Hello All.. I'm making tests on an Exchange Deployement in an active production dual Datacenter having following subnets specs.. Site A : 10.10.x.x (255.255.0.0) - GW : 10.10.10.254 - DNS : 10.10.11.250/251 (AD is on this Site) Site B : 192.168.44.x (255.255.255.0) - GW : 192.168.44.254 - DNS : 192.168.44.253/254 Both Sites are linked via a VPN Ipsec Connection. My two Dag nodes have following actual tests specs DAG 1 : LAN (MAPI) : 10.10.100.7 (255.255.0.0) - GW : 10.10.10.254 - DNS : 10.10.11.250/251 DAG (Replication) : 10.10.100.6 (255.255.0.0) - GW : 10.10.10.254 - DNS : 10.10.11.250/251 (yes i know, i'll have to change this) DAG 2 : LAN (MAPI) : 192.168.44.104 (255.255.255.0) - GW : 192.168.44.254 - DNS : 192.168.44.253/254 DAG (Replication) : 192.168.44.113 (255.255.255.0) - GW : 192.168.44.254 - DNS : 192.168.44.253/254 (yes i know, i'll have to change this) Yet i think my cluster is not active correctly. I don't happen to see in Windows Clustering Failover Manager the Site B and DAG 2 network cards when setting up a DAG... I am wishing to respect following documents for the dag setup i've found trough the forums : http://technet.microsoft.com/en-us/library/dd638121.aspx http://technet.microsoft.com/en-us/library/dd979781.aspx http://technet.microsoft.com/en-us/library/dd638104.aspx http://technet.microsoft.com/en-us/library/dd638129.aspx If i understand well documentations, here are the modifications i'm going to make for a deployement : DAG 1 : LAN (MAPI) : 10.10.100.7 (255.255.0.0) - GW : 10.10.10.254 - DNS : 10.10.11.250/251 DAG (Replication) : 192.168.1.1 (255.255.255.0) DAG 2 : LAN (MAPI) : 192.168.44.104 (255.255.255.0) - GW : 192.168.44.254 - DNS : 192.168.44.253/254 DAG (Replication) : 192.168.2.1 (255.255.255.0) In addition i'll add manually following routes : DAG 1 : netsh interface ipv4 add route 192.168.2.0/24 "DAG" 192.168.1.254 DAG 1 : netsh interface ipv4 add route 192.168.1.0/24 "DAG" 192.168.2.254 Finally in EMS : New-DatabaseAvailabilityGroup -Name DAG1 -WitnessServer ExchCas01 -WitnessDirectory C:\DAGWitness\ -DatabaseAvailabilityGroupIPAddresses 10.10.20.100,192.168.44.100 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer DAG1 Add-DatabaseAvailabilityGroupServer -Identity DAG1 -MailboxServer DAG2 Is this the right configuration scheme ? Do you see anything wrong in planned tests ? Thanks for your returns.. Tdldp EDIT : I have a weird personnal reflexion on the routing ... My IPSec Network has following configuration on Site B : left=SITEB_PUBLIC_IP leftnexthop=SITEB_PUBLIC_GATEWAY leftsubnet=192.168.44.0/24 right=SITEA_PUBLIC_IP rightsubnet=10.10.10.0/16 rightnexthop=SITEA_PUBLIC_GATEWAY rightsourceip=10.10.10.254 Is there not a problem with this tunneling ? It's on my opinion not capable to cope routing to a 192.168.1.X network on site A... What should i add to make it cope this routing ? Thanks for your help

Hi tdldp1, I would suggest you rename mailbox servers' name to MBX1, MBX2(rather than use the same name as DAG's name). The link(Deploying High Availability and Site Resilience:http://technet.microsoft.com/en-us/library/dd638129.aspx) is a good example to deploy DAG. For IPSec issue, please seek the solution in the related forum to resolve it first. Frank Wang TechNet Community Support

