• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1333
  • Last Modified:

Having DAG and CAS Array on 2 Exchange 2010 servers with all roles 2 NICs or 1?

Hello Experts

I'm in the process of migrating 1000 users from Exch 2003 to 2010. I will have 2 servers and on each will install all the roles.

I would like just to know if my configuration is proper or not!

didn't decide yet if it's going to be virtualized or physical servers. but here's the Hardware Specs I am having on mind in both cases!

1- 16 GB ram each server

2- 2 NICS (1GB) on each server for CAS Array. (I'm not sure if it will be ok to have CAS Array with mailbox roles with one DAG) ?

3- 4 Terabyte HDD split on the two servers as following
Server 1 -
C:\ 100GB
D:\ 1,900GB

Server 2 (Same configuration as Server1)

Is there anything I'm missing?


Second thing I would like to know, In case of installing all the roles on 1 server and adding a second server with all roles as well for redundancy! Does it need to have a second NIC?

and in case of second NIC would for the CAS array, would that affect the mailbox roles since the CAS Array should handle all the client requests including access to mailboxes which will be installed on the same servers where the CAS roles are!

I would appreciate any hints

Mohammed Hamada
Mohammed Hamada
  • 4
  • 3
  • 2
  • +3
1 Solution
Peter HutchisonSenior Network Systems SpecialistCommented:
No, a second NIC is not required. It is unlikely to do routing.
If you are using clustering such as Hyper-V or VMWare then  you may need more NICs but as it is a single NIC would suffice.
First a fall  you need  minimum 4 servers. 2 for DAG & 2 for HUB+CAS for high availability

Just keep Database and log drive separate.

For DAG replication you need 2 nic cards on each server.1 for MAPI Connection and 1 for replication.

DAG setup



You cannot achieve said design if you are going to use DAG on same server. DAG uses MSC technology whereas CAS required NLB. You cannot combine both technology together.
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Rather then adding 4 servers, i suggest you to use Hardware load balancer and then install  CAS-MBX on same server. This will minimize the server hardware and also you will get the best solution.
Personally, I recommend that you could use TWO network cards for each DAG node, one for Mapi network and one for DAG replication

If the replication network fails, the DAG will fail back to the MAPI network for replication even if the MAPI network has it’s ReplicationEnabled property set to False
In the event of a failure affecting the MAPI network, a server failover will occur (assuming there are healthy mailbox database copies that can be activated).

Although a single network is supported, we recommend that each DAG have at least two networks: a single MAPI network and a single Replication network. This provides redundancy for the network and the network path, and enables the system to distinguish between a server failure and a network failure. Using a single network adapter prevents the system from distinguishing between these two types of failures.


Also if you want to load balance the CAS servers, then you need to use Hardware load balancing device (HLB) as Windows NLB cluster and Windows failover cluster can't co-exists on same server

Its different case where you are deploying CAS servers separately, there you can use single NIC with windows NLB in Multicast mode.

You can deploy Exchange on two physical boxes in multi role configuration with DAG and HLB or you can deploy it on virtualized environment.

HDD sizing is looks OK, spindle speed should be at least 10K
In case of memory, there are lot of considerations.
You can use Exchange 2010 server sizing calculators to identify exact memory requirements
http://technet.microsoft.com/en-us/library/dd346700(v=exchg.141).aspx - Memory
http://technet.microsoft.com/en-us/library/dd346699(v=exchg.141).aspx - CPU
http://technet.microsoft.com/en-us/library/ee832793(v=exchg.141).aspx - Database Cache Memory

A CAS does not provide load balancing you need some other technology to provide the load balancing. Also note that at best all these are load balancing solutions, if one of the services stops responding then that doesn't always stop traffic heading in its direction and client access being disrupted.

 For this reason I feel that having a single server (but still configured as a CAS) and using Hypervisor clusters (so VMware HA or Hyper-V clusters) to deliver resilience may offer similar levels of resilience. However you do loose the ability to seamlessly apply hot fixes.

