question

UsamaARub-6946 avatar image
0 Votes"
UsamaARub-6946 asked UsamaARub-6946 commented

Setting up DAG for site-failover in Exchange Server 2016

I have to deploy a basic DAG for my Exchange Server 2016. I have prepared 2 mailbox servers (1 in primary site and 1 in colocation site) on Windows Server 2016 and 1 witness server.

Now i want that if my primary site goes down, my exchange server doesn't stop working.

My questions are:

  • For this purpose do i have to configure same internal urls in virtual directories for both sites? (We don't need external access so external url not required)

  • Do i have to setup 2 separate network cards for replication and MAPI with different subnets (as mentioned in some documents) and if yes, then why?

  • Any manual setting required in DNS ?


office-exchange-server-administrationoffice-exchange-server-connectivityoffice-exchange-server-deploymentoffice-exchange-server-ha
· 6
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @UsamaARub-6946

Do suggestions below help?

Some additional information for your reference as well:
Witness server placement considerations
203028-image.png
203029-image.png

And the introduction about Exchange DNS Round Robin Load Balancing
Also found another discussion here: DNS Round Robin - Outlook AD Site aware?


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


1 Vote 1 ·
image.png (16.7 KiB)
image.png (24.3 KiB)

Thankyou! Its a good resource and helped in understanding the load balancing using round robin part.

0 Votes 0 ·

Hi,

I am writing to see how everything is going on with this thread. If you still have further concern on this, please feel free to let us know.


If an Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.




0 Votes 0 ·
Show more comments
AndyDavid avatar image
1 Vote"
AndyDavid answered UsamaARub-6946 edited

With 2 servers and the file share witness in one of those data centers, you will have an outage if the primary goes down.
The only way to achieve high availibility is to have a 3rd data center with the File Share Witness located there.

Otherwise, you will be doing a data center switchover
Here is the doc for that:

https://docs.microsoft.com/en-us/exchange/high-availability/manage-ha/datacenter-switchovers?view=exchserver-2019

Its preferred to use the same internal URLs, yes.
You dont need to separate networks for MAPI and REPL. One is preferred:

https://techcommunity.microsoft.com/t5/exchange-team-blog/the-exchange-2016-preferred-architecture/ba-p/604024

If you are not using a load balancer, then you would need to remove the primary from the round robin DNS that points to the client access endpoints in the event the primary is down

I recommend at least 3 servers, not 2. Two in the primary, one in the backup data center

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@AndyDavid Thankyou!
Since we don't have a third site, so i think we will have to use the switchover method like you recommended.



If you are not using a load balancer, then you would need to remove the primary from the round robin DNS that points to the client access endpoints in the event the primary is down

I recommend at least 3 servers, not 2. Two in the primary, one in the backup data center

But i am unable to understand the above. Can you please elaborate? What advantage will we have by 2 servers in the primary? And how does load balancing help in failover/switching ?

0 Votes 0 ·

After i changed all my virtual directories for both servers to same urls, i created two certificates with same names on both servers aswell.

Everything seemed alright but when i started my outlook client, it gave an error about Proxy server's certificate. And after that prompted the error that my cerificate name does not match (it showed previous name that i changed).

The outlook web version was working fine.

0 Votes 0 ·

You need just one certificate if all the URLs are the same. You use that cert for all the servers

0 Votes 0 ·

I have configured DAG such that mb01 is my primary mailbox server mb02 is my secondary mailbox server
on colocation datacenter with a witness server at a 3rd location.

Have made copies of databases on each server.

Now when i try to access ecp of mb02, after user name and password it doesn't open web page.

Even when i tried opening it after i disabled the network card for mb01 (for testing), i am unable to open exchange control panel from mb02 server. Username and password page is prompted and after that This page can't be displayed error occurs.

2ndly, after my primary server is turned back on, will i have to manually make my primary database as active one?

Lastly, Outlook client (not web ) doesn't automatically connect to new database server. It keeps on trying to connect untill primary is back again.

0 Votes 0 ·
AndyDavid avatar image
1 Vote"
AndyDavid answered

If you only have one primary server, your org will be down if you ever need to perform any routine maintenance or upgrade on that server.

If you are using a true load balancer, then when a server is down, you wont have to manually make any changes. If you are using DNS , then you will have to remove the primary server from DNS so clients wont use it.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.