Wednesday, February 25, 2015

File Share Witness & Exchange 2013

In a DAG ( Exchange 2013) to have ability to perform automatic failover requires three separate physical network locations.In the scenario below two redundant datacenters for DAG and third datacenter is used (Azure Network.) for Witness server for DAG1. If you look carefully you will realize we used two different Active Directory Site for DC1 and DC2 and stretched the DAG1 on both datacenters. We placed Domain controller on the Azure network and created AD site. ( Enabling FSW on the DC  while possible it is not recommended configuration)

Organizations with only two physical locations now can also take advantage of automatic datacenter failover by using a Microsoft Azure file server virtual machine to act as the DAG’s witness server.

This configuration requires a multi-site VPN. It has always been possible to connect your organization's network to Microsoft Azure using a site-to-site VPN connection. However, in the past, Azure supported only a single site-to-site VPN. Since configuring a DAG and its witness across three datacenters required multiple site-to-site VPNs, placement of the DAG witness on an Azure VM wasn't initially possible

How to configure Azure network for FSW is documented here

In this configuration several things to be considered.

  • Make sure your operational  requirements meets the usage of the Azure Network
  • Initials configuration extending Azure network to your data centers will require addition network configuration and the work is  documented on the link provided above.
  • You will need to pay as you go within the Azure Network. ( remember Cloud is not cheap)
  • Having Domain Controller AND extending your network to Cloud could help you if your plans to move into Cloud at some point.
  • Configure Multi Site VPN documented here

 

image

 

v/r

Oz Casey, Daedal  ( MVP North America)
MCITP (EMA), MCITP (SA)
MCSE 2003, M+, S+, MCDST
Security+, Project +, Server +
http://smtp25.blogspot.com/ (Blog)
http://telnet25.wordpress.com/ (Blog

1 comment:

Anonymous said...

I cannot find any documentation that states the network requirements for the third site witness. What is the tolerated latency on the connection between sites with DAG members and the witness in Azure or on-premise third site?