Hi tdldp1, I would suggest you rename mailbox servers' name to MBX1, MBX2(rather than use the same name as DAG's name). The link(Deploying High Availability and Site Resilience:http://technet.microsoft.com/en-us/library/dd638129.aspx) is a good example to deploy DAG. For IPSec issue, please seek the solution in the related forum to resolve it first. Frank Wang TechNet Community Support

Hello Franck Thanks for your reply... The link is the one i followed to setup Dag Configuration tests... Yet As doubted, i have no communication between my two sites IP as it is not routed correctly.. Asking the question though i think i already know the answer : Is there a way in given IP Classes to setup a Dag configuration with IPsec compatible IP's, without modifying ipsec configuration ? (ex : Site A DAG1 : DAG (Replication) : 10.10.21.1 (255.255.0.0) - Site B DAG2 : DAG (Replication) : 192.168.45.1 (255.255.255.0) for which i have an IPsec tunnel configuration set between the sites : It's a test purpose tunnel) Thanks again by advance for returns.. Tdldp

Hello Franck Thanks for your reply... The link is the one i followed to setup Dag Configuration tests... Yet As doubted, i have no communication between my two sites IP as it is not routed correctly.. Asking the question though i think i already know the answer : Is there a way in given IP Classes to setup a Dag configuration with IPsec compatible IP's, without modifying ipsec configuration ? (ex : Site A DAG1 : DAG (Replication) : 10.10.21.1 (255.255.0.0) - Site B DAG2 : DAG (Replication) : 192.168.45.1 (255.255.255.0) for which i have an IPsec tunnel configuration set between the sites : It's a test purpose tunnel) Thanks again by advance for returns.. Tdldp

It should work .. If my understanding is correct. Satheshwaran Manoharan | Exchange 2003/2007/2010 | Blog:http://www.careexchange.in | Please mark it as an answer if it really helps you

It should work .. If my understanding is correct. Satheshwaran Manoharan | Exchange 2003/2007/2010 | Blog:http://www.careexchange.in | Please mark it as an answer if it really helps you

Hi tdldp1, If you deploy DAG cross two datacenters, please also see below link about DAG Networks and Multiple Subnet Deployments: Managing Database Availability Groups http://technet.microsoft.com/en-us/library/dd298065.aspx#DatFrank Wang TechNet Community Support

Thanks for that link, i seem to see things a little better... We are resolving our network issues today, and i'll undergo the tests after that... Will make follow up if solution works or not...

Thanks for that link, i seem to see things a little better... We are resolving our network issues today, and i'll undergo the tests after that... Will make follow up if solution works or not...

