Welcome to Part 4 of this article series. In Part 1, we started off by discussing the goal of this lab. That goal is how to deploy a two-node Exchange 2010 RTM Database Availability Group (DAG) on Windows Server 2008 R2. We then prepared our Operating System with the Exchange 2010 Prerequisites which includes software prerequisites as well as modification to hardware configuration such as our Network Interface Cards (NIC)s. In Part 2, we went over the installation of one of our Exchange 2010 Servers which will include the Mailbox, Client Access, as well as Hub Transport Server Roles. In Part 3, we went over the creation and configuration of our Database Availability Group (DAG). We then added our first Node to our DAG.
In this Part, I will be adding the second node to the DAG and then create a database which will then be synchronized to the second DAG node.
Part 4
Adding the second Node to our DAG
Well, let’s go ahead and add our first node to the DAG. Go into the EMC > Organization Configuration > Mailbox > Database Availability Group > Right-Click our DAG > Manage Database availability Group Membership.
Add the second Node. Click Manage to Continue.
Our second node has successfully been added.
But… what exactly was done during this behind the scenes when this second node was added to the DAG? The following occurs (from Technet documentation):
- The server is joined to Windows Failover Cluster for the DAG.
- The quorum model is automatically adjusted:
- A Node Majority quorum model is used for DAGs with an odd number of members.
- A Node and File Share Majority quorum is used for DAGs with an even number of members.
- The witness directory and share are automatically created by Exchange when needed.
- The server is added to DAG object in Active Directory.
- The cluster database is updated with info on mounted databases.
First of all,we can see the DAG has been joined to the Windows Failover Cluster.
Second of all,we can see the Quorum Model has been adjusted to Node Majority and File Share Witness because we have an even number of nodes.
We can also see the FSW is set to the location we specified when creating our DAG (SHUD-OCSFE01 with a path of C:\ShudnowDAG) and that there is Quorum data in this location.
Adding Database Replicas
Well, let’s go ahead and create a new database and replicate it. Go into the EMC > Organization Configuration > Mailbox > Database Management.
We can see there’s currently two databases that were created during the installation on our Exchange Mailbox Servers; one for the first node and one for the second node.
We can’t delete these databases because they contain some arbitration mailboxes. Arbitration mailboxes are special mailboxes that are used to manage approval workflows. For example, moderated e-mails. We can see these arbitration mailboxes and what mailbox databases they belong to by running the following command:
Get-Mailbox -Arbitration | FL Name,Database
Create a new Database. I will create a new mailbox database with the name, LABDatabase01. I will then also mount the database The two commands I will use to do this are:
New-MailboxDatabase -Name LABDatabase01 -Server SHUD-EXC01
Mount-Database -Identity LABDatabase01
Let’s add a Mailbox Database Copy to our second DAG node so we have redundant databases. Database Management > Select the new Database > Right-Click and Choose “Add Mailbox Database Copy.”
Choose the second server for the server that will obtain our Database Copy. Click Add to Continue.
We should then see a successful copy being added to our second DAG Node.
To verify, in the EMC, click on the LABDatabase01 and we should see a Mounted copy and a Healthy copy below.
To do a switchover, you can right-click on the copied database and choose Activate Database Copy.
DAGs Networks
Go into the EMC > Organization Configuration > Mailbox > Database Availability Group. At the bottom, you will see the Networks. You can see both are enabled for Replication. Exchange 2010 always uses the last recently used replication network. You can leave both enabled to Replication or you can disable the MAPI Network from having Replication enabled. This will force all replication to go over your dedicated replication network. Keep in mind, when you do this, your MAPI Network can still do replication. It will only do replication when there are no dedicated replication networks available. For example, if the dedicated replicated network were to go down due to some switch but your MAPI network was available, replication would begin to utilize the MAPI network.
If you were in a situation where you were adding a 3rd node to the DAG and it was in a different subnet, you will need to add an IP Address for that subnet so the Network Name resource can come online for that subnet. So let’s say we now added a 3rd DAG node that was on the 172.16.0.0/12 subnet. Remember our Set-DatabaseAvailabilityGroup cmdlet with the -DatabaseAvailabilityGroupIpAddresseses switch? In this case, let’s say 172.16.2.154 was going to be our DAG IP for that subnet. We would have to add that IP to the switch above. But that switch is not additive, so we would have to run the following command:
Set-DatabaseAvailabilityGroup -Identity ShudnowDAG -DatabaseAvailabilityGroupIPAddresses 192.168.1.154,172.16.2.154
As you can see, I specified both 192.168.1.154 in addition to 172.16.2.154.
