Exchange 2013 Architecture - Seeking Opinions to Proposed Solution

Posted on 2015-02-09
Medium Priority
Last Modified: 2016-11-23
Hi There,

I run a very small managed services business in the UK.  Presently I have 170 hosted Exchange mailboxes running on a single Exchange 2010 box with multi-tennant software running.  It's co-located at a UK T3 DC and has half hourly Veeam backups run continually.  Nightly a Veeam backup is transferred to a secondary T3 DC which is also colo.  

The solution has been running almost 2 years and has been pretty reliable (bar one or two hiccups).  However I anticipate gaining another 100 mailboxes in the next year and with 270 business mailboxes in mind would like to progress to something more resilient.  Right now I feel exposed with many eggs in one basket (and right on cue last night, as if it knows,  the Dell server running Exchange failed with a RAM error which prompted a 3AM - 6AM fix!).

Whilst I am aware of the Exchange 2013 HA features, such as DAGs, load balanced CAS servers and site HA, I'm also conscious that over-complicating things might bring upon problems - i.e. potential for false economy.

The fact I have 2 DC's to play with (100Mbps layer 2 link) it wouldn't take much to get a 3rd location running as a witness but as already mentioned, wonder if this is overkill/risk in itself.

What I am thinking instead, all in one site, is to build a new Exchange 2013 environment using 2 x MBX/CAS servers running as single VM's on separate physical hosts.  I'll then ensure there are 2 x AD servers also running as VM's on these separate physical hosts.  I'll then have a witness server placed on it's own VM on a 3rd physical host.  Lastly to load balance the CAS traffic I shall use a basic DNS round robin function on my SonicWALL's (which are running in HA).  (I would like to use a Kemp balance in HA but funds are unlikely to stretch that far [I also gather intelligent load balancing is less required with Exchange 2013 than previous versions]).

The above solution should make for robustness, however what I then intend to do is to use Veeam again to replicate the entire environment every hour to the secondary DC - which will effectively give us site resilience which although not as effective as Exchange site resilience, will be less complicated and expensive to setup.

Then at the second DC we have, create the whole lot again, but replicating the Veeam replications in the other direction and have both Exchange environments separate and active.

In summary we should then have 2 x completely separate and resilient Exchange 2013 environments  which shouldn't cost the earth and have site resilience built in.

Opinions please!

Question by:Jack Twomey
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40598845
Lastly to load balance the CAS traffic I shall use a basic DNS round robin

I would not be using DNS for your load balancing of CAS. Spend the extra cash and get a HLB. Exchange 2013 can now use Layer4 load balancing but this really only does Server Awareness. If you want service awareness you will need to use a Layer7 load balancer.


Author Comment

by:Jack Twomey
ID: 40599623
Thanks Will. Im wondering in reality how often an Exchangr service will fail, whilst ping/http (which the SonicWALLs monitor) remain active?
LVL 31

Accepted Solution

Gareth Gudger earned 2000 total points
ID: 40599900
Hey Jack,

It can definitely happen. The problem with DNS RR is that it has no insight into the server's health at all. DNS RR will just keep sending client to bad servers.

If you want a "free" solution for load balancing that can do health checks then I would look into an extra server with IIS and ARR.

One limitation with ARR or Layer 4 load balancers is that it can only run one health probe. You could go with a broken out namespace for each service but that's not pretty. Or get a Layer 7 load balancer like a KEMP device.

The benefit of the Layer 7 is that it can detect if any one service is down. It can still send client requests to that server for everything else that is running, just exclude that one item. Which is nice, because they you don't get a whole server ruled out for one little problem.

Author Comment

by:Jack Twomey
ID: 40603018
That's very helpful thank you Gareth.
LVL 31

Expert Comment

by:Gareth Gudger
ID: 40603063
Glad to help. Let us know if you need anything else.

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question