Implement disaster recovery in second site
We have two sites, one of which is a secure co-location facility currently without any Exchange servers. We want to add the ability to switch over to the co-location facility in the event of a disaster at the production facility. We are using Exchange
2010 SP1 UR4v2 in production.
- We have split DNS but do not have a disjointed namespace at this time
- Production site: 2 combined GC/DC's (1 is the FSMO role holder and we haven't excluded the PDC role from ADAccess yet), 2 CAS VMware hosts in an array, 2 HT VMware hosts in an array, and 1 physical Mailbox host, 50Mbps fiber WAN connection.
Hardware load balancer.
- DR site: 1 combined DC/GC, 20Mbps CIR WAN connection, burstable to 40Mbps or higher. VMWare host available, hardware load balancer not available.
- WAN traffic uses Cisco GRE over IPSec
Reason I'm posting this is that I can't find simple design examples. I wanted a two-member DAG in a two datacenters/AD sites config. But I don't see how to configure this design in the the MS templates and DAG design examples links. They list 2/1, 4/1 and
4/2 examples only. For the DR site I was hoping to add a second VM GC/DC, 1-2 VM CAS, 1 HT and 1 physical MBX. I know I can't use NLB CAS if it co-exists with MBX.
I'd appreciate any details on how to accomplish this, or if this isn't feasible, the simplest configuration to allow us to replicate the data to the DR site and only activate it manually.
January 13th, 2012 12:57pm
For DR I would have 1 multi role Exchange 2010 server (MB,CAS,HT) and configure a single DAG configure the DAG for DAC mode (http://technet.microsoft.com/en-us/library/dd979790.aspx).
This will full fill the manual failover requirement
The network link looks to be fine as long as it is not getting saturated, for the DAG you will need to make sure roundtrip latency is less than 250ms.
As you will have 2 nodes in your DAG locate your FSW in your production datacentre.Matt Cline - MCSE+M, MCITP: EA | EMA (2007, 2010) | Lync 2010 Blog: exchangeadventures.com
Free Windows Admin Tool Kit Click here and download it now
January 14th, 2012 9:17am
For DR I would have 1 multi role Exchange 2010 server (MB,CAS,HT) and configure a single DAG configure the DAG for DAC mode (http://technet.microsoft.com/en-us/library/dd979790.aspx).
This will full fill the manual failover requirement
The network link looks to be fine as long as it is not getting saturated, for the DAG you will need to make sure roundtrip latency is less than 250ms.
As you will have 2 nodes in your DAG locate your FSW in your production datacentre.Matt Cline - MCSE+M, MCITP: EA | EMA (2007, 2010) | Lync 2010 Blog: exchangeadventures.com
January 14th, 2012 5:14pm
Hi
Quote: I wanted a two-member DAG in a two datacenters/AD sites config.
This is possible but is not recommended approach .The Continuous Replication doesn't care about sites. You use the same command Add-MailboxDatabaseCopy. When the WAN goes down, the server can't reach FSW will not mount any databases.
So DAC is used site 2 will be dis-mounted since it doesn't have majority.
I think Mattcline’s advice is the simplest configuration.Terence Yu
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
January 15th, 2012 9:36pm
Hi
Quote: I wanted a two-member DAG in a two datacenters/AD sites config.
This is possible but is not recommended approach .The Continuous Replication doesn't care about sites. You use the same command Add-MailboxDatabaseCopy. When the WAN goes down, the server can't reach FSW will not mount any databases.
So DAC is used site 2 will be dis-mounted since it doesn't have majority.
I think Mattcline’s advice is the simplest configuration.Terence Yu
TechNet Community Support
January 15th, 2012 9:36pm
Hi
Quote: I wanted a two-member DAG in a two datacenters/AD sites config.
This is possible but is not recommended approach .The Continuous Replication doesn't care about sites. You use the same command Add-MailboxDatabaseCopy. When the WAN goes down, the server can't reach FSW will not mount any databases.
So DAC is used site 2 will be dis-mounted since it doesn't have majority.
