What to Use Instead a Hardware-based Load Balancer for an Exchange 2010 CAS Array

Status
Not open for further replies.
S

stamac

Hi everyone,

I've followed the suggestions and recommendation from Microsoft regarding the implementation of a cluster, specifically a DAG for my Exchange 2010 servers, but I got stuck when figuring out what other alternatives might have to avoid or find another type of load balancer. I researched the LoadMaster 2200 from Kemp Technologies, but I cannot afford it. I need help in finding a workaround for this, if it is possible a solution to skip it because of financial constraints.

Please be specific with concrete solutions or reliable sources, I'd appreciate it. Thank you very much.

David Santamaria - IT Support Engineer

 
S

Steve Goodman

Hiya,

If your client access servers are seperate from the DAG cluster, you can use MS NLB.

If they aren't, then don't foret that Kemp Technologies also do the cheaper LB Virtual Applicances with an identical feature set.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

This is what I'm gonna have physically speaking: 1 Server as DC, 2 Servers with Exchange 2010 (in the DAG with all the roles), and 1 Server as Member Server to keep the quorum or as Witness Disk. I cannot afford anymore. I'm gonna be fired! Please let me know if there's something more cost-effective. If there's any recommendations for the whole solution, please let me know, I need help! Thank you.
 
T

TWHarrington

You only supported options are Windows NLB or hardware LB. Based on your configuration, you will have to use a Hardware LB since you can't mix Windows NLB with DAGs (Windows Failover clustering). So you either have to use a actual hardware appliance or a virtual hardware load balancer. I think you can get the Citrix virtual HLB for free, but it has limited concurrent connectivity. Not sure how bog your environment is. Here is the certified list:

http://technet.microsoft.com/en-us/office/ocs/cc843611.aspx

 
S

Steve Goodman

Hi David,

As you've only got one DC there's already a weak point in the design as if you lose this vital piece of hardware, your whole Exchange infrastructure will be down...

Without knowing the exact specs of the DC and FWS servers, I wonder if you have enough memory/CPU in the existing spec (probably around 16GB) and run Hyper-V on both; to allow you to run two virtual DCs and two CAS servers (one running FWS) with NLB.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Otherwise I had to purchase another box (server) for the CAS Array? Am I right? How many boxes would I need to avoid a hardware-based load balancer and implement the Windows NLB? What minimal type of Windows Server 2008 license, etc.? The environment is pretty simple, and we wish to have (for the present) a high-availabilty solution, that's why my doubts, especially with Exchange 2010's HW requirements. As I mentioned earlier, the solution is composed by 1 server as a main DC, 2 servers with Exchange 2010 (this is all what we can afford now, they were worth about $25K with everything!), 1 server to keep the quorum, but doubts arose around the load balancer and now that you mention the CAS Array... These guys are really scared about having to purchase more expensive equipment. Any other recommendations from this scenario that helps me to present a better, cost-effective proposal? Thank you.

 
S

Steve Goodman

If you have no more money to spend, and the hardware won't support virtualization (or you don't want the added complexity), you could dispense with the hardware load balancer, and use DNS to do " medium" availablity instead of high availablity.

You could either consider DNS round robin for the Client Access Array name with a low TTL (like, 5 mins) pointing at the CAS roles on either DAG member, and remove the bad IP manually from DNS if there is a failure - or if your design allows, set the IP of the Client access array name to just one of the servers (again with a low TTL) and switch the IP manually on failure. It's not perfect but would help you achieve your aims.

Thus you retain a simple setup, and you can also consider using your File Witness Server as a secondary Domain Controller and DNS server. The second DC (with global catalog, don't forget that!) will help ensure your other biggest single point of failure, AD, isn't an issue.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Thank you Steve,

One of the limitations I've found is that my boss doesn't want to virtualize anything, I ran tests with three servers with just three servers: 1 DC, two Exchange servers as Member servers. The AD replicates to all of them, although I know the high-availability it's not fulfilled 100% when I unplugged one box, the cluster was still up and running, the issue was when two boxes were unplugged, the quorum broke and thus the cluster went down. So, I've planned to add a fourth box as FSW to handle the heartbeats and keep the quorum up, but I've got stuck with the CAS array (another box!) and the load balancer... I really need to play at least with only 4 boxes for now, for the present. I need that he sees that the cluster or DAG doesn't go down with this scenario. For the future I think it's gonna be probable to purchase more servers and equipment because the needs will arise, I know, but now it's really impossible. Please give me an outline where I can host the different roles or services in order to have at least a minimum high-availability, with and without a load balancer. I'd appreciate it.

