 users per site. I can create 3 EX'10 servers per site all having all roles installed. Would it be a secure set up against server penetration?
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38782602
Number of servers and the role they have has NOTHING to do with server security. If you are concerned about server security then you will have to put something in front of Exchange to publish it to the internet.

Two servers in active/active per location with a passive in a second location would most likely be fine for that number of users, although do run it through the Microsoft tools to see what they actually say. For example 1000 users with 25mb of email would be fine on a single mailbox. 500 users who send 1000 emails a day would not!

Simon.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question