best high availability design for exchange 2016 · best high availability design for exchange 2016...

April 28th New-York City

Best High Availability Design for Exchange 2016

Prabhat Nigam – Golden Five LLC

CTO and Architect

4/28/2017 – New-York City

Blog: http://powertoe.wordpress.com/

Twitter: @toenuff

Tome Tanasovski PowerShell MVP

Blog: http://blog.reefsolutions.com

Twitter:@bserebin

Ben Serebin Exchange Junkie

Eric Fellen

Website: http://www.nyewin.org

Ken Reid

Website: http://www.nyewin.org

Thanks to our Organizers!

Blog: http://dsebban.wordpress.com

Twitter: @davidsebban

David Sebban Windows IT Pro MVP

http://powertoe.wordpress.com/

http://spoonfullofsharepoint.wordpress.com/

http://blog.reefsolutions.com/

http://www.nyewin.org/

http://www.nyewin.org/

http://dsebban.wordpress.com/


User Group Communities

NYC PowerShell User Group

• Meetings: Second Monday of the month, 6:00PM, Microsoft NYC Office

• Web: http://powershellgroup.org/nyc

• Meetings: Second Tuesday of the month, 5:45PM to 9PM, Microsoft NYC Office

• Web: www.nyexug.com

New York Exchange User Group (NYExUG)

• Meetings: First Thursday of the month, 6:00PM, Microsoft NYC Office

• Web: http://www.meetup.com/ddugny

Devices and Datacenter User Group New York (DDUGNY)

http://powershellgroup.org/nyc

http://www.nyexug.com/

http://www.meetup.com/ddugny


Event Sponsors


Event User Groups


Introduction

Prabhat Nigam3xMVP, Blogger, Speaker, Author, Father, Husband

CEO - LAEXUG Foundation

Blog: MSExchangeguru.com

Email: [email protected]

@PrabhatNigamXHG

Website: GoldenFiveConsulting.com


Agenda

• Exchange Fundamentals

• Disk Configuration

• Preferred Storage Design

• Preferred and Best Exchange 2016 Design


Ask Me and Get Some thing

Ask me a Great Question and win

$100 Gift card for Azure

Make sure to use it before 5/22/2017

Not for every one

Not for Organizer

Not for Speaker

Not for Microsoft and Golden Five Consulting Employees


Server Version Check

Who is on Exchange 2003?




Who is on Exchange 5.5?


Exchange 2016 Server Role Architecture

ADMBX

MBX

MBX

MBX

MBX

Image courtesy Microsoft


Exchange 2016 Design FundamentalsPlan with both Mailbox and Edge Transport

Calculator: Max 24 Processor Cores and 96 GB Memory

-Always use Exchange Calculator

-How to calculate the following:

1. Total Send/Receive Capability / Mailbox / Day

2. Average Message Size (KB)

A: Use Message Tracking data as explained here. http://bit.ly/2oKGKXy

-Processor calculation: Use this blog of mine http://msexchangeguru.com/2016/06/07/exch-proc-calc/

Jetstress – Always run.

Page File Size - Memory size + 10MB or 32,778 MB (which is 32GB + 10MB) for memory higher than 32GB.

Recommend to also use: WAN Simulator (WanEn) | Bandwidth & Site Resiliency Calculator

http://bit.ly/2oKGKXy

http://msexchangeguru.com/2016/06/07/exch-proc-calc/


Preferred Disk ConfigurationsJBOD disks for Mailbox and Transport Databases

Mirrored disks for OS and Exchange Binary

Use AutoReseed with JBOD

Disk Partition Style – GPT

Disk Allocation Unit Size – 64K

Disk Format - Simple Volume

ReFS for databases, logs and Transport database.

NTFS for OS and Exchange Binary drive.

Encrypted with BitLocker

Separate Transport Database Disk per server

Separate Recovery Database Disk in one of the servers per Datacenter.


Storage Design

2 Separate Storages in both Data Center

Separate Disk for every Database

All same speed and size disks for AutoReseed

No other application Sharing the Disk

2 or more Fiber connections to the server per storage

2 or more power connections per Storage


Design Mailbox Role


Preferred Design Exchange 2016 Mailbox Role4 nodes DAG Cluster with Exchange 2016 CU4 on Windows 2016 (no Antispam)

IP Less DAG - No administrative Access Point

3 AD Site Expanded DAG – 3rd AD site can be Azure

Even number of DAG Nodes and Database copies.

Single network for Replication and Client connection

Set email and mailbox retention as per company retention policy

2 Separate Storages in every Data Center

Separate Disk for every Database

Same Disk speed and size

Implement AutoReseed

No other application Share the Disk

Dual Powered and SCSI/Fiber connection


Database Availability Group Design

➢3 Data Centers – 2 ADSite Active/Active DAG

▪ 2 Datacenters for DAG Nodes - Internet facing▪ 1 Datacenter/Azure for File share witness - Non Internet facing

➢2 Load Balancer Per Datacenter

➢2 Edge Transport servers Per Datacenter

➢One member or Domain Controller server in the 3rd Data center for File share witness.