Thank you very much and have a great day.

 
S

Steve Goodman

Hiya,

Hopefully I can answer some of the questions.

1) If you only have one DC, it won't replicate anywhere. You say it is replicating, did you install the Active Directory Domain Services Role, then run dcpromo on each of those Exchange servers? If not, then it is not replicating and you must consider having a second.

2) You can run the FSW on a DC. If you have 2 machines as DCs, one of those can be a FSW.

3) The CAS array isn't " another box" . Client Access Array is supposed to be a number of machines. I think based on what you've said so far, you should run CAS, HT and MB on each of your DAG nodes. Set up a CAS array name (and configure it's name on each DB as the RPCClientAccessServer) and set the DNS name to use two IPs (google DNS round robin) with a 5 minute TTL. If one combined DAG/Client access array node goes down, you must then go onto a DC, open up DNS and remove the IP from the DNS round robin entry for your client access array. Alternatively skip DNS round robin and have 1 IP for the Client Access Array name and change the IP on failure.

4) Plan for a HW load balancer in the future to automate/distribute load so you don't have to manually change IPs on failure.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Hi Steve,

Almost the thing. " Officially" I have one dedicated DC, but all the other boxes, including the Exchange boxes, I made them Member Servers with DNS & GC checked, and they replicate very well, all of them keep an updated AD database, I joined two computers, first having the " main DC" up, and the other having it down, and everything worked fine. Where I've been slipping is how many more boxes I need? Avoid at this time the HW-based load balancer, and from there keeping at a minimum a good availability, saving in purchasing more servers and licenses. I need to submit that " working, functional" proposal to my boss, and I cannot formulate it because I feel that something is always missing. Please better explain me that manually change IPs on failure... Where's that at? As I told you before, we need to add the minmum to this platform at this moment because of financial constraints, and I need to present the most simplistic, cost-effective, but functional solution for now. I'll post all those considerations and recommendations that you mentioned, I really liked them. You rock! If there are other recommendations, these are welcomed. You rock! Thank you...

 
S

Steve Goodman

Hi David,

I appreciate your constraints - it sounds like you are in a less than ideal situation. So.. All four servers are domain controllers, with DNS and running global catalog instances. For the two DAG nodes, make sure you at least read this . You'll also need to consider that the Exchange Trusted Subsystem group will be an Admin on these machines, which in a larger environment might be a bit of a security risk.

I've not personally run DCs on DAG nodes (or cluster nodes) but I can't find anything that says it isn't supported - just not recommended. If this is something you are happy with, though.. It might give you some more options. I'm thinking perhaps 2 x nodes (the first DC & FSW) as Client access servers running NLB/CAS array/one FSW, and the two DAG nodes as Mailbox (obviously), Hub Transport and DCs/DNS. It's not a setup I would be happy with.. But if you are going to run DCs on the DAG nodes anyway it might be worth considering. I would prefer it to running combined CAS/DCs with NLB. However it realyl depends on your servers.. Especially the DC and FSW boxes you've got. I've assumed so far the spec is pretty low.

So just to get a better idea of whether it's worth considering..

1) What are the specs of the 2 boxes running DC/FSW?

2) What are the specs of your DAG nodes?

3) Do you already have Exchange installed/running on the DAG nodes? (As you'd need to uninstall Exchange completely to demote them)

Going back to the suggestion above, though.

If you used DNS to control the " switchover" between two Exchange servers running CAS/HT and MBX w/ DAG, you would do the following:

1) Create a new Client Access Array with a name you want to use for outlook clients to connect to. Eg. outlook.company.com.

2) Create a DNS entry on one of the servers as an A record with the name " outlook.company.com" with an IP address of one of the nodes. Set the TTL to 5 mins.

3) On the mailboxes databases, Set the RPCClientAccessServer to outlook.company.com.