What happens is if the DAG fails over to the second DAG node, the DAG will keep the 192.168.1.154 address. But if it fails over to the 3rd node, it will use the 172.16.2.154. Again, this command has nothing to do with the replication networks, only the MAPI Networks. And again, it’s only so the Network Name resource can come online which is a cluster dependency. No clients will connect to this Network Name resource and Exchange has multiple mechanisms to connect to Exchange.
Summary
Well folks, that is all for Part 4 of this article as well as the article series. Thanks for reading!
MAS says
hi
how can remove dag configuration if i have problem but without install windows in server only remove configration and do it again
baseliner35 says
Hi,
I'm trying to investigate the cmdlet to remove my alternate FSW from my DAG. Cannot find anything about that and using the GUI doesn't seem to allow that
John Philipson says
Fantastic Blog – One of the few on the Internet that was really clear, detailed and very helpful. I set up my environment with
all W2K8 R2 Standard (except for Mailbox servers running Enterprise Ed)
– DC
– CAS/HUB Server (as FSW) and
– 2x MAILBOX servers
The two node DAG works well, apart from a need to extend the timeouts to max, on the Cluster Failover (using the Exchange Shell script) to prevent the nodes dropping out of the cluster, for some mysterious reason, on my home LAB LAN.
Adrian says
Hi Elan, thanks for the great info.
I am looking at deploying a 2 node, 2 site DAG separated over a WAN. The config would be:
Site A: Server A with Active DB-A and Passive DB-B + FSW on a second server
Site B: Server B with Active DB-B and Passive DB-A
I have set this up and in initial testing the issue I have come across is that if the WAN link goes down, Server B looses access to the FSW and all databases in Site B are dismounted, meaning users who have mailboxes on Active DB-B are disconnected from Exchange and cannot use mail.
Is there a way to overcome this issue in a 2 node 2 site DAG, keeping in mind this is for a SMB with about 50 users who does want HA for email. I am doing this using Exchange SP1.
Thanks Adrian
Elan Shudnow says
Need to have 2 separate DAGs. Due to the way majority node clustering works, you can only have 1 site ever be up if you lose WAN connectivity due to majority of voters only being able to be in one site. If you require full connectivity for both sites, then you have to have 2 DAGs with DAG for SiteA having majority there and DAG for SiteB having majority there for the 2nd DAG.
Andrew says
Great write up… Very easy to follow and implement!
Dozer says
First, thanks for this write up !
For info in case anyone else comes across this:
Everything has worked fine so far, up until I tried to create the 'Add Mailbox Database Copy', I got a long error:
=================================================
Error:
=================================================
A source-side operation failed. Error An error occurred while performing the seed operation……..
Failed to open a log truncation context to source server 'server1.domain.local'. Hresult: 0xfffffae7. Error: The database was either not found or was not replicated.
=================================================
The fix I found here: http://smtp25.blogspot.com/2010/02/server-side-se…
…basically, manually copy across the 'CatalogData…' folders, then hit 'resume database copy', and all is well.
cheers
Lewinski says
Hi Elan,
Great article.
I created your setup on a virtual lab and went through everything as described. The exception is that I created two extra servers and put HT/CAS roles on both, and WNLB.
Accessing the CAS is fine, and the DAG does the fallover fine (Mounted, Healthy etc always seems in the right order).
However! unless EXC2 is switched on, I get mailbox unavailable errors. The setup works even if EXC2 is not the mounted copy, as long as the machine is on.
Any ideas would be greatly appreciated.
Lewinski says
Elan, you know what, forget it – I'm an idiot :-)
It struck me as soon as I posted my comment that I didn't move the default admin mailbox to the DAG store… sorry!
Farhan Raza says
I am very thanks full.
bsang says
I have two Exchange 2010 set as a DAG group, company required to perform DR restoration test at remote DR center, Do i have to restore both Exchange Server or can I restore it to a single standalone Exchange Server..Please help…thanks in advance,
Elan Shudnow says
You can have 2 DAG members in the Primary Site replicating all databases to a single node in the failover site. That'll work just fine.
SaaN says
How do we add second FSW as we do in Exchange 2007 (create FSW on 2 hub server which located in 2 different data center)
Elan Shudnow says
Well, in Exchange 2007 you can't have a 2nd FSW active at any given time. It's just not possible with clustering. You can use a CNAME to mask it though. In Exchange 2010, you can't really do this as Exchange is the one that manages the FSW creation and modification. You can use an alternative FSW though for site switchovers.
Gino says
Mr Elan , I do have a question regarding server 2008 R2.
