Exchange 2010 DAG DNS question

I have an Exchange 2010 DAG set-up with 1 server in our corporate office and 1 in a satellite office. We use Postini as a spam-filter and each Exchange server has all the requisite roles (CAS/Mailbox/Hub Transport) on it, and sits behind their respective site's firewall.

The only part of the DAG set-up I believe I need to work out is to provision for the external hostname that represents our mail (ex: mail.mydomain.com) to be able to fail over to the satellite office's IP for OWA/ActiveSync for transparent accessibility to web mail and connectivity to smartphones if something happens to the primary server and all services/mailboxes fail over to the satellite office.  What do I need to do DNS-wise, to accomplish this?
LVL 3
djhathAsked:
Who is Participating?
 
Simon Butler (Sembee)Connect With a Mentor ConsultantCommented:
DAG is for mailbox protection only. It has nothing else to do with any part of Hub or CAS.
You need to have a CAS array in place for internal mailbox access. That is a URL that resolves internally only and is used for MAPI traffic only. It does not need to be on the SSL certificate.

For Hub and CAS traffic the main option here is a load balancer. That would sit on another machine. NOT windows Load Balancer, but a proper load balancer.

For Hub transport traffic, the other option is to have both servers in the list at Postini. It doesn't matter which server the email is delivered to, Exchange will get the email delivered correctly.

For CAS, you are limited. If you want automatic failover then a load balancer is your only option. Otherwise two URLs and telling the users to adjust or having a DNS entry with a low TTL time that you change yourself would also work.

Simon.
0
 
djhathAuthor Commented:
Simon,

Thank you for your response. The Hub stuff is taken care of at Postini, where both server IPs are registered as a primary point of delivery and a fail over in case of failure of the primary.

I haven't dug into the load balancing yet as I'm learning more about that here. However, would that require one for both sites? I'm thinking that if the primary site went down beyond just the server (loss of power), then the load balancer would be rendered useless and manual intervention would be required to get users up and running.
0
 
Simon Butler (Sembee)ConsultantCommented:
If you want something completely automatic then the load balancer would need to be located at a third site.
It very much depends on what you are planning for. If it was loss of the building, then having to make a few manual DNS changes is the least of your worries!

Simon.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
djhathAuthor Commented:
I found this article about a round-robin DNS configuration. http://garrettdowns.blogspot.com/2011/12/exchange-2010-cas-array-dns-round-robin.html

I set-up dual A records for my mail.mydomain.com hostname for both sites, and both sites listed in Postini for Hub Transport redundancy.

I also set-up a separate mailbox database and moved my mailbox to that database and made it active on the satellite site.  I can send mail outside, but not receive from the outside.  Also, my phone is erroring out in saying it's unable to connect.
0
 
Simon Butler (Sembee)ConsultantCommented:
Round robin has no availability function, so if a server goes down traffic will still be sent to the dead server. Therefore it doesn't really achieve very much.

Being able to receive email - you need to look at the queues and confirm that the servers can communicate.
For ActiveSync, if the second location is directly accessing the Internet then you will need to change the URL being used. if it isn't, then ensure that no external URL is configured.

Simon.
0
 
djhathAuthor Commented:
The second location is set-up identical to our corporate office - behind a firewall with only ports 80 and 443 open.
0
 
Simon Butler (Sembee)ConsultantCommented:
If the second location has external URLs configured, then in the event of a failover the mobile devices will NOT follow to the second location. You will need a load balancer if you want that to happen.

Simon.
0
All Courses

From novice to tech pro — start learning today.