4) If the DAG node with the IP set in 2) goes down or you plan to perform maintenance on it, you need to login to a domain controller, open up DNS, open the " outlook.company.com" record and change the IP over to the other DAG node.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Hi Steve,

I appreciate your assistance. I really wish to have all of these in most separate way I can, but have some limitations. I've thought having this: 1 Box (DC with AD, DNS, DHCP, Exchange Trusted Subsystem group, Failover Clustering & NLB), 1 Box (Member server with replicated AD, DNS, GC, CAS array, FSW to keep the quorum up), 2 Boxes (Member servers with Exchange 2010 with all the roles, nodes in the DAG). Where can I put the CAS array? What are your suggestions for this distribution of roles? Should I better reaccomodate the roles for better functionality or any other parameter?

The DC and FSW member servers are Dell PowerEdge 2850 with full capacity in RAM, RAID5 with six disks of 750GB each, as far I remember. The Exchange servers are Dell PowerEdge R710 with full capacity in RAM, RAID5, newer and more powerful than the previous ones, they were purchased with Windows Server 2008 R2 x64, really expensive. That's why when I say about getting more, they get scared. I'd like the way to justify the HW-based load balancer as a separate, possible choice.
 
Last edited by a moderator:
S

Steve Goodman

What do you mean by RAM at full capacity? I am sure the R710 supports 96GB or higher, for example. Are you sure the older boxes are 2850s, and how much RAM do they have? I believe they are fairly old - I can't remember if they even support x64 CPUs?

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

I had to check this specs later because I don't have the boxes handy. Please read again the previous message that I added a new link about a comment about the roles' allocation. Steve, where or what do you suggest me to know about deeply on hardware infrastructure necessary for these implementations? I never heard about any " special" , " critical" requirements for all of this in my Microsoft Certification classes.

Thank you and have a good day.

 
S

Steve Goodman

Hiya,

Check out these links for more info about hardware specs:

http://technet.microsoft.com/en-us/library/aa996719.aspx
http://technet.microsoft.com/en-us/library/dd346699.aspx

http://technet.microsoft.com/en-us/library/dd346700.aspx
http://technet.microsoft.com/en-us/library/dd346701.aspx


What I'm really asking is do the two older boxes, originally planned as a DC and FSW, have around 8GB RAM and at least 2 processor cores - to support running CAS roles. As we're looking at the hardware anyway, it might also be worth at least checking the new R710s have the minimum to support the Mailbox roles you want to run.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Hi Steve,

Yes, they have. I don't have the current specs handy, the last ones have 8-core processor x2. I'm gonna read what you sent me, but what do you think about the distribution of roles I mentioned you before? I need to play with that only, and start running tests, write the installation procedures, and after the approval proceed to deploy for production. Remember, my boss doesn't want virtualization, so I need to better accomodate the roles in the boxes to offer the best (for the moment) availability, obviously not the optimal one. Please mention the amount of licenses and types needed for each case or box. You know, I'm just a support guy, with networking and structured cabling knowledge, I know a lot about computers and servers infrastructure, but about platform architecture? What a mess! Just the basics and this DAG and Failover Clustering stuff have scared off my sleep indeed!

I appreciate your assistance, it's been very valuable. It was really hard to find somebody who could express this real clear and understandable. If I were able, would put you two more medals as MVP... You rock!

Have a great day, thank you and blessings. Best regards,

 
S

Steve Goodman

Hi David,

I think it might be best to try and keep your setup real simple then. The R710 Dell boxes are very capable and hopefully will have a decent amount of RAM - 8-16GB. I'm guessing that you have a fairly small environment at the moment so again, I am not going to worry you about disk sizing. Once you ahve a little more knowledge, it may be something you can revisit. The R710 can take a PERC Add-In card and an external array, so you could feasibly expand your disk count later on.

But anyway.. I think your suggestions are good but there is some misunderstanding with a few of the roles for Exchange. I definately think that because we don't have knowledge of the older server specs we need to discard the idea of running Exchange on them, and instead use those two as your resiliant domain/dns infrastructure. The file witness share is literally just a network share so it's not something you need to think too much about. Then your brand new R710s could run Exchange with the typical roles. I thought you'd said you had already set them up as Domain Controllers and put Exhange on them, but from what you've said since I gather you haven't done that and they are just member servers.

