Setting Up Exchange 2016

Posted on 2016-09-23
Medium Priority
Last Modified: 2016-10-25
I will be setting up exchange 2016 accross 2 sites. There will be 3 mailbox servers in both sites with 1 DAG (IP-Less DAG) that all mailbox servers will be members of. Site 1 will be production (hosting active copies of mailbox DBs) and all users will connect to this site, while site 2 will be only for DR failover (hosting passive copies of mailbox DBs). My question is in regards to client connectivity name spaces, I was wondering should i use the same client namespace for both sites or should site 1 have a namespace like prod.domain.com and site 2 have a namespace like DR.domain.com, or should there be just 1 single namespace for both such as mail.domain.com? I don't want to have the make any DNS changes if failover occur, and I only want the users connect to site 2 if there is a mailbox failover. The SSL can the single name space or both to ensure there are no certificate errors. What do you experts think is the best route. We have a netscaler load balancer that we will most likely use but I'm also thinking about DNS round robin for this since Exchange 2016 no longer support CASArray but it does support hardware load balancers and DNS Round Robin. Answer with DNS round robin is mind please and thanks.
Question by:timgreen7077
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 63

Accepted Solution

Simon Butler (Sembee) earned 2000 total points
ID: 41813109
If the servers are in different AD sites then they get a different namespace. You need to control where the traffic goes.
In the event of a site failure then just move the DNS around. Run the DNS with a short TTL time so the change is made quickly.

As for DNS round robin, I wouldn't bother. The lack of CAS array doesn't change anything because Exchange 2016 is Outlook Anywhere, so HTTPS traffic so is ideally suited to use with the load balancer.

With two servers in the main site you are only going to site failover in the event of site loss, which will either be planned or a major issue where changing the external DNS will not be issue.

Keep it simple, don't try and over complicate things.

Author Comment

ID: 41814318
Can this be done without changing DNS around.
LVL 63

Assisted Solution

by:Simon Butler (Sembee)
Simon Butler (Sembee) earned 2000 total points
ID: 41814671
I have two implementations where all external traffic comes in via the data centre server, then travels over the site to site VPN to the main server. The office based server isn't exposed to the internet at all. That would avoid DNS changes or a load balancer. Depends how much external traffic you have.

If you must have the main server exposed to the internet then a load balancer or DNS record change is the only option.
I don't see what the issue with changing the DNS record is? As I wrote, in this scenario it is only for a full site failover, so something as minor as a DNS change shouldn't be an issue.

Unless of course there are politics involved in your DNS records, or the host is useless. In that case the DNS should be moved to somewhere that you can control it.

Author Comment

ID: 41814972
No there will be no changes to the external DNS, i want to avoid having to change internal DNS if the mailboxes failover to the DR site.  Its not a matter of it being an issue or not, the issue is I don't want to have to do that. With failover I want users to be able to open outlook and work without me having to intervene with DNS. With that being said I'm trying to determine if a single name space will be the best option or namespace for each site. Dont worry about external DNS only internal. What do you think?

Author Closing Comment

ID: 41817022
Your answers were good but I think i will go with the unbound name space instead of the 2 that you mentioned.
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
In-place Upgrading Dirsync to Azure AD Connect
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question