Solved

Exchange 2010 DAG DNS question

Posted on 2013-06-26
7
395 Views
Last Modified: 2013-07-04
I have an Exchange 2010 DAG set-up with 1 server in our corporate office and 1 in a satellite office. We use Postini as a spam-filter and each Exchange server has all the requisite roles (CAS/Mailbox/Hub Transport) on it, and sits behind their respective site's firewall.

The only part of the DAG set-up I believe I need to work out is to provision for the external hostname that represents our mail (ex: mail.mydomain.com) to be able to fail over to the satellite office's IP for OWA/ActiveSync for transparent accessibility to web mail and connectivity to smartphones if something happens to the primary server and all services/mailboxes fail over to the satellite office.  What do I need to do DNS-wise, to accomplish this?
0
Comment
Question by:djhath
  • 4
  • 3
7 Comments
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 500 total points
ID: 39279790
DAG is for mailbox protection only. It has nothing else to do with any part of Hub or CAS.
You need to have a CAS array in place for internal mailbox access. That is a URL that resolves internally only and is used for MAPI traffic only. It does not need to be on the SSL certificate.

For Hub and CAS traffic the main option here is a load balancer. That would sit on another machine. NOT windows Load Balancer, but a proper load balancer.

For Hub transport traffic, the other option is to have both servers in the list at Postini. It doesn't matter which server the email is delivered to, Exchange will get the email delivered correctly.

For CAS, you are limited. If you want automatic failover then a load balancer is your only option. Otherwise two URLs and telling the users to adjust or having a DNS entry with a low TTL time that you change yourself would also work.

Simon.
0
 
LVL 3

Author Comment

by:djhath
ID: 39279956
Simon,

Thank you for your response. The Hub stuff is taken care of at Postini, where both server IPs are registered as a primary point of delivery and a fail over in case of failure of the primary.

I haven't dug into the load balancing yet as I'm learning more about that here. However, would that require one for both sites? I'm thinking that if the primary site went down beyond just the server (loss of power), then the load balancer would be rendered useless and manual intervention would be required to get users up and running.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39280544
If you want something completely automatic then the load balancer would need to be located at a third site.
It very much depends on what you are planning for. If it was loss of the building, then having to make a few manual DNS changes is the least of your worries!

Simon.
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 3

Author Comment

by:djhath
ID: 39281899
I found this article about a round-robin DNS configuration. http://garrettdowns.blogspot.com/2011/12/exchange-2010-cas-array-dns-round-robin.html

I set-up dual A records for my mail.mydomain.com hostname for both sites, and both sites listed in Postini for Hub Transport redundancy.

I also set-up a separate mailbox database and moved my mailbox to that database and made it active on the satellite site.  I can send mail outside, but not receive from the outside.  Also, my phone is erroring out in saying it's unable to connect.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39281934
Round robin has no availability function, so if a server goes down traffic will still be sent to the dead server. Therefore it doesn't really achieve very much.

Being able to receive email - you need to look at the queues and confirm that the servers can communicate.
For ActiveSync, if the second location is directly accessing the Internet then you will need to change the URL being used. if it isn't, then ensure that no external URL is configured.

Simon.
0
 
LVL 3

Author Comment

by:djhath
ID: 39282161
The second location is set-up identical to our corporate office - behind a firewall with only ports 80 and 443 open.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39283717
If the second location has external URLs configured, then in the event of a failover the mobile devices will NOT follow to the second location. You will need a load balancer if you want that to happen.

Simon.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

We are happy to announce a brand new addition to our line of acclaimed email signature management products – CodeTwo Email Signatures for Office 365.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question