So to re-iterate - think about the following:

Start off by using DNS as a manual " switch" for the Client Access Array. From what you've said so far the round robin suggestion may add complexity you don't need, so it might make sense to just have 1 server used until you need to switch. This does involve manually switching when there is a dead server - but the point is it will be predicatable for you and helps build the case for a hardware load balancer in the future. The DAG means that if one of the R710s sets on fire (assuming not in the same rack, LOL) you can get the databases online immediately and clients back connected within the hour, instead of maybe days (if you had no DAG).

1) Your two Poweredge 2850s - run Win Server with Active Directory (+ Global Catalog & DNS) so you have more than one domain controller, and you don't need to run AD on an Exchange server. You mentioned running DHCP on these also - if so think about running it on both (google DHCP 80/20 rule). Don't forget all clients/servers really need both IPs of these servers in their DNS server list if you have no other DNS servers on the network.

2) Two two Poweredge R710s - run Win Server 2008 Ent with Exchange 2010 SP1 both running Client Access, Hub Transport and Mailbox roles.Consider having dedicated disks for OS, Logs and DB. Really you would use the sizing calculator to size Logs/DB but log disk size will depend on how often you backup, and how much data changes in between backups. If (for example) you have 8x450GB disks and backup daily, you may want to consider using 2x450GB Raid 1 for OS, 2x450GB Raid 1 for Logs and 4x450GB RAID 5 for DB just to keep things really simple.

After installation run the Best Practises Analyser for Exchange (in the Exchange Management Tools) and look for and correct any issues. After that, the first thing you may want to do is move the database path of the default databases so your Logs are on the log drive, and DB is on the DB drive. You can do the same on both servers, and each default database has a different name that you can change to something that makes sense. Next, you can setup your DAG (picking one of those 2950s as FSW) and add database copies.

For setup of the client access array - remember you are making a " logical" name, not installing an actual server role. Once you create that you'd make this DNS name as described above and set the IP as just one of these servers with the intention of switching that IP if there is a failure. Then you setup the databases to have this (set-mailboxdatabase " name" -rpcclientaccessserver yourcasarray.domain.com).

The above should deal with that part of the setup. You also need to consider what you will do for external and internal OWA access (same name as your " client access array), ActiveSync, Inbound/Outbound mail, certificates and how you will backup the whole lot. As you say you haven't got much experience with all this a good start may be an MS Press book - the Exchange 2010 Best Practises book comes to mind.

Thanks for the kind comments by the way. Let me know if there is anything else.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
S

stamac

Hi Steve,

Sorry for the delay and interruption time. In summary, as far as I understood, I'd use one old server as DC with one WS2K8 STD license; the two new servers with WS2K8R2 licenses, for Exchange with Exchange Server 2010 Enterprise licenses each, and another old server as FSW with one WS2K8 STD license, where I'd put the witness DB to keep the quorum. Is that right? I mean two WS2K8 STD licenses, two WS2K8R2 licenses, and two Exchange Server 2010 Enterprise licenses. That would be right for a decent start?

Thank you and have a great day.

 
S

Steve Goodman

Hiya,

The two WS2k8 Standard Licences will be fine for the two DCs/FSW. WS2K8R2 Ent is also the correct license for the DAG nodes.

You only need Exchange Enterprise licenses if you plan to have more than 5 database copies on each server, otherwise Exchange standard licenses will be fine. That means if you have four databases copied to both servers, i.e. 2 active on each, you will be fine with Exchange standard licenses. The number of databases you will need (simply put) primarily depends on the number of users and their mailbox quotas, along with how quickly you need to restore (or re-seed) a single database if you lose one or both copies.

