Exchange 2010 DAG Design for Single AD Site, two geographic locations - with scenario caveat of power outages

Scenario:

Small company, 2 geographic sites connected by 20Gbps Fiber link, single AD Site, Exchange 2003 (500 mailboxes one site, 300 the other).  Virtual Infrastructure exists at both geographic sites.

Mailbox users are site-specific and in current Exchange 2003 solution, have mailbox servers located at each site respectively.

Requirements:

To upgrade to Exchange 2010 as first phase upgrade.

To maintain mailbox site affinity for users located at each site, so that power-outages only affect mailbox users at that site.

Minimise costs and server count where possible, whilst providing higher availability for maintenance work to be peformed during normal working hours for the 2010 solution.

No requirement for DR copies of mailboxes between the sites.

Constraints:

Power outages at each physical location occur multiple times per year, quite frequently for more than the run-time of the UPS kit in place, so there is the real potential for ALL kit to go down at either of the sites, as has done to date.

Question:

What is the most appropriate DAG design?

Initial Thoughts:

Geo-site A: 2 x Mailbox nodes + 1 x CAS/HT node (FSW for DAGA)

Geo-site B: 2 x Mailbox nodes + 1 x CAS/HT node (FSW for DAGB)

A total of 6 servers required, which may seem overkill.  However, CAS/HT nodes can be load-balanced using NLB between well-connected geo-sites A and B via 20Gbps resilient Fiber (Hard to justify cost of VLB or HLB for such a small number of users).

This provides local HA against single server failure for both DAGs at either site.  If one site goes off-line due to power-outage, entire DAG and NLB node at remaining site continues to service clients.

Is there a simpler model that would work well whilst providing high availability for each geo-site, bearing in mind the possibility of complete power outage at each site?

Thanks in advance for ideas / tho

June 27th, 2013 1:21am

I have seen similar design for DAG and and it works well except one thing, if link goes down between two geo-sites then chances are there for split brain each site makes mini DAG thinking that another site went down if DAC mode is not enabled and that is manual process to activate and avoid split brain. Get more info about DAC here...

Understanding Datacenter Activation Coordination Mode

http://technet.microsoft.com/en-us/library/dd979790(v=exchg.141).aspx

Free Windows Admin Tool Kit Click here and download it now
June 27th, 2013 4:17am

I would recommend below:

Geo-Site A: 1 X Mailbox+ HUB Transport + CAS Role = Total Servers in site = 1

Geo-Site B: 1 X Mailbox+ HUB Transport + CAS Role = Total Servers in site =  1

For Database High availability:

Configure DAG between two sites and mount local databases on local site.

Configure DAC

Configure File Witness Share in Site A and Alternate File Witness Share in Site B.

For CAS High Availability:

Configure both DNS to be external facing

During power outage: Mount databases on alternate site and change the DNS IP to active site CAS server. All Internal / External / Mobile clients will be able to access emails.

AD Recommendation:

Exchange 2003 is not AD site aware application but Exchange 2010 is. Please configure AD sites with subnets for effective mail flow. This will also give you control over email routing in future.

June 27th, 2013 6:20am

@Amit,

Thanks for your reply.  Can you exapand a little on exactly what you mean by split brain?  Each DAG and both members are local to each geo-site, to if the resilient link were to go down for any reason, it is only the NLB CAS servers that are split between the two, not the DAG members.

Thank you.

Free Windows Admin Tool Kit Click here and download it now
June 27th, 2013 10:02am

Hi there,

Two comments about this design...

1/ There is only a single internet link out of geo-site 1 (I forgot to mention in the scenario), so if geo-site 1 goes down, geo-site 2 users would not get to their mailboxes if configured for external access via Outlook Anywhere / DNS.  It was my understanding that you should not, under any circumstances, have your CAS Array namespace available in external DNS, due to Outlook Anywhere timeouts.

2/ This would require manual intervention, whereas I believe the initial thought should (if the resilience Fiber doesn't go down) allow connections to continue locally to each DAG via the remaining NLB member.

Would welcome your comments on this for clarification.

Thank you!

June 27th, 2013 10:10am

I though you are going to span the DAG across the geo-sites but you are going to keep two DAGs and each DAG in each geo-site. In this case no split brain as you have FSW configured for each DAG and all nodes are in same site.
Free Windows Admin Tool Kit Click here and download it now
June 27th, 2013 5:47pm

I though you are going to span the DAG across the geo-sites but you are going to keep two DAGs and each DAG in each geo-site. In this case no split brain as you have FSW configured for each DAG and all nodes are in same site.

OK, thanks for clarifying.  Perhaps I did not make that clear.  DAGA at geo-site 1, DAGB at geo-site 2.  This is to isolate each service to the local site, should either site go offline completely.

Separating CAS roles from Mailbox allows us to leverage WNLB, and gives more flexibility for operational patching and reboots etc... than using multi-role servers.

Thanks for the reply.  Will just await further response from Sarvesh, around my comments to his initial reply.

Thank you.

June 27th, 2013 5:56pm

Hi,

I'm sorry to reply you so late, I am dedicating to research for this thread , I'll reply as soon as possible.

If you have any feedback on our support, please click here

Free Windows Admin Tool Kit Click here and download it now
July 2nd, 2013 5:14am

Hi  ,

a DAG can also be extended to one or more datacenters in a configuration that provides site resilience for one or multiple datacenters.

When configuring multi-datacenter DAGs its generally a good best practice to enable database activation (DAC) coordination mode for the DAG. DAC is a special DAG property that protects a DAG against so called split brain syndrome.

Understanding Database Availability Groups:

http://technet.microsoft.com/en-us/library/dd979799(v=exchg.141).aspx

Yes, WNLB can't be used on Exchange servers where mailbox DAGs are also being used because WNLB is incompatible with Windows failover clustering. If you're using an Exchange 2010 DAG and you want to use WNLB, you need to have the Client Access server role and the Mailbox server role running on separate servers.

Understanding Load Balancing in Exchange 2010:
http://technet.microsoft.com/en-us/library/ff625247(v=exchg.141).aspx

If you have any feedback on our support, please click here

July 2nd, 2013 9:14am

Any update ?

If you have any feedback on our support, please click here

Free Windows Admin Tool Kit Click here and download it now
July 7th, 2013 12:31pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics