Solved

Exchange 2010 DAG DNS question

Posted on 2013-06-26
7
392 Views
Last Modified: 2013-07-04
I have an Exchange 2010 DAG set-up with 1 server in our corporate office and 1 in a satellite office. We use Postini as a spam-filter and each Exchange server has all the requisite roles (CAS/Mailbox/Hub Transport) on it, and sits behind their respective site's firewall.

The only part of the DAG set-up I believe I need to work out is to provision for the external hostname that represents our mail (ex: mail.mydomain.com) to be able to fail over to the satellite office's IP for OWA/ActiveSync for transparent accessibility to web mail and connectivity to smartphones if something happens to the primary server and all services/mailboxes fail over to the satellite office.  What do I need to do DNS-wise, to accomplish this?
0
Comment
Question by:djhath
  • 4
  • 3
7 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
Comment Utility
DAG is for mailbox protection only. It has nothing else to do with any part of Hub or CAS.
You need to have a CAS array in place for internal mailbox access. That is a URL that resolves internally only and is used for MAPI traffic only. It does not need to be on the SSL certificate.

For Hub and CAS traffic the main option here is a load balancer. That would sit on another machine. NOT windows Load Balancer, but a proper load balancer.

For Hub transport traffic, the other option is to have both servers in the list at Postini. It doesn't matter which server the email is delivered to, Exchange will get the email delivered correctly.

For CAS, you are limited. If you want automatic failover then a load balancer is your only option. Otherwise two URLs and telling the users to adjust or having a DNS entry with a low TTL time that you change yourself would also work.

Simon.
0
 
LVL 3

Author Comment

by:djhath
Comment Utility
Simon,

Thank you for your response. The Hub stuff is taken care of at Postini, where both server IPs are registered as a primary point of delivery and a fail over in case of failure of the primary.

I haven't dug into the load balancing yet as I'm learning more about that here. However, would that require one for both sites? I'm thinking that if the primary site went down beyond just the server (loss of power), then the load balancer would be rendered useless and manual intervention would be required to get users up and running.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
If you want something completely automatic then the load balancer would need to be located at a third site.
It very much depends on what you are planning for. If it was loss of the building, then having to make a few manual DNS changes is the least of your worries!

Simon.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 3

Author Comment

by:djhath
Comment Utility
I found this article about a round-robin DNS configuration. http://garrettdowns.blogspot.com/2011/12/exchange-2010-cas-array-dns-round-robin.html

I set-up dual A records for my mail.mydomain.com hostname for both sites, and both sites listed in Postini for Hub Transport redundancy.

I also set-up a separate mailbox database and moved my mailbox to that database and made it active on the satellite site.  I can send mail outside, but not receive from the outside.  Also, my phone is erroring out in saying it's unable to connect.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
Round robin has no availability function, so if a server goes down traffic will still be sent to the dead server. Therefore it doesn't really achieve very much.

Being able to receive email - you need to look at the queues and confirm that the servers can communicate.
For ActiveSync, if the second location is directly accessing the Internet then you will need to change the URL being used. if it isn't, then ensure that no external URL is configured.

Simon.
0
 
LVL 3

Author Comment

by:djhath
Comment Utility
The second location is set-up identical to our corporate office - behind a firewall with only ports 80 and 443 open.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
Comment Utility
If the second location has external URLs configured, then in the event of a failover the mobile devices will NOT follow to the second location. You will need a load balancer if you want that to happen.

Simon.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now