When i tried to set up the mail foward to a mailbox i actually works, if I want to set up multiple users, as the option ADD security allows us , it does not work, Is there likely something that this series of server does not allow you or is there another way of working around that?
Thanks
Gino says
Mr Elan , I do have a question regarding server 2008 R2.
When i tried to set up the mail foward to a mailbox i actually works, if I want to set up multiple users, as the option ADD security allows us , it does not work, Is there likely something that this series of server does not allow you or is there another way of working around that?
Thanks
cooldavinci says
cristal clear. thank you
Charlie O. says
I have a few question on DAG … I am an Exchange novice :-)
Can you explain exactly the function of the Witness share? I think I understand it's purpose, but want to make sure I am not off-base.
Does it really make a difference if the Witness share is on a non Exchange box as long as the appropriate membership is given? If it does, why?
I have a home/lab network with one Hyper-V Exchange 2010 and one stand alone Exchange 2010 (all on 2008R2). Single NIC MAPI network . . . . All mailboxes will be placed on the stand alone E2010. I want my 8 users to have use of Exchange when I bring the stand alone Exchange down (where the mailboxes reside). What else can I do along with the DAG to make this a possibility.
Thanks for the very thorough and "real world" articles.
Charlie
[email protected]
eshudnow says
It doesn't have to be on an Exchange Server and there's not a very good reason to bring up an Exchange Server specifically to do this. I would just put it on a different server and add the Exchange Trusted Subsystem to the Local Administrators group of the non-Exchange Server to accommodate it. And what do you mean what else can you do with a DAG to make this a possibility? The purpose of a DAG is to make your mailboxes highly available. So just having the DAG alone makes this possible.
Charlie says
I guess what I am missing is experience! If I understand DAGs correctly, even though the databases are redundant and available on bother Eservers, I am still not serving up mail if one of my Exchange servers (the primary that does OWA and active-sync) goes down . . . without manual intervention (changing IP's on the router, etc… I have only one public IP). What I am asking is what else can I do with my relatively limited network to have the "fail-over" automatic and not require admin intervention. I am am sure it is done all the time, but with significantly more hardware and resources.
Thanks again for the great real world articles..
Charlie
eshudnow says
Ok, so you also want CAS availability then. Have you checked out this article here for what options are available? https://www.shudnow.io/2010/03/17/exchange-2010-r…
Keep in mind, a free and simple way to provide 2 Node Automatic HA without Hardware Load Balancers is discussed in the comments. It's not supported by Microsoft but it does work as I have tested it as well as others. I didn't include it in the original article due to the lack of supportability from Microsoft.
Charlie says
I will check it out!
Again, I really do enjoy your work! It is "real world" and tested. Always something I can use and something I never could have done on my own. . . . and best of all . . . always written so that even I can understand :-)
Charlie
Zahir Hussain Shah says
Dear Friends,
I need your urgent help on one urgent issue, today while I was troubleshooting my Backup software (Symantec BackupExec 2010), so my backup admin told me that the DAG FQDN or IP is not ping able, so I checked and I found that the NETWORK NAME of DAG was not online in FAILOVER CLUSTER MANAGER, so I tried bring the NETWROK NAME ONLINE, so suddenly the IP RESOURCE got hide somewhere, after wards I tired finding the resources, but couldnt got successd in that.
Now my DAG network name is not coming ONLINE, tell me what should I do, which option should I select from the below list:
1) Break the FAILOVER CLUSTER and re-create in teh presence of DAG on Exchange
2) Remove the DAG and re-create it, as this is very difficult solution
3) or what else…
please reply me on [email protected]
Zahir
[email protected]
Jorge says
This is the first article that I have come across that not only details how to create a DAG, but gives a good explanation of DAG networks which is exactly what I was after.
A very good series of articles and I thank you.
EBE says
Thx a lot for the sharing.
cu
Tridon says
Another quick question:
We ran the Exchange Best practice analayzer, and it recommended to move a datastore from one drive to another drive where our log files are located. Our question comes in here, if we do this, do we also have to move it in the DAG or will the Best Practice Analayzer do it for us?
Thanks for the help in advance.
Elan Shudnow says
No, don't use BPA to move DAG database/log file locations. Use the following guidance:
http://technet.microsoft.com/en-us/library/dd9797…
Eric says
We have a single 2010 server that was a "Typical" installation with the Hub Transport, Client Access, and Mailbox roles. We have all of our mailboxes on this server. We are ready to configure a 2nd server running 2008 Enterprise for failover purposes, and plan on configuring a DAG. When we install Exchange on the 2nd server, can it contain only the Mailbox role, or can it also be a "Typical" installation so that should the primary server fail, that mail flow still would route through this 2nd server? If not, when the primary server goes offline and only a Mailbox role exists on the 2nd server, what happens when a user tries to send internal and Internet mail? Is it routed and delivered, or que'd? I would presume it is que'd if only the Mailbox role exists?? Thanks for the excellent article above!
