us - exchange 2010 - architecture

8/2/2019 Us - Exchange 2010 - Architecture

1/47


2/47

Martin CoetzerTechnical ConsultantMicrosoft

Session Code: UNC308


3/47

Agenda

Discuss the topology changes introduced inExchange Server 2010

Client Access

Transport

Mailbox

Understand our guidance on server sizing


4/47

Exchange 2010 Enterprise Topology

Enterprise Network

External

SMTP

servers

Mailbox

Storage of mailbox

items

Edge Transport

Routing & AV/AS

Unified Messaging

Voice mail &

voice access

Phone system

(PBX or VOIP)

Client Access

Client connectivityWeb services

Hub Transport

Routing & Policy

Web browser

Outlook

(remote user)

Mobile phone

Outlook (local

user)

Line of business application


5/47

Consolidation of Store Access Paths

Middle

Tier

Exchange

Biz Logic

Mailbox MAPI RPC

Store

Exchange Components

OWA

Sync UM

Transport

Agents

Mailbox

Agents

WS

Entourage

Outlook /

MAPI clients

DAV

Middle

Tier

MAPI,

RFR &

NSPI RPC

Exchange Core Biz Logic

Exchange

Biz Logic

Mailbox

MAPI RPC

Store

Exchange Components

OWA

Sync UM

Transport

Agents

Mailbox

Agents

WS

Outlook /

MAPI clients

Entourage


6/47

RPC Client Access ServiceThe What

A new service in Exchange Server 2010that resides on CAS

What it handles:

Outlook data connections go to CAS insteadof connecting directly to mailbox servers

Replaces the DSProxy interface byproviding an Address Book service on CAS

Public folder connections connect directlyto the mailbox server, but through RPCClient Access

MBX

Exchange CAS Array

Outlook Clients

GC


7/47

RPC Client Access ServiceThe Why

Provides a better client experience during switchovers/failoversWhen a MBX server fails over, Outlook client will only see ~30 secdisconnection, as compared to 1-TTL min before

Uses the same business logic for Outlook and other CAS clients

Calendar logging + fix up

Content/body conversion

Greatly simplifies AD topology requirements for Outlook

Supports more concurrent connections/mailboxes per Mailboxserver

Reduces code and client logic in Exchange Store process forincreased reliability


8/47

Client AccessClient RPC Connection Changes

Exchange Server 2007 Exchange Server 2010

Outlook / MAPI

clients

Mailbox

MAPI RPC DSProxy

Store

ESE AD

NSPI

CAS RpcProxy

RPC Data Flow HTTP Data Flow Common Data Flow

Outlook / MAPI

clients

Mailbo

xMAPI RPC

Store

ESE AD

LDAP

CASArray MAPI RPC RPCProxy

NSPI,

RFR RPC

Exchange Biz Logic


9/47

RPC Client Access ServiceHow Directory Referral Connections Work

1. Outlook calls get Address Bookserver API

2. CAS queries Active Directory

a. Mailbox location (AD site)

b. Mailbox version

c. RpcClientAccessServer property ofmailbox database

3. CAS tells Outlook which CAS serveror array should be used fordirectory requests

4. Outlook connects to the

appropriate CAS

If mailbox is moved back to 2003/2007, CAS will redirect the client to themailbox server so that it can provide a referral to a global catalog server

Otherwise, all legacy mailboxes will get directory referrals from mailbox server

CAS 2010

MBX 2010 GC

1

2

3

CAS 2010

MBX 2010 GC

4

ADSite

1

ADSite

2


10/47

RPC Client Access ServiceOutlook Anywhere Improvements

Outlook Anywhere clients utilizethe Address Book service onCAS for directory relatedrequests

This architecture resolves issuessurrounding DSProxy and splitHTTP connections that are dueto using SSL-ID load balancing

solutions

MailboxAD

Outlook connecting

with Outlook

Anywhere

RPC_IN_DATA

RPCLDAP

CASRPC Client Access

Services + Address Book

Windows 2008+RPC/HTTP Proxy

HTTPS

RPC_IN_DATA

HTTPS

RPC_OUT_DATA

RPC_OUT_DATA


11/47

RPC Client Access ServiceWriting to the Directory

Question: Does this new behavior ensure that Outlook can writechanges to Active Directory for the following scenarios?

