Exchange High Availability and Server Minimums
Reader wants to know how low he can reduce Exchange servers in his migration efforts, yet retain HA functions.
Question: Our organization has Exchange 2007 deployed. We have a high availability solution consisting of 4 Exchange 2007 servers -- two servers that have the Hub Transport and Client Access server roles installed and two servers that are acting as mailbox server cluster nodes in a continuous replication cluster (CCR) cluster. The Exchange 2007 servers on which the HT and CAS server roles are installed have been configured in a Windows NLB in order to load balance and provide automatic failover for incoming client and SMTP connections. This solution works very well, but now we want to move to the latest Exchange server version. Not only are there several new features we want to utilize, but we have also heard that we can reduce the number of Exchange servers to two without losing the HA functionality we have now.
Are there special considerations we need to be aware of before moving to an Exchange 2010 HA solution consisting of just two servers?
Answer: Yes. To build a highly available Exchange 2007 messaging solution with automatic failover and without any single points of failure at either the hardware or storage level, you needed a total of four machines: two servers with the Exchange 2007 Client Access and Hub Transport server roles installed and two acting as cluster nodes in a cluster continuous replication-based cluster (CCR).
The Hub Transport has built-in load balancing and fail-over for intra-site communication, and you could make it redundant using DNS round-robin mechanisms. But since the CAS role doesn’t include any load-balancing functionality, you typically also had to configure these two machines as nodes in a Windows network load balancing (WNLB) cluster in order to provide load balancing and automatic fail-over for incoming connections from clients and servers on the Internet and other external networks.
The two machines acting as cluster nodes in the CCR cluster would have the active and passive Mailbox server roles installed respectively, so that the clustered mailbox server (CMS) could switchover or failover to either node. Finally, you would dedicate one of the front-end servers as the file-share witness (third vote) in the CCR cluster.
As you probably know CCR (and SCC, LCR and SCR for that matter) has been cut from Exchange 2010. Instead, Exchange 2010 introduces a new feature called Database Availability Groups (DAGs). This feature uses the same synchronization technology as CCR and SCR combined, but it has so many new features and so much more functionality that it is significantly better than CCR and SCR. An interesting aspect of Exchange 2010 is that it’s supported to have other Exchange 2010 roles (Hub Transport, Client Access and even Unified Messaging) installed on the same server on which you have a Mailbox server role that has been added to a DAG. This means you no longer need to dedicate two machines as front-end servers for the Hub Transport and Client Access Server roles. You simply install all required Exchange 2010 roles on the two machines and voilà, you have a fully redundant Exchange 2010-based messaging solution. Well, almost. Yes, it did sound too good to be true, didn’t it?
You see, since DAGs make use of the Windows Failover Clustering (WFC) component to an extent (primarily heartbeat and the cluster database), you can’t configure the two servers as nodes in a Windows NLB since it’s unsupported to use both WFC and WNLB on the same server. This has been unsupported since Windows NT 4.0 and is due to potential hardware sharing conflicts between the Cluster service and WNLB. Read more in KB article: http://support.microsoft.com/default.aspx?kbid=235305.
This means that you must use an external load balancing/fail-over device such as a hardware-based load balancer. Also note this balancer should be redundant, so you need a minimum of two devices.
Though you still make use of WFC and though DAG is an Enterprise Edition feature, you don’t actually need the Exchange 2010 Enterprise Edition to utilize DAG. Unlike with Exchange 2007 CCR, DAG is also included with the standard edition of Exchange 2010. But bear in mind that you are limited to a total of five databases (including active and passive database copies) in this scenario.
Since you install the CAS and HT roles on the same machine that has the Mailbox server role and is a DAG member server, you can spare two machines and two Windows 2008 and Exchange 2010 standard edition licenses. If you don’t already have an external load balancer in your environment, you can either use a virtual load balancer appliance or buy a hardware-based load balancer. Of course, you need a server that acts as the witness server as well, but although it’s a best-practice recommendation, this doesn’t necessarily need to be an Exchange server. It could be any Windows 2003/2008 file server in your environment.
[Editor's Note: This article originally appeared in TechNet Magazine.]
Henrik Walther is a Microsoft Certified Master: Exchange 2007 and Exchange MVP with more than 15 years of experience in the IT business. He works as a technology architect for Trifork Infrastructure Consulting (a Microsoft Gold Certified Partner based in Denmark) and as a technical writer for Biblioso Corp. (a U.S.-based company that specializes in managed documentation and localization services).