Elan Shudnow says
If you only have 2 servers for HA then ya, you'd need to have both servers being multi-role (CAS/HUB/Mailbox) as a Mailbox Server is useless without HUB and CAS. If you want your RPC Endpoint Highly Available as well (since RPC endpoint is now on CAS) you'll still need a hardware load balancer with only 2 servers as you cannot have Windows NLB and Windows Clustering Services on the same box.
So there's a couple options:
1. 2 Multi-Role DAG Serves with a hardware load balancer (or DNS Round Robin as a poor man's solution and removing 1 record when the server goes down and having a lowered TTL value for these records and understanding clients will lose affinity)
2. 4 Servers (2 MBX and 2 HUB/CAS) and use Windows NLB on the HUB/CAS which only uses Client IP Affinity (meaning if multiple users connect with the same IP 1 server can get more traffic)
Andy says
When assigning two addresses to the DAG, our failover cluster manager only shows one of the two addresses online, which means the "Whole" network name is not online. We can still ping the DAG though since it does have one ip online. Is that normal? Will the other address come online when a failover to that site occurs?
Dinesh Silva says
really appreciate you postings. easy to understand and effective. looking forward to reaDd more articles here. :)
ROBERTO says
GRAZIE ELAN, E' UN TUTORIAL MOLTO UTILE
ROBERTO ROCCHETTI
Tridon says
Can you install DAG after already having Exchange 2010 up and running? Will this cause any problems with user mailboxes?
Elan Shudnow says
Yes. Exchange 2010 has something called incremental deployment. You can have users on a mailbox database, then later create the DAG object in AD, add that mailbox server to the DAG, then add a new server to the DAG, and then just replicate the database to the new server.
Tridon says
Thanks for the quick reply and information. This has been very helpful.
02dag says
What if you now want to make the CAS-role higly available too. Can you configure a client access array combining these two same nodes, and then install NLB on top? Will that work with the failover cluster service already there?
Elan Shudnow says
No. You cannot combine Clustering Services and Windows NLB Services on the same box. You'll need to split the CAS roles off of the DAG members.
eric says
Thanks for the informative article. If I have the CAS role on separate servers can I use NLB for them? Some articles state that you can not use NLB CAS servers if you are using the DAG. I believe that is true only if they are on the same server but that is never specifically stated.
Elan Shudnow says
Yep, if you have CAS role on their own server, you can utilize Windows NLB. You can even use WNLB with a HUB/CAS Server.
Darren says
Fantastic series, many, many thanks, has helped me get my test lab up and running properly!
Jason says
Hi Elan
I have been going through the web trying to get a clear answer on site replication using only 2 exchange 2010 servers and 1 database.
I have 2 locations A and B seperated by a WAN. Each site will contain 1 Exchange 2010 server that will replicate a single database. I understand a DAG will need to be created with a Witness server. The problem is where do you place the witness server as if the WAN goes down between the sites then according to what i have read the site without the witness server database will go offline until a witness server is found. Is that right? if so that means you would have to replicate the witness server as well! there something i have missed?
Very well put together blog with excellent screen shots.
Elan Shudnow says
Restore-DatabaseAvailabilityGroup which is used during site switchover allows you to specify an Alternative Witness Server. When the DR Site activates, it uses the new witness. Alternatively, you can use Set-DatabaseAvailabilitGroup beforehand to set up the Alternative Witness Server so you don't have to use the Alternate Witness Server Switch when running Restore-DatabaseAvailabilityGroup
Niroshan says
Thank you very much Mr Elan Shudnow
Now i clearly understood DAG and Configured It
MrLiang says
good stuff
Emma says
Thanks great series of posts
Elan Shudnow says
Most of Part 3 goes over how to use a Static IP right off the bat and if you use DHCP, how to change your DAG to use a Static IP.
Shailesh says
I had a question, I have the servers using Static IP, but when I created the DAG, it used the DHCP. It got some IP address and my DAG is all up and running. Is there a easy way that I can change this DAG from dynamic to static IP? Or do I have to actually destroy this DAG and create a new one from Scratch?
Dave says
Great article. I now have it set up and understand the DAG. Thanks.
Bender says
Great post, thanks so much for helping me understand DAG configuration better!
Sue Massey says
Nice writing style. I look forward to reading more in the future.