I think Mattcline’s advice is the simplest configuration.Terence Yu
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
January 15th, 2012 9:39pm
Hi
Do you have anything to update your issue ?Terence Yu
TechNet Community Support
January 18th, 2012 4:26am
Hi
Do you have anything to update your issue ?Terence Yu
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
January 18th, 2012 4:26am
Hi
Do you have anything to update your issue ?Terence Yu
TechNet Community Support
January 18th, 2012 4:29am
Terence - I believe you when you say it's not recommended. Can you give a summary on why it is not recommended? Aren't there also limitations as to what can be configured when the roles are combined on one system? NLB comes to mind with DAG, but for some
reason I thought there were others as well.
Our production MBX server is using 2008 R2 Enterprise, but the CAS & HT roles are using 2008 R2 Standard. Just the mailbox role needs to be Enterprise for the DAG implementation, correct?
Free Windows Admin Tool Kit Click here and download it now
January 18th, 2012 4:24pm
Terence - I believe you when you say it's not recommended. Can you give a summary on why it is not recommended? Aren't there also limitations as to what can be configured when the roles are combined on one system? NLB comes to mind with DAG, but for some
reason I thought there were others as well.
Our production MBX server is using 2008 R2 Enterprise, but the CAS & HT roles are using 2008 R2 Standard. Just the mailbox role needs to be Enterprise for the DAG implementation, correct?
January 18th, 2012 4:24pm
Terence - I believe you when you say it's not recommended. Can you give a summary on why it is not recommended? Aren't there also limitations as to what can be configured when the roles are combined on one system? NLB comes to mind with DAG, but for some
reason I thought there were others as well.
Our production MBX server is using 2008 R2 Enterprise, but the CAS & HT roles are using 2008 R2 Standard. Just the mailbox role needs to be Enterprise for the DAG implementation, correct?
Free Windows Admin Tool Kit Click here and download it now
January 18th, 2012 4:27pm
Hi
Quote: Can you give a summary on why it is not recommended?
Let's say you have users in Boston and users in Chicago. Your DAG could theoretically span between both physical sites, but your WAN would need to have enough bandwidth (it depends on your database) to satisfy the log shipping
requirements, client access bandwidth, and low enough latency for Windows Failover Clustering and the clients. You can’t control WAN link. If matter appears on WAN link, DAG will fail.
Quote:Aren't there also limitations as to what can be configured when the roles are combined on one system?
You can install all roles on DAG server.
You should set dag2 server and FSW server on site2.
Quote: Our production MBX server is using 2008 R2 Enterprise, but the CAS & HT roles are using 2008 R2 Standard. Just the mailbox role needs to be Enterprise for the DAG implementation, correct?
Correct. I can offer detail reason.
DAGs are available in both Exchange 2010 Standard Edition and Exchange 2010 Enterprise Edition. In addition, a DAG can contain a mix of servers running Exchange 2010 Standard Edition and Exchange 2010 Enterprise Edition.
Each member of the DAG must also be running the same operating system. Exchange 2010 is supported on both the Windows Server 2008 and Windows Server 2008 R2 operating
systems. All members of a DAG must run either Windows Server 2008 or Windows Server 2008 R2. They can't contain a combination of both Windows Server 2008 and Windows Server 2008 R2.
In addition to meeting the prerequisites for installing Exchange 2010, there are operating system requirements that must be met.
DAGs use Windows Failover Clustering technology, and as a result, they require the Enterprise version of Windows.
Terence Yu
TechNet Community Support
January 18th, 2012 9:02pm
Hi
Quote: Can you give a summary on why it is not recommended?
Let's say you have users in Boston and users in Chicago. Your DAG could theoretically span between both physical sites, but your WAN would need to have enough bandwidth (it depends on your database) to satisfy the log shipping
requirements, client access bandwidth, and low enough latency for Windows Failover Clustering and the clients. You can’t control WAN link. If matter appears on WAN link, DAG will fail.
Quote:Aren't there also limitations as to what can be configured when the roles are combined on one system?
You can install all roles on DAG server.
You should set dag2 server and FSW server on site2.
Quote: Our production MBX server is using 2008 R2 Enterprise, but the CAS & HT roles are using 2008 R2 Standard. Just the mailbox role needs to be Enterprise for the DAG implementation, correct?
Correct. I can offer detail reason.
DAGs are available in both Exchange 2010 Standard Edition and Exchange 2010 Enterprise Edition. In addition, a DAG can contain a mix of servers running Exchange 2010 Standard Edition and Exchange 2010 Enterprise Edition.
