49
Exchange Server 2010 High Availability Deep Dive
UCC402Exchange Server 2010High Availability Deep DiveScott SchnollPrincipal Technical WriterMicrosoft CorporationAgendaExchange Server 2010 High Availability Deep DiveDatabase Availability Group NetworksActive ManagerBest Copy SelectionDatacenter Activation Coordination Mode3Exchange Server 2010 High AvailabilityDeep Dive: Database Availability Group NetworksDAG NetworksA DAG network is a logical collection of one or more subnetsThere are two types of DAG networksMAPI Network - connects DAG members to network resources (Active Directory, other Exchange servers, DNS, etc.)Registered in DNS / DNS configuredUses default gatewayClient for Microsoft Networks/File and Print Sharing enabledReplication Network - used for/by continuous replication (log shipping and seeding)Not registered in DNS / DNS not configuredNo default gatewayClient for Microsoft Networks/File and Print Sharing disabledReplication networks typically do not have default gateways, and if the MAPI network has a default gateway, then no other networks should have default gateways. Routing of network traffic on a Replication network can be configured by using persistent, static routes to the corresponding network on other DAG members using gateway addresses that have the ability to route between the Replication networks. All other traffic not matching this route will be handled by the default gateway that's configured on the adapter for the MAPI network.5DAG NetworksAll DAGs must have:Exactly one MAPI networkZero or more Replication networksSeparate network(s) on separate subnet(s)LRU determines which replication network is used with multiple replication networksDAG networks automatically created when Mailbox server is added to DAGBased on clusters enumeration of networks, which uses subnetsOne cluster network is created per subnetDAG NetworksMaximum round trip return latency between all DAG members must be 500 ms or lessRegardless of network latency, validate that the network between all DAG members is capable of satisfying your data protection and availability goalsMay need to increase the number of databases or decreasing the number of mailboxes per database to achieve goalsDAG NetworksServer / Network IP Address / Subnet BitsDefault GatewayEX1 MAPI192.168.0.15/24192.168.0.1EX1 REPLICATION10.0.0.15/24N / AEX2 MAPI192.168.0.16/24192.168.0.1EX2 REPLICATION10.0.0.16/24N / ANameSubnet(s)Interface(s)MAPI Access EnabledReplication EnabledDAGNetwork01192.168.0.0/24EX1 (192.168.0.15)EX2 (192.168.0.16)TrueTrueDAGNetwork0210.0.0.0/24EX1 (10.0.0.15)EX2 (10.0.0.16)FalseTrueDAG NetworksNameSubnet(s)Interface(s)MAPI Access EnabledReplication EnabledDAGNetwork01192.168.0.0/24EX1 (192.168.0.15)TrueTrueDAGNetwork0210.0.0.0/24EX1 (10.0.0.15)FalseTrueDAGNetwork03192.168.1.0/24EX2 (192.168.1.15)TrueTrueDAGNetwork0410.0.1.0/24EX2 (10.0.1.15)FalseTrueServer / Network IP Address / Subnet BitsDefault GatewayEX1 MAPI192.168.0.15/24192.168.0.1EX1 REPLICATION10.0.0.15/24N / AEX2 MAPI192.168.1.15/24192.168.1.1EX2 REPLICATION10.0.1.15/24N / ADAG NetworksCollapse DAG networks and disable replication on MAPI network:NameSubnet(s)Interface(s)MAPI Access EnabledReplication EnabledDAGNetwork01192.168.0.0/24EX1 (192.168.0.15)TrueTrueDAGNetwork0210.0.0.0/24EX1 (10.0.0.15)FalseTrueDAGNetwork03192.168.1.0/24EX2 (192.168.1.15)TrueTrueDAGNetwork0410.0.1.0/24EX2 (10.0.1.15)FalseTrueSet-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork01 -Subnets 192.168.0.0,192.168.1.0 -ReplicationEnabled:$false
Set-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork02 -Subnets 10.0.0.0,10.0.1.0
Remove-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork03
Remove-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork04DAG NetworksCollapse DAG networks and disable replication on MAPI network:NameSubnet(s)Interface(s)MAPI Access EnabledReplication EnabledDAGNetwork01192.168.0.0/24192.168.1.0/24EX1 (192.168.0.15)EX2 (192.168.1.15)TrueFalseDAGNetwork0210.0.0.0/2410.0.1.0/24EX1 (10.0.0.15)EX2 (10.0.1.15)FalseTrueSet-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork01 -Subnets 192.168.0.0,192.168.1.0 -ReplicationEnabled:$false
Set-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork02 -Subnets 10.0.0.0,10.0.1.0
Remove-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork03
