pham0329 wrote: » So if we don't have a software/hardware load balancing solution, if Server1 goes down, how do I manually redirect clients to Server2?
Gomjaba wrote: » Changing the DNS record of the FQDN used on the CAS server. Depending on the TTL this will obviously take a while to propergate. There is simply no easy way if both server have all roles installed. If you do need every role to be fault tolerant you will need either more server or indeed hardware loadbalancer - no way around that .. Essentially it depends how much downtime you are allowed to suffer ...
So now that we rely even more on the Client Access Servers within an Exchange 2010 infrastructure, clients need to be able to quickly re-connect to another CAS server in case the one they are connected to is down for planned or unplanned reasons. Say hi to the new Client Access array feature in Exchange 2010. A Client Access array is, as the name implies, an array of CAS servers. More specifically, it is an array consisting of all the CAS servers in the Active Directory site where the array is created. So instead of connecting to a FQDN of a CAS server, an Outlook client can connect to the FQDN of the CAS array (such as outlook.domain.com). This makes sure Outlook clients connecting via MAPI are connected all the time even during mailbox database fail and switch-overs (aka *-overs). Here is how things work in regards to CAS arrays. An Exchange 2010 mailbox database has an attribute called RpcClientAccessServer. When creating a new mailbox database in an Active Directory site where a CAS array has not been created, this attribute will be set to the first CAS server installed in the AD site. You can see what this attribute is set to by running the following command:
If a CAS array exists in the AD site when you create a new Mailbox database, this attribute will automatically be set to the FQDN of the CAS array. This is so the CAS array on the Client Access server knows which Mailbox server and database a user should be directed to.
When the CAS array has been created you should create an “A record” in your internal DNS named outlook.domain.com pointing to the virtual IP address of your internal load balancing solution.
Windows NLB can still be used in conjunction with a CAS array as long as the Mailbox server role is not installed on the same machine and that any mailbox databases on the server are not protected via a Database Availability Group (WNLB and clustering have some sharing conflicts that makes this an unsupported scenario). You can, of course, also choose to use a CAS array in conjunction with an external hardware load balancer, which is the recommended approach especially if you have more than 8 CAS nodes. If you use WNLB it is just a matter of creating the WNLB cluster and pointing the DNS record at the WNLB VIP and make sure that TCP port 135 (EndPoint Mapper) and the dynamic RPC port range (TCP 1024-65535) are added to the port rules list.
A ClientAccessArray is new to Exchange 2010 and simply represents a set of Exchange 2010 servers with the CAS role installed that are load balanced in some fashion.
adding a second CAS server won't do anything as it will be using the first one in the site only and changing the DNS pointing to it seems to do nothing either as the site wouldn't "know" this CAS server.
pham0329 wrote: » But what if you were to set the RpcClientAccessAttribute to point to a DNS entry that points to a load balance cluster of CAS server. For example: I create a NLB cluster of CAS server, and a DNS entry name cas.example.com that points to the cluster. Now, instead of creating a CAS Array, I go to powershell and do Set-MailboxDatabase DB1 -RpcClientAccessServer cas.example.com Wouldn't that work as well? When user access cas.example.com, the NLB cluster would handle the load balancing.
Gomjaba wrote: » What I understand though, is that once you install a CAS server, the object in the schema basically points to that particular CAS server only and if you then install a second server, which has mailbox / cas and HT, only HT and MB "adds" itself to the schema, so the organization would recognize these roles and uses the site costs of the AD in order to determine which HT server it is using for example. And as far as I know, also uses the closest MB server when creating a new mailbox, unless you specify a specific one. So to my understanding, even if you add a second CAS role - the organization would not know about it, because think about it - it pretty much is just an IIS webpage / application (in a way) ... So, even if you say that the cas.domain.com is used by a specific mailbox server, I can IMAGINE that you'd get connection issues if the user hits the second CAS server UNLESS you create a CAS array. Which again, isn't supported when using DAGs on the server anyway ... But again - I only started studying myself for Exchange - but this is how I understand all those KB I read for this thread here .... I really think there is no way of avoiding any third part LB solution if you have to have both CAS and MB server on the same two server and still want to accomblish automatic failover - even if it means changing DNS ... But easy to test - install virtual machines and test it - you don't need any proper certificates or DNS for testing ... you can still use exchange within the organization - so install a server, make it an AD / DNS server, install two Exchange and done .. should be very easy to test ...
And as far as I know, also uses the closest MB server when creating a new mailbox, unless you specify a specific one.
pham0329 wrote: » The CAS Array itself is supported by the DAG, it's the NLB Cluster that's not supported...or so I understand haha. So even if I have a DAG, I can still create a CAS Array and assign the array to the mailbox server. It's just that when something happens, I have to manually redirect the DNS record to a 2nd CAS as oppose to having it down automatically by the NLB. .