Each member of the DAG must also be running the same operating system. Exchange 2010 is supported on both the Windows Server 2008 and Windows Server 2008 R2 operating
systems. All members of a DAG must run either Windows Server 2008 or Windows Server 2008 R2. They can't contain a combination of both Windows Server 2008 and Windows Server 2008 R2.
In addition to meeting the prerequisites for installing Exchange 2010, there are operating system requirements that must be met.
DAGs use Windows Failover Clustering technology, and as a result, they require the Enterprise version of Windows.
Terence Yu
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
January 19th, 2012 4:59am
Matt suggested, and you agreed with, putting the FSW in the production location. Then in your last reply you say 'you should set dag2 server and FSW server on site2'. Those seem to be contradictory replies...?
How can I collect days worth of log file data for the mailbox calculator replication section if the logs are only ever about an hour old?
While the production site is down, users will be adding content to the database at the DR site. Once the production site is back online, how do we get the new content back to the active database in the production site?
January 19th, 2012 10:06am
For the 'fsw server on site2' were you referring to the alternate witness server?
I'm revisiting the HA documentation for the first time in 6 months, but it's a lot to digest. I see that once the production site is back online, it will attempt to update the copy in the production site. There seems to be a lot of manual intervention
in these steps, more than I'd like quite honestly. Changing IP's for namespaces so clients can connect, remapping PF db to the active mailbox db, and having to move the PAM to another server to perform maintenance on the original PAM server are the ones
I've documented so far.
What happens if we have a 2 member DAG in two sites, and we choose to perform maintenance on the primary member after hours? Must we move/activate roles and databases around just to do that? Or when the server comes back online will it automatically
What is the simplest configuration which requires minimal manual intervention for for both maintenance and site resilience? I'm not excited about having to run commands to change the configuration just because I need to take one of the servers offline for
maintenance, regardless of the role.
Free Windows Admin Tool Kit Click here and download it now
January 19th, 2012 3:23pm
For the 'fsw server on site2' were you referring to the alternate witness server?
I'm revisiting the HA documentation for the first time in 6 months, but it's a lot to digest. I see that once the production site is back online, it will attempt to update the copy in the production site. There seems to be a lot of manual intervention
in these steps, more than I'd like quite honestly. Changing IP's for namespaces so clients can connect, remapping PF db to the active mailbox db, and having to move the PAM to another server to perform maintenance on the original PAM server are the ones
I've documented so far.
What happens if we have a 2 member DAG in two sites, and we choose to perform maintenance on the primary member after hours? Must we move/activate roles and databases around just to do that? Or when the server comes back online will it automatically
What is the simplest configuration which requires minimal manual intervention for for both maintenance and site resilience? I'm not excited about having to run commands to change the configuration just because I need to take one of the servers offline for
maintenance, regardless of the role.
January 19th, 2012 3:23pm
For the 'fsw server on site2' were you referring to the alternate witness server?
I'm revisiting the HA documentation for the first time in 6 months, but it's a lot to digest. I see that once the production site is back online, it will attempt to update the copy in the production site. There seems to be a lot of manual intervention
in these steps, more than I'd like quite honestly. Changing IP's for namespaces so clients can connect, remapping PF db to the active mailbox db, and having to move the PAM to another server to perform maintenance on the original PAM server are the ones
I've documented so far.
What happens if we have a 2 member DAG in two sites, and we choose to perform maintenance on the primary member after hours? Must we move/activate roles and databases around just to do that? Or when the server comes back online will it automatically
What is the simplest configuration which requires minimal manual intervention for for both maintenance and site resilience? I'm not excited about having to run commands to change the configuration just because I need to take one of the servers offline for
maintenance, regardless of the role.
Free Windows Admin Tool Kit Click here and download it now
January 19th, 2012 3:25pm
Hi
1. When Exchange 2010 utilizes an even number of Nodes, it utilizes Node Majority with File Share Witness.
Maybe this case can help you understand it.
http://social.technet.microsoft.com/Forums/ar/exchange2010/thread/bc260c97-a5aa-484d-bc8a-e7660ef4554f
2. What happens if we have a 2 member DAG in two sites, and we choose to perform maintenance on the primary member after hours?
It is the same as 2 dag member in same site.
Must we move/activate roles and databases around just to do that?
You must move/activate roles and databases .
Terence Yu
TechNet Community Support
January 19th, 2012 9:12pm