Remove-DatabaseAvailabilityGroupNetwork -Identity DAG2\DAGNetwork04DAG NetworksAll DAGs extended to multiple datacenters should have hotfix from KB 2550886 installedAutomatic detection occurs when members added to DAGIf NICs are added after server is member of DAG, you must perform discoverySet-DatabaseAvailabilityGroup -DiscoverNetworksDAG network configuration persisted in cluster databaseHKLM\Cluster\Exchange\DAG NetworkDAGs include built-in encryption and compressionEncryption: Kerberos SSP EncryptMessage/DecryptMessage APIsCompression: Microsoft XPRESS, based on LZ77 algorithmMSIT sees 30% compression, but percentage will vary based on message profileDAGs use a single TCP port for replication and seedingDefault is TCP port 64327If you change the port and you use Windows Firewall, you must manually change firewall rulesAlso recommend hotfix from http://support.microsoft.com/kb/2469100, especially when using static routes
12DAG NetworksWhen using a single NICIt is both the MAPI and the Replication networkEnableReplication is $TrueWhen using multiple NICsOne NIC is the MAPI networkEnableReplication is $FalseOther NIC(s) are Replication network(s)Replication uses LRU to pick Replication network to useIf Replication networks are unavailable, MAPI network is used
If system fails over to the MAPI network for replication (presumably because all Replication networks are down or unavailable), it will stay on MAPI network until that network fails, or until continuous replication is suspended and then resumed.13DAG NetworksUse netsh, router ACLs or other means to block cross-network trafficBlockedAllowedSubnet 3Subnet 4Subnet 2Subnet 1MMMMRRRR14DAG NetworksIf using iSCSI storage, configure DAG and cluster to ignore iSCSI networksSet-DatabaseAvailabilityGroupNetwork -Identity -ReplicationEnabled:$false -IgnoreNetwork:$true15DAG NetworksWhen a DAG spans multiple subnets you need an IP address on the MAPI network for each subnetUse DHCP in site resilience configurations to assign IP addresses to Replication networkEnables delivery of the typically required static routesIf using static IP addresses, use netsh to configure static routesConfigure a DNS TTL on namespace records consistent with your SLAFor example, use a TTL of 5 minutes for a 60 minute RTO SLATech Ed North America 201011/10/2011 12:45 AM 2010 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
16Exchange Server 2010 High AvailabilityDeep Dive: Active ManagerActive ManagerWhat are the three Active Manager roles?StandalonePAM (Primary Active Manager)SAM (Standby Active Manager)Transition of role state logged into Microsoft-Exchange-HighAvailability/Operational event log (Crimson Channel)
18Active Manager FunctionalityMount and Dismount DatabasesProvide Database Availability InformationProvide Interface for Administrative TasksMonitor for and React to FailuresMaintains Database and Server State InformationMount / Dismount Database CopyMount DatabaseAn administrator action invoked through a taskThe last part of a move operation
Dismount DatabaseAn administrator action invoked through a taskThe first part of a move operationAuto Dismount DAG MemberOccurs when a DAG loses quorum
All DAG members are running (but may not be participating in the cluster)
Databases dismounted as quickly as possible to avoid split-brainInformation Store service is terminatedActive Manager Move DatabaseMove DatabaseAn administrator action invoked by a taskAutomatic operation initiated by the PAM (failover)
Begins with a Dismount operation and ends with a Mount operationExchange Server 2010 High AvailabilityDeep Dive: Best Copy SelectionBest Copy SelectionActive Manager selects the best copy to become the new active copy when the existing active copy fails, or when an administrator performs a target-less switchoverBCS is the process of finding the best copy of an individual database to activate, given a list potential copies for activation and their statusDuring BCS, any servers that are unreachable or activation blocked are ignoredBest Copy Selection RTMSorts copies by copy queue length to minimize data loss, using activation preference as a secondary sorting key if necessarySelects from sorted listed based on which set of criteria met by each copyAttempt Copy Last Logs (ACLL) runs and attempts to copy missing log files from previous active copy25Best Copy Selection SP1Sorts copies by activation preference when auto database mount dial is set to LosslessOtherwise, sorts copies based on copy queue length, with activation preference used a secondary sorting key if necessarySelects from sorted listed based on which set of criteria met by each copyAttempt Copy Last Logs (ACLL) runs and attempts to copy missing log files from previous active copyThis was checked into build 213.26Best Copy SelectionIs database mountable?Is copy queue length