If you do have multiple servers you can choose from the following to deliver the load balancing:-

1. an external load balancer
2. Microsoft NLB technology.
3. Round Robin DNS or manual adjustment of the DNS

As I see it the pros of the external load balancer are that it should load balance reliably but is expensive.

I have had issues with NLB failing when using multicast with IGMP as the Cisco config is complex and our Network guys took ages to get it right so make sure you check this solution with them.
You can't mix a DAG and NLB on the same server so for NLB you will need four instances of the operating system. You can do this using two servers and VMware or HyperV. As the servers running the DAG need to be Windows Enterprise server you only need two windows licences. You do need four exchange licences, two enterprise and two standard.

Round Robin is probably useless for 1000 users.

I also feel your sizing is slightly light on RAM for 1000 users but a lot depends on how many are using cache, how many using mobile, how many have mobile devices. Try the IBM config tool:-


the results it gives will transfer to other makes of server. (You will have to sign up for an IBM ID).
Also try the Microsoft sizing tool here:-


this is just a spread sheet. Also remember if you have just two physical boxes they might load share under normal operations but each needs to be big enough to cope with the total load should one fail...
Mohammed HamadaSenior IT ConsultantAuthor Commented:
Unfortunately the customer didn't have 4 licenses to install 4 Servers so I had to deal with the current situation as it is.

I installed all the roles on 2 servers, 2 NICs on each server and 3 TB on each server too.

I created 4 databases on each server and created one DAG for replication of the databases between both server but there seems to be a problem.

I have 2 NICs on each server, one is in the LAN for MAPI and the second is on a different Subnet and different physically connected network too.

when I try to setup the DAG it asks for the witness server and folder which I have already setup and added the required Exchange security group permission to the local administrator "Exchange Trusted Subsystem".

The DAG group gets created but with only one Mailbox server or one of the two servers that I have installed.

When I try to add the second server I get this error:

error: a server-side database availability group administrative operation failed, error: The operation failed. createcluster errors may result from incorrectly configured static addresses.

I am also attaching a snapshot of the error. I couldn't get around this problem and hope that someone could know what's the solution?

Just would like to mention 2 things more, I have configured manually the IPs of the replication NICs as following
First SERVER/REPlication NIC

Second Server/ Replication NIC

Second thing, the customer doesn't have a DHCP server in the Servers subnet which had me to manually configure a Static IPs for the DAG group.

I'm attaching snapshot of the error.
Can you just run Ipconfig /all on both servers and post back output here please
We would want to see the Ip configuration of both servers for both adapters

This problem probably caused by network issue.
The article  http://technet.microsoft.com/en-us/library/dd638104.aspx says "configuring each network adapter correctly, you must also configure the network connection order in Windows so that the MAPI network is at the top of the connection order". Please check the binding order.
In addition, makre sure all your DAG member servers are in the same pack and 3th-party software such as AV software can lead to this. You can try to disable the software if any was installed.
If still doesn't work, you may rebuild the DAG.http://technet.microsoft.com/en-us/library/gg513521.aspx

Check below article:

Mohammed HamadaSenior IT ConsultantAuthor Commented:
Thanks Mahesh and everyone else. I have solved the problem as it seems it was related to a static persistent route for the second NIC that was configured somehow! I didn't configure it and the only way I could find out is by using command line ( route print )

and there I found the route on both servers default

Using the command line route /f , have reset all the routing tables on both servers Exch 1 and 2. and after restarting it went very well.

and as for the Witness Server, I have added the Witness Server in AD to the "Exchange Trusted Subsystem" security group. and after recreating the DAG group everything worked well.
It seems that question you asked initially and resolution provided by you are two different cases.
Instead if you could asked issue you faced at 1st place ?

I don't want to object the resolution. But Unless you mentioned your exact issue we can't figure out solution. Since your question didn't talk about issue and question is more from configuration \ sizing point of view and I thought you have got appropriate answers wrt question asked from experts.

Mohammed HamadaSenior IT ConsultantAuthor Commented:
Self resolved
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now