Distribution group membership

Delegate management

Certificate management

Answer: When the Address Book service detects modificationsfor one of those scenarios, it will utilize the appropriate cmdletto commit the change to Active Directory based on the propertytag (assuming user is scoped and authorized to make thosechanges):

Add/Remove-DistributionGroupMember

Set-MailboxPublicDelegates

Set-MailboxUserCertificateUserSMIMECertificate


12/47

Exchange Server 2007

Outlook Clients

Client AccessScaling Mailbox Connections

MBX

60K connections / MBX server


MBX

60K outbound

connections /CAS IP (W2K8)

CAS GC

60K outbound

connections /MBX server

Outlook Anywhere Clients


13/47

Client AccessScaling Mailbox Connections

MBXExchange CAS NLB

# of CAS servers

x 100 connections / CAS RPCCA

service/process

Outlook Clients

GC

LDAP



14/47

Client AccessFirewall/Proxy Guidelines

Internet Security and Acceleration (ISA) Server 2006Kernel memory limitations imposed by the 32-bit architecture

ISA:CAS ratio 3:1 (worst case heavy Outlook Anywhere usage)

Important when you have a large percentage of your users connected viaOutlook Anywhere, as the ratio of Transmission Control Protocol (TCP)connections to users is much higher than you would see for Outlook Web

Access (OWA), ActiveSync, POP, or IMAP traffic

Beyond ISA 2006 pre-release product information

Forefront Unified Access Gateway (UAG)

Next-generation secure remote access product and the future version ofMicrosoft Intelligent Application Gatewaynative 64-bit architecture

Will be tested with Exchange Server 2010

Forefront Threat Management Gateway (TMG)

Next-generation network security product and the future version ofMicrosoft ISA Servernative 64-bit architecture

Will be tested with Exchange Server 2010


15/47

Client AccessArchitectural Considerations

Exchange 2010 is version specificExchange 2010 CAS required in every AD site whereExchange 2010 MBX is deployed

Exchange 2007 MBX requires Exchange 2007 CAS

Load balancingIf planning on deploying more than 8 CAS servers in a loadbalanced array, consider deploying hardware load balancingsolution

Attend the UNC310 Transition/Deployment session tounderstand the intricacies involved in co-existence!


16/47

Transport RolesResiliency Issues in Exchange 2007

Transport database is statefulLoss of service results in loss of mail

Transport dumpster impacts the environment

In extreme cases, up to 200% increase inIOPS/message due to many SGs and inefficientcache usage when compared to similar scenarioswithout dumpster

Redelivery submission results in entire quota beingredelivered and store removing duplicates


17/47

Transport RolesExchange 2010 Resiliency Improvements

Shadow redundancy is a new feature of transportProvides redundancy for messages for the entire time theyare in transit

Transport becomes stateless

Eliminates need for RAID, which reduces 50% write I/ODumpster Changes

Database replication feedback is now used to control whichmessages remain in dumpster

When message has been replicated to all database copies,message is truncated from dumpster

Dumpster size is now based on log replication latency andfrequency of feedback


18/47

Transport RolesHow does Shadow Redundancy Work?

1

2

1. Hub (shadow) delivers message to Edge1(primary)Detects that Edge1 supports Transportredundancy through XSHADOW verb

Hub moves message to shadow queue andstamps Edge1 as current, primary owner

2. Edge1 (primary) receives message(becomes primary owner)

Edge1 delivers message to next hopEdge1 updates discard status of themessage indicating delivery completeto foreign MTA

Hub

Edge1 Edge2

Foreign

MTA


19/47

Transport RolesHow does Shadow Redundancy Work?

