Understanding Edge Transport Servers in Exchange 2010 Hybrid Deployments
Applies to: Exchange Server 2010 SP3
Edge Transport servers in Exchange 2010 are deployed in your organization’s on-premises perimeter network. They’re non-domain-joined computers that handle Internet-facing mail flow and act as an SMTP relay and smart host for Exchange servers in your internal network. In hybrid deployments, you have the option of deploying Edge Transport servers running Service Pack 3 (SP3) for Exchange 2010 if you don’t want to expose internal Hub Transport servers directly to the Internet.
Learn more at: Overview of the Edge Transport Server Role
Exchange 2010 Edge Transport Servers
Messages routed between on-premises and Exchange Online organizations require that Exchange Online Protection (EOP), on behalf of Exchange Online, connects directly to on-premises Hub Transport or Edge Transport servers that run Exchange 2010 SP3. If you’ve deployed Exchange 2010 SP2 Edge Transport servers, you must upgrade the Edge Transport servers you want to use for hybrid transport to Exchange 2010 SP3. Only the Edge Transport servers that handle hybrid transport between the on-premises organization and Exchange Online need to be upgraded to Exchange 2010 SP3.
If you have other Edge Transport servers in other locations that won’t handle hybrid transport, they don’t need to be upgraded to Exchange 2010 SP3. If, in the future, you want EOP to connect to additional Edge Transport servers for hybrid transport, they must be upgraded to Exchange 2010 SP3.
Important
If you prefer to keep Exchange 2010 SP2 Edge Transport servers in your organization, make sure that EOP connects to an on-premises Exchange 2010 SP3 Hub Transport or Edge Transport server for hybrid transport. If EOP connects to a server running a version other than Exchange 2010 SP3, messages may not be handled correctly. For more information, see: Understanding Transport Options in Exchange 2010 Hybrid Deployments
Adding an Edge Transport Server to a Hybrid Deployment
Deploying an Edge Transport server in your on-premises organization when you configure a hybrid deployment is an optional step. During the initial run of the Manage Hybrid Configuration wizard, the wizard requires that you select one or more Hub Transport servers. However, after the initial run of the wizard, you can add an Edge Transport server to your organization, configure it, run the Manage Hybrid Configuration wizard again, and then manually update the on-premises Send connectors and Edge Transport Receive connector to add it to the hybrid deployment.
When you add an Edge Transport server to your hybrid deployment, it communicates with EOP on behalf of the internal Hub Transport servers. The Edge Transport server acts as a relay between the on-premises Hub Transport server and EOP. All connection security previously handled by the Hub Transport server is handled by the Edge Transport server. Recipient lookup, compliance policies, and other message inspection, continue to be done on the Hub Transport servers.
If you add an Edge Transport server to your hybrid deployment, you don’t need to route mail sent between on-premises users and Internet recipients through it. Only messages sent between the on-premises and Exchange Online organizations will be routed through the Edge Transport server.
Mail Flow without an Edge Transport Server
The following process and diagram describe the path messages take between an on-premises organization and Exchange Online when there is no Edge Transport server deployed:
Messages from the on-premises organization to recipients in the Exchange Online organization are sent from an Exchange 2010 Mailbox server to an Exchange 2010 Hub Transport server. In this example, the Mailbox and Hub Transport server roles are installed on the same Exchange 2010 server.
The Hub Transport server sends the message directly to the Exchange Online EOP company.
EOP delivers the message to the Exchange Online organization.
Messages sent from the Exchange Online organization to recipients in the on-premises organization follow the reverse route.
Mail flow in a hybrid deployment without an Edge Transport server deployed
Mail Flow with an Edge Transport Server
The following diagram shows the path messages take between an on-premises organization and Exchange Online when there is an Edge Transport server deployed. Messages from the on-premises organization to recipients in the Exchange Online organization are sent from the Exchange 2010 servers:
Messages from the on-premises organization to recipients in the Exchange Online organization are sent from an Exchange 2010 Mailbox server to an Exchange 2010 Hub Transport server. In this example, the Mailbox and Hub Transport server roles are installed on the same Exchange 2010 server.
The Exchange 2010 Hub Transport server sends the message to an Exchange 2010 Edge Transport server.
The Edge Transport server sends the message to the Exchange Online EOP company.
EOP delivers the message to the Exchange Online organization.
Messages sent from the Exchange Online organization to recipients in the on-premises organization follow the reverse route.
Mail flow in a hybrid deployment with an Edge Transport server deployed
© 2010 Microsoft Corporation. All rights reserved.