Hi tdldp1, Any updates?Frank Wang TechNet Community Support

Hi tdldp1, Any updates?Frank Wang TechNet Community Support

Hi Frank.. We resolved this morning our IPSec issues... We have now : DAG 1 : LAN (MAPI) : 10.10.100.7 (255.255.0.0) - GW : 10.10.10.254 - DNS : 10.10.11.250/251 DAG (Replication) : 192.168.50.1 (255.255.255.0) DAG 2 : LAN (MAPI) : 192.168.44.104 (255.255.255.0) - GW : 192.168.44.254 - DNS : 192.168.44.253/254 DAG (Replication) : 192.168.49.1 (255.255.255.0) DAG 1 : netsh interface ipv4 add route 192.168.49.0/24 "DAG" 192.168.50.254 DAG 2 : netsh interface ipv4 add route 192.168.50.0/24 "DAG" 192.168.49.254 pinging each network interfaces shows trafic passing in each DAG replication networks so they communicate correctly... Next Step : Setup the Dag based on your documentation... Through EMC (why but why did i not go trough EMS) i setup the DAG Group with following tests parameters Name : ExchangeDag Witness Server : ExchangeCas02 Folder : C:\DAGWitness\ I then add my two servers and went through an error : Cluster service did not manage to bring up or take down service or cluster application "Cluster Group". Ressources are maybe in failed state (Translated from french, sorry if not exact).. In any case : Error 1205 I then tried to bring DAG back to empty state, by removing both servers, and there was a new error (not noted though). I have in Event Manager : Cluster Node Dag1 has been removed... Yet : DagExchange declares it has only one active server node : DAG 1 On node 1 (Dag1), there is no more Cluster Service active. but DAG 1 server still appears in DAG management Group trough EMS/EMC. On node2 (Dag2), Cluster service is still active, and node appears in Failover Clustering management for ExchangeDAG name, but not in EMS/EMC any more. If i try to remove DAG1 node, though EMS or EMC on DAG1 or DAG2 i have following Error : Can't connect to cluster Service on given computer, assure they have qorum or are configuration only Shell Command attempted : Remove-DatabaseAvailabilityGroupServer -MailboxServer "DAG1" -Identity ExchangeDAG I don't seem able to remove anything on DAG2, even if it declares it's in a cluster that doesn't appear in exchange anymore.. Googling a lot on this crap, if you have any advice i'll take some...But i think i messed up something there .. I LOVE EXCHANGE ;) tdldp EDIT : Technical informations as They come DAG 1 Cluster Service Status : 18h15 c:\>sc query clussvc SERVICE_NAME: clussvc TYPE : 10 WIN32_OWN_PROCESS STATE : 1 STOPPED WIN32_EXIT_CODE : 1066 (0x42a) SERVICE_EXIT_CODE : 2 (0x2) CHECKPOINT : 0x0 WAIT_HINT : 0x0 EMC : DAG group Properties throws error : 18h30 ActiveManager Operation Error : Cluster API 'OpenCluster (DAG1.domain)' failed with error 0x6d9 - There are no more endpoints available from the endpoint DAG 2 Cluster Service Cleanup : 9h05 Managed to remove Local DAG2 cluster node setup by destroying cluster in DAG2 Failover Clustering Management Just need now to remove the exchange DAG setup and the lost node from EMC / EMS properties.. DAG CleanUP Done ! 9h30 For Personnal FollowUP : Remove DAG Server with configurationonly switch on lost cluster nodes, cleans up DAG membership.. Following removals done Restarting My Configuration, and going a bit more slowly.. I think i found an AD latency issue that could have been responsable of faced problems... AD Team on the problem..

Ok... Through EMS all DAG primary setup and configuration went right this time... I now have A DAG With my two nodes answering correctly... Next Setup is normally http://technet.microsoft.com/en-us/library/dd298065.aspx#Dat When i run the following command : Set-DatabaseAvailabilityGroupNetwork -Identity DAG1\DAGNetwork01 -Subnets 10.10.0.0,192.168.44.0 -ReplicationEnabled:$false to collapse DAGNetwork03 in DAGNetwork01 i get following error : Subnet '10.10.0.0' definition error : it is in conflict with existing Subnet '10.10.0.0/16' Googling through that but wondering if command does not need the /16,/24 mask ? EDIT : This Is Solved : As i thought adding the mask solves problem... EDIT2 : Last question before marking this topic SOLVED : I have in my cluster Management console, Following information : Cluster : DAG1 - Online IP Adress : 10.10.20.100 - Online IP Adress : 192.168.44.100 - Offline. If i attempt to force it online i get following error message : An error occured when attemtping to bring online following ressource : IPv4 Static Adress 1 (Cluster Group) error Code : 0x80071397 : The cluster node is not the ressource owner or the node is not an owner possible of the ressource.. Does it tell you anything ? Is this normal ? Thanks anyway by advance for all support given.. Really helped me get down to the right information... I leave my edits for those searching documentation...

I'm closing this thread now.. It is solved for me regarding the DAG Configuration... Please Franck i'll setup a new thread next monday regarding CAS Array in multiple Subnet.. If you do have some time to take a look at it i'll appreciate... Tdldp

I'm closing this thread now.. It is solved for me regarding the DAG Configuration... Please Franck i'll setup a new thread next monday regarding CAS Array in multiple Subnet.. If you do have some time to take a look at it i'll appreciate... Tdldp