Steve

Steve Goodman
Check out my Blog for more Exchange info or find me on Twitter
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
H Upon opening Outlook, make my popmail inbox open instead of outlook.com inbox Using Outlook 1
A Sending contact vcards sends older version instead of updated version Using Outlook 4
S Change VBA script to send HTML email instead of text Outlook VBA and Custom Forms 3
V Emails going into Drafts instead of Sent folder Using Outlook 3
I How to display sender's name instead of email address in outlook 2013 message Using Outlook 5
G How to have domain client use owa server instead of exchange server while connect to network Using Outlook 1
N open the hyperlink in Outlook directly instead of browser Using Outlook 1
Diane Poremsky The custom form cannot be opened. Outlook will use an Outlook form instead. New Slipstick.com Articles 0
R can I transfer outlook data from old pc by using .ost file instead of the .pst Using Outlook 5
S Create task with email URL instead of attachment Outlook VBA and Custom Forms 4
R Outlook 2010 Send from other email address uses account address instead Using Outlook 1
C How to "host" the outlook calendar from .pst instead of Exchange Server Using Outlook 1
K Office 365 - Contacts Sort First, Last instead of Last, First. How to Reset? Using Outlook 4
Z Making Outlook Default folders to local/personal instead of Hotmail Using Outlook 8
E vCalendar Meeting Requests sending updates instead of sending new invitation Using Outlook 24
D Line through message instead of sending to Delete folder??? Using Outlook 3
T Header instead of just a signature for a disclaimer Using Outlook 1
P Outlook send invitation in rtf-format instead of html-format Using Outlook 20
R When attaching XLS file to email, it switches to Excel (if already opened) instead of attaching the file Using Outlook 2
B want to change the calendar format so that it goes from left to right Sunday - Saturday instead of monday - sunday Using Outlook 2
L When I click on links within Outlook they always go to my website's homepage instead of going to the correct url. Using Outlook 2
D My attachments are being open in windows media player instead of pdf Using Outlook 1
P Outlook 2007 prompting for credentials using 'OUTLOOK\' as the domain instead of ours Exchange Server Administration 0
B Outlook 2010 popup "A custom form can not be opened. Outlook will use an Outlook form instead. The Using Outlook 2
H " Instead of Email Recipient Names in Outlook 2003 Using Outlook 5
I Outlook 2007 showing 2 e-mail addresses instead of 1 when sending e-mail to recipients using Outlook 2007. Using Outlook 2
D Outlook 2010 printing a column per page instead of the month Using Outlook 1
G Outlook 2003 displaying x400 instead of E-mail address when viewing Exchange 2010 GAL Exchange Server Administration 6
B Outlook for Mac 2011 filters messages to 'Deleted Items' instead of to IMAP folder. Using Outlook 1
E Exchange 2010 SP1 Internet calendar generated links are http instead of https Exchange Server Administration 1
O Emails crossed-off instead of deleted. Using Outlook 1
C ICal.ics files creating new calendar instead of opening into current calendar. Using Outlook 3
O Outlook 2007: Emails that have .gifs are displaying as hyperlinks instead of images. Using Outlook 3
K Messages not sending from outbox and show 'none' instead of date - Outlook 2003 Using Outlook 4
S For forwarding emails, HTML special character codes displaying code instead of character Using Outlook 1
P Room button in Outlook 2007 / 2010 shows GAL instead of All Rooms addresslist Using Outlook 8
M News button suddenly opens Windows folder instead of Outlook Express Using Outlook 3
D While editing text, already typed text disappears instead of moving ahead to allow for the new text. Using Outlook 2
A messages in plain text instead of html Using Outlook 1
H Address card shows full name instead of file as Using Outlook 11
C Scheduled meeting delivers an email instead of a meeting notice. Using Outlook 2
T Why does my hotmail open up microsoft office outlook instead of windows live hotmail Using Outlook 2
A Synchronising with ISP instead of deleting downloaded emails Using Outlook 3
R I cannot click a http: link in an Outlook 2003 email and have it go to the link. Instead of opening Using Outlook 1
L Problem with the SENT ITEMS list. Displays name of sender instead of recipient. Using Outlook 1
S All-day event assigns appointment time of 12:00 am instead of a "banner". Using Outlook 2
T Selected Microsoft Exchange instead of POP3, how do I change it? Using Outlook 1
F OR instead of AND in a Rule and Vice Versa Using Outlook 2
A How to see email address instead of name Using Outlook 1
S Suggestion: Email recipients (To, Cc, Bcc) at bottom instead of the top of composition frame Using Outlook 1
Similar threads


















































Top