[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 30
  • Last Modified:

Exchange 2013 Architecture - Seeking Opinions to Proposed Solution

Hi There,

I run a very small managed services business in the UK.  Presently I have 170 hosted Exchange mailboxes running on a single Exchange 2010 box with multi-tennant software running.  It's co-located at a UK T3 DC and has half hourly Veeam backups run continually.  Nightly a Veeam backup is transferred to a secondary T3 DC which is also colo.  

The solution has been running almost 2 years and has been pretty reliable (bar one or two hiccups).  However I anticipate gaining another 100 mailboxes in the next year and with 270 business mailboxes in mind would like to progress to something more resilient.  Right now I feel exposed with many eggs in one basket (and right on cue last night, as if it knows,  the Dell server running Exchange failed with a RAM error which prompted a 3AM - 6AM fix!).

Whilst I am aware of the Exchange 2013 HA features, such as DAGs, load balanced CAS servers and site HA, I'm also conscious that over-complicating things might bring upon problems - i.e. potential for false economy.

The fact I have 2 DC's to play with (100Mbps layer 2 link) it wouldn't take much to get a 3rd location running as a witness but as already mentioned, wonder if this is overkill/risk in itself.

What I am thinking instead, all in one site, is to build a new Exchange 2013 environment using 2 x MBX/CAS servers running as single VM's on separate physical hosts.  I'll then ensure there are 2 x AD servers also running as VM's on these separate physical hosts.  I'll then have a witness server placed on it's own VM on a 3rd physical host.  Lastly to load balance the CAS traffic I shall use a basic DNS round robin function on my SonicWALL's (which are running in HA).  (I would like to use a Kemp balance in HA but funds are unlikely to stretch that far [I also gather intelligent load balancing is less required with Exchange 2013 than previous versions]).

The above solution should make for robustness, however what I then intend to do is to use Veeam again to replicate the entire environment every hour to the secondary DC - which will effectively give us site resilience which although not as effective as Exchange site resilience, will be less complicated and expensive to setup.

Then at the second DC we have, create the whole lot again, but replicating the Veeam replications in the other direction and have both Exchange environments separate and active.

In summary we should then have 2 x completely separate and resilient Exchange 2013 environments  which shouldn't cost the earth and have site resilience built in.

Opinions please!

Jack Twomey
Jack Twomey
  • 2
  • 2
1 Solution
Will SzymkowskiSenior Solution ArchitectCommented:
Lastly to load balance the CAS traffic I shall use a basic DNS round robin

I would not be using DNS for your load balancing of CAS. Spend the extra cash and get a HLB. Exchange 2013 can now use Layer4 load balancing but this really only does Server Awareness. If you want service awareness you will need to use a Layer7 load balancer.

Jack TwomeyAuthor Commented:
Thanks Will. Im wondering in reality how often an Exchangr service will fail, whilst ping/http (which the SonicWALLs monitor) remain active?
Gareth GudgerCommented:
Hey Jack,

It can definitely happen. The problem with DNS RR is that it has no insight into the server's health at all. DNS RR will just keep sending client to bad servers.

If you want a "free" solution for load balancing that can do health checks then I would look into an extra server with IIS and ARR.

One limitation with ARR or Layer 4 load balancers is that it can only run one health probe. You could go with a broken out namespace for each service but that's not pretty. Or get a Layer 7 load balancer like a KEMP device.

The benefit of the Layer 7 is that it can detect if any one service is down. It can still send client requests to that server for everything else that is running, just exclude that one item. Which is nice, because they you don't get a whole server ruled out for one little problem.
Jack TwomeyAuthor Commented:
That's very helpful thank you Gareth.
Gareth GudgerCommented:
Glad to help. Let us know if you need anything else.

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now