1

2

3. Success: Hub (shadow) queries Edge1 (primary) forexpiry status

Hub issues XQDISCARD command (next SMTPSession),Edge1 checks local discard status andresponds with list of messages considered delivered Hub deletes messages from its shadow queue

4. Failure: Hub (shadow) queries Edge1 (primary)discard status and resubmits

Hub opens SMTP session, issued XQDISCARD

command (heartbeat)if Hub cant contact Edge1within timeout, resubmits messages in shadowqueueresubmitted messages are delivered to Edge2(go to #1)

43

Hub

Edge1 Edge2

Foreign

MTA


20/47

Transport RolesShadow Redundancy Other Scenarios

For systems that do not support shadow redundancy, Exchange2010 utilizes a delayed acknowledgement process

SMTP submission from Exchange 2003/2007, 3rd party MessageTransfer Agent( MTA ) and Mail User Agent (MUA - UM, POP and IMAPclients)

250 response delayed up to 30 sec (default)If transport server fails before ack, client resubmits

Mailbox Submission redundancy relies on copy of message insenders Sent Items folder

Mail Submission Service resubmits copy when hub doesnt acknowledge

successful delivery of messageSystem generated (Journal Report, NDR) are considered sideeffects of original message submission, tracked as part oforiginal delivery status


21/47

Transport RolesExchange 2010 Performance Enhancements

ESE changes:ESE page size is 32KB

ESE database page compression

Intrinsic long value record storage

ESE version store maintenance

DB cache size increased to 1GBCheckpoint depth increased to 512MB

Results:

With transport dumpster changes and ESE improvements, transport

IOPS requirements are targeted to be reduced by more than 50%Larger message sizes are supported without causing backpressure


22/47

Transport RolesEdge Transport Improvements

Better Performance for EdgeSync via Deltasync ModeUnder this mode, each time EdgeSync service only reads thedelta change since last sync and updates the targetaccordingly

Support for safe senders and blocked sendersConfigurable Safe List quotas

Administrator defined blocked senders

Automatic update of Safe Sender list propagation into ActiveDirectory


23/47

Transport RolesOther Improvements

Information Leakage Protection and Control(IPC) features

Instrumentation and reporting improvements

Measuring end-to-end message delivery latencyServer component latency

Historical reporting and trends

End user message tracking


24/47

Transport RolesArchitectural Considerations

Shadow redundancy enables RAID-less solutions for mail.que databaseRouting version boundary change:

Exchange 2010 Mailbox servers can only submit to Exchange 2010 HubTransport servers

Exchange 2010 Hub Transport servers can only deliver to Exchange 2010Mailbox servers

Exchange 2007 Mailbox servers can only submit to Exchange 2007 HubTransport servers

Exchange 2007 Hub Transport servers can only deliver to Exchange 2007Mailbox servers

Exchange 2010 Hub Transport servers can communicate with Exchange 2007Hub Transport servers via SMTP (and vice versa)

For Edge:

Exchange 2010 Hub Transport will become authoritative for Edgesync in thecoexistence scenario


25/47

MailboxStore/ESE Changes

Exchange 2007 Issues Exchange Server 2010

Exchange does many small, random input/outputs (I/Os) which

inhibit the types of disks that can be used

Exchange store schema and ESE optimized for fewer large,

smoother, sequential I/Os

Store schema changes

DB I/O size improvements

Database cache effectiveness improvements

ESE optimized for new store schema

Result: Exchange 2010 reduces I/O by an additional 70%when compared to Exchange Server 2007 and is optimized for

SATA class disks

Large item count per folder is an issue due to restricted views

(affects large mailbox deployments)

Schema changes of the table structure and deferred index

updates greatly improves restricted view performance

Result: Supports 100,000 items per folder

Outlook Personal Folder Files (PSTs) are a litigation, security, and

management nightmare

New Messaging Records Management features

Item level policy settingsArchive mailbox feature for importing and storing PST

data

Compliance Officer search capabilities

Result: PSTs can be removed by placing data into Exchange

repository and can be searched easily


26/47

MailboxHigh Availability Changes

Other advantagesStep up to automatic failover without rebuilding the mailbox server

Incrementally add replicated copies to meet business needs

No subnet or special DNS requirements

Single-copy cluster Cluster ContinuousReplication

Exchange Server 2010 HighAvailability

*Over granularity Server-level Server-level Database-level

Copies of data 1 2 2 to 16

*Over time ~2 min ~2 min ~30 sec (POR)