DAG Site Resiliency with 3 Sites

Los Angeles

DAG01MBX1 MBX2 MBX3 MBX4

witness

Automatic failover should occur in case we configure the datacenter in 3 AD Sites


Design Transport Service


Exchange 2016 Transport Design4 mx record – 2 mx record per data center

Transport SafetyNet understand AD Site boundary

Both DAG Datacenter should be in difference AD sites so that SafetyNet can keep Transport HA in 2nd Data Center.

Use 2 Edge Transport Servers or

2 Spam guard per Data Center

E2013 Transport Session in NJUCUG


Exchange 2016 Transport Design

4 MX records with same priority – 2 Per Datacenter pointing to Edge Transport Server

or

2 MX records with same priority – 1 Per DC pointing to Edge Transport Load Balancer VIP

- This means 4 Load Balancers in Each Datacenters, 2 External and 2 Internal.

Name Space Examplemail.GoldenFive.net 10.10.10.200Autodiscover mail.GoldenFive.net

MX 10 MX10.GoldenFive.net mail.GoldenFive.netmail.GoldenFive.net 100.100.100.200Autodiscover mail.GoldenFive.netMX 10 MX20.GoldenFive.net mail.GoldenFive.net

Use Edge Transport or Email Gateways


Exchange 2016 Edge Transport

2 Edge Transport Server per Datacenter

2 Public MX Record with same Priorities per DC

Use windows 2012 OS

Windows 2016 is not supported


Design Email Gateway

2 Email Gateways.

Mx record pointing to 2 separate email gateways with same priority as an Example Netmail and EOP.


Design Client Access Service


Client protocol architecture


Exchange 2016 Namespace Options

Namespace Planning for 2 AD sites

Bound – Useful when users are not connecting from internet

Autodiscover.GoldenFive.net

NYMail.GoldenFive.net

LAMail.GoldenFive.net

Unbound - Useful when users are connecting from internet

Autodiscover.GoldenFive.net

Mail.GoldenFive.net


Knowledge Check

What will happen if OWA virtual directory is not working but other virtual Directories are working in a Load Balancer setup?


Outlook Connection Protocol

RPC over HTTP is shutting down

Use Mapi over HTTP


Exchange Load BalancerExchange VIP - Layer 7 – No Session Affinity – Client can connect to Any of the node.

LB checks HealthCheck.htm for every protocol. MBX

OWA

ECP

EWS

EAS

OAB

MAPI

RPC

AutoD

Laye

r 7LB


OOS namespace planning and load balancingSeparate namespace for OOS per Datacenter

OOS will use bound namespace model

Even if Exchange configuration is unbound namespace

Or Namespace manipulation during datacenter activation is not required

Requires persistence at the load balancer

2 OOS Servers Per Datacenter

Create the Load Balancer VIP for OOS

Client should be able to connect to the old session.

DAG

OOS

oosla.GoldenFive.netoosny.goldenfive.net

OOS

autodiscover VIP

mail VIP

oosNY VIP

West East autodiscover VIP

mail VIP

oosLA VIP

mail.GoldenFive.net

oosny.GoldenFive.net


Use Geo DNS

Implement Geo distributed public DNS in case of a Bound name space implementation.

Geo distributed DNS will route the request based on source IP to either the location1 or location2 load balancer.

Geo dns solution also provide a monitoring solution which dynamically alter records when there is a failure. It means in case of an outage, Geo DNS will automatically update the URL to send user to the correct Data Center


Sonia(somewhere

in NY)

DAG

NY VIP1 NY VIP2

DAG

LA VIP1 LA VIP2

Ustin(somewherein LA)

na.GoldenFive.neteur.GoldenFive.net

Geo-distributed Namespace Example

DNS Resolution DNS Resolution

mail.GoldenFive.net


Other Design Requirement


Exchange 2016 BackupNo Backup Required if we are following the retention policy

If we are not following Retention Policy then

Full backup Friday

Incremental backup rest of the week

Backup should be kept in the 3rd location as per you Business Continuity Planning

If required use Microsoft DPM for the backup

If you are using 3rd party backup then verify 3rd party supports IP Less DAG

Backup Exchange Database and logs only

Use Exchange Native Data Protection


Active Directory

Active Directory should be Windows 2008 or above

Every AD Site should have at least 2 Domain Controllers

Every AD Site should have at least 2 GC/DC

Match the Domain Controllers number with Exchange Calculator

FFL/DFL should be windows 2008 or above


Exchange 2016 Virtual or Physical

The Calculation is for the Hardware

Hardware is recommended in case your design can consume all hardware

Virtualization is supported

Virtualize if your requirement can’t consume all hardware


Other information

• All slide decks will be posted on http://www.techstravaganza.com

• Grand Prize Raffle at 5:15pm

• Day is not ending in Microsoft Office. There is an after Party.

Join us for Cash Bar & Free Food @ Guys American @ 5:45pm

http://www.techstravaganza.com/


Connect For More✓ Twitter: @MSExchangeGuru

@PrabhatNigamXHG

✓ Facebook: Microsoft Exchange 2016 Group

✓ YouTube: MSExchangeGuru Channel

✓ LinkedIn: Microsoft Exchange Server

Microsoft Exchange Server 2013

Microsoft Exchange Server 2016

User Groups: LAEXUG

LACIUG

LAEXUG_ALL_IT


σας

ευχαριστώधन्यवाद

Merci mulțumesc

best high availability design for exchange 2016 · best high availability design for exchange 2016...

Documents