*Over management Windows Cluster Windows Cluster Exchange Server

Data replication Partner replication or SCR Continuous replication Continuous replication

Management tools Separate Separate Unified

Host other roles? No No Yes

Single-Copy Cluster Cluster ContinuousReplication

*Over granularity Server-level Server-level

Copies of data 1 2

*Over time ~2 min ~2 min

*Over management Windows Cluster Windows Cluster

Data replication Partner replication or SCR Continuous replication

Management tools Separate Separate

Host other roles? No No


27/47

High Availability Design ExampleDouble Resiliency

Single Site4 Nodes

3 HA Copies

JBOD -> 3 physical Copies

Database Availability Group (DAG)

Mailbox

Server 1

Mailbox

Server 2

Mailbox

Server 3

X

Mailbox

Server 4

Upgrade server 1Server 2 fails

Server 1 upgrade is done

2 active copies die


28/47

MailboxExchange 2010 High Availability Sizing

Leverage the incremental deployment capabilities of ExchangeServer 2010

You do not need to deploy site resilience out of the box!

Deploy larger database availability groups (DAGs) over smallerDAGs

Distribute database copies across nodes in a matrix

Improved database seed/log shipping performance across thewide area network (WAN)

DAG network compression/encryption (optional)

Log shipping is now Transport Control Protocol (TCP) socket basedUse multiple 1 Gb networks or 10 Gb network to improve localarea network (LAN) re-seed/log replication queue drainperformance


29/47

MailboxArchitectural Considerations

Streaming backup support has been removedUtilize direct-attached storage (DAS) solutions to reduce costswith large mailboxes and continuous replication

Leverage the Storage Cost Calculator

Deploy Database Availability Groups (DAGs) and use replication

to achieve high availabilityIf deploying 3 or more database copies, consider RAID-less storagedesign and combining logs and database on same spindles

Ensure unique database names across the organization

Attend UNC312 - Storage in Microsoft Exchange Server 2010 onTuesday at 9:15

Attend UNC301 - High Availability in Microsoft Exchange Server2010 today at 14:30pm


30/47

MailboxArchitectural Considerations

Large mailbox support (10 GB+) enables different scenariosDeploy Office 2007 Service Pack 2 (SP2) or later

Leverage records management functionality

Scenario 1:

Deploy a single mailbox to contain all data

Scenario 2:Deploy primary mailbox to support 1-2 years worth of data

Deploy archive mailboxes to allow end users to retain long-term neededdata

Attend UNC307 - Archiving and Retention in Microsoft ExchangeServer 2010 on Tuesday at 10:50


31/47

Public Folders

Co-existence support between Mailbox server 2010 and Mailboxserver 2003/2007

Outlook can access public folder data from Exchange 2010,2007, or 2003

OWA 2010 only gives access to public folders with replicas

located on Exchange 2010This is different from OWA 2007, which had a redirection behavior,opening up OWA 2000/2003 for public folders on older mailbox serversin separate browser windows

Get-PublicFolderStatistics now captures last user access

Unlike Exchange 2007, public folder stores can no longer beenabled for continuous replication, but you can create a publicfolder store on a mailbox server that resides in a DAG

Public Folder replication is your data resiliency solution


32/47

Agenda

Discuss the topology changes introduced inExchange Server 2010

Understand our guidance on server sizing


33/47

Scale Out vs. Scale Up

Scale out is a strategic choice made byMicrosoft

Focus is on supporting large mailboxes at lowcost, goal to further decrease input/output (I/O)to reduce Total Cost of Ownership (TCO)

Scaling up increases risk that an outage orfailure affects more users

Scaling out provides an opportunity for highavailability at low cost


34/47

Processor Core Scalability

Single role serversBeta: 12 cores maximum

No benefit moving to 16 cores from a performanceperspective

High scale all-in-one servercurrently underinvestigation

Beta: 16 cores max


35/47

Client AccessBetaSizing Guidance

Since CAS role is now a true middle-tiersolution, CAS servers will require beefierhardware

CAS to Mailbox processor core ratio changesdrastically as a result of RPCCA (Beta1: 3:4)

Processor/Memory requirements:

8 cores recommended

2 GB RAM/core recommended (8 GB min)


36/47

TransportBeta Sizing Guidance

Memory and processor requirements arestaying inline with Exchange 2007 requirements

Processor/Memory requirements:

4 cores recommended

1 GB RAM/core recommended

Transport rule attachment scanning and contentencryption technologies may impact these

guidelines


37/47

MailboxBetaSizing Guidance

Use 4 8 total cores for mailbox16 cores shows decline in throughput on single rolemachines

RAM

4GB base RAM for content indexing and mailbox assistants2-8MB per mailbox recommended for database cache andwill be based on message profile and mailbox size

Example: Light Message Profile with 10+GB mailbox 8MB memory

Size and prepare disks correctlyUse storage calculator


38/47

Unified MessagingBetaSizing Guidance

Use 4 cores4-8 GB of RAM recommended

More than 8 GB is not shown to improve TCO orscale

Not recommended combining with other roles

Audio quality can be affected

Place close to the mailbox servers that host UM-

enabled mailboxes

Voice mail preview may impact these guidelines

ll l


39/47

CAS/HUB/MAILBOX 1

CAS/HUB/MAILBOX 2

Member servers of DAG

can host other server

roles

DB2

2 server DAGs, with

server roles combined

or not, should use RAID

All-In-One Server ExampleBranch Office or Smaller Deployment

8 processor coresrecommended

with a maximum

of 64GB RAM

UM role not

recommended for

co-location

h


40/47

Exchange 2010 Beta RatioGuidelines

Processor core ratiosClient Access Server (CAS) : Mailbox = 3 : 4

Hub Transport server : Mailbox

= 1 : 7 (no A/V on Hub)

= 1 : 5 (with A/V Hub)

Edge guidance expected to be very similar toExchange Server 2007

GC: Mailbox

= 1 : 4 (32bit GC)

= 1 : 8 (64-bit GC)

l l


41/47

Capacity Planning Tools

ProfilingExchange Profile Analyzer (EPA)

Performance Monitor (Perfmon)

SizingExchange Server 2010 Mailbox StorageRequirements Calculator

Validation

Jetstress 2010

Exchange Load Generator Loadgen

K k


42/47

Key Takeaways

Exchange Server 2010 introduces several paradigm shiftsClient connections are performed through Client Access Server roleShadow redundancy introduces message resiliency within transportpipeline

High Availability, store, and new compliance scenarios improve dataretention, resiliency, and availability

There are changes to server sizing and scalability, most notablywith CAS

Attend the deep-dive breakout sessions for more in-depthinformation!


43/47

R


44/47

www.microsoft.com/teched

International Content & Community

http://microsoft.com/technet

Resources for IT Professionals

http://microsoft.com/msdn

Resources for Developers

www.microsoft.com/learning

Microsoft Certification & Training Resources

Resources TechEd Africa 2009 sessions will bemade available for download the weekafter the event from: www.tech-ed.co.za

R l d C
http://www.microsoft.com/techedhttp://microsoft.com/technethttp://microsoft.com/msdnhttp://www.microsoft.com/learninghttp://www.tech-ed.co.za/http://www.tech-ed.co.za/http://www.tech-ed.co.za/http://www.tech-ed.co.za/http://www.microsoft.com/learninghttp://microsoft.com/msdnhttp://microsoft.com/technethttp://www.microsoft.com/teched


45/47

Related Content

Microsoft Exchange Server 2010 Transition and Deployment(UNC310)

High Availability in Microsoft Exchange Server 2010 (UNC301)

Unified Messaging in Microsoft Exchange Server 2010 (UNC311)

Microsoft Exchange Server 2010 Management Tools (UNC309)

Storage in Microsoft Exchange Server 2010 (UNC312)

Microsoft Hyper-V: Dos and Don'ts for Microsoft ExchangeServer 2007 SP1 and 2010 (VIR308)

Archiving and Retention in Microsoft Exchange Server 2010

(UNC307)

f


46/47

Complete a session

evaluation andenter to win!

10 pairs of MP3

sunglasses to be won


47/47

2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should

not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,

IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

us - exchange 2010 - architecture

Documents