DAGs and Edge server redundancy
We are in the process of creating an Exchange DAG and setting up redundancy between our edge servers and need to know if there will be any type of service outage as a result of any of these changes? If so, how should we expect the process to go?
E.G., will there be a service outage after the DAG is created but not after the edge redundancy is set? etc.
Hi sbusarow,
For edge server:
You can deploy multiple Edge Transport servers and use multiple DNS MX resource records to load balance activity across those servers. You can also use Network Load Balancing (NLB) to provide load balancing and high availability for Edge Transport servers.
For DAG:
You could refer to below:
http://technet.microsoft.com/en-us/library/dd638121.aspx
So, if you understand how to achieve the target, you will get the information.
Regards!
Gavin
TechNet Community Support
Similar Messages
-
Configuring Lync 2010 Mobility with Front end and Edge Server
I have been racking my brain the past week trying to figure out how to get the lync edge server working properly and how to get the mobility service working properly.
Currently I have 1 front end server that is configured and working. I have one edge server that has been configured according to nearly every online help I could find along with public CERT.
If I use microsoft's online connectivity test and I run the test for
Lync Server Remote Connectivity Test everything passes. I am also able to connect to lync using a windows lync client from outside of the internal network however I have to specify the server name as being sip.ourdomain.com I cannot get connected using
autodiscover.
When I run the Lync Autodiscover Web Service Remote Connectivity Test it fails due to SSL error to lyncdiscover.ourdomain.com which then lead me down the path that I needed to install
the Mobility service but it also tells me that I may need to update our SSL cert as well.
This is where I am getting confused and would like to be pointed in the correct direction.
When I installed mobility service on the front end server it created the autodiscover section in IIS. If I am inside our network I can browse to it without any issue. Where I am confused at this point is how to either setup DNS or how to configure
the edge server to use autodiscover.
Do I need to setup an additional public IP and point lyncdiscover.ourdomain.com to the IP of our front end server or to our edge server? If I have to point this to our front end server then that would mean that I use one public IP that goes to 443,
444 and 5061 for our edge server and then I would need one public IP that goes to ports 443 and 80 that get redirected to ports 4443 and 8080 on our front end server? If that is the case then do I have to get an external cert for the front end server
that contains lyncdiscover or can clients connect if it is just using the self signed cert from the domain?
This is where I am getting confused at and hopefully some nice folks out there can clarify this for me so I can get this resolved.
Thank you
KKYou need an additional public IP to point to a reverse proxy, which will listen on port 443 and proxy requests to your front end server on port 4443 (notice the extra 4). You can use IIS ARR, Web Application Proxy, or whatever else you may have for
this purpose, but you need to ensure you redirect port 443 to port 4443. This reverse proxy cannot be collocated on your front end server or edge, you'll need a separate box or appliance.
Beyond Lyncdiscover, you'll want to do this for your external web services FQDN as defined in the topology builder and your meet and dialin URLs too. You'll want a third part cert for all of this (though it doesn't need to be installed on the front
end, just the reverse proxy) so that you don't need to install any internally signed root certs on anyone's smartphone.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Issue in Synchronizing with Exchange 2010 Hub and Edge server
Dear Sir,
We have an issue with the installation of Exchange edge server 2010 SP1.
We installed exchange edge server on DMZ but unable to do the subscription between edge server and hub server. Tried to check from the edge server whether the ports (50389 & 50636) are listening. Both are listening without any issues. After the
edge subscription is done and when pass the command start -edgesynchronization we are getting the below error:
Unable to contact the edgesync service.
+catogary :ReadError: (:) [start-edgesynchronization], Endpoint not registered exception
+Fullyqualifiederrorid : FE1A5BE2, Microsoft.Exchange.Management.Edgesync.SyncNowTask
Please help me in rosolving the issue with regards to Edge Server.
Thank & Regards
Suraj SreekumarHi Suraj,
Try to Re subscribe the HUB & EDGE serve, Create XML file on the EDGE server, Removed the Edge subscription from the HUB server and Restart the Transport & ADAM service
Then Ran Start & Test-EdgeSynchronization cmdlet on the Exchange Management Shell on Hub, again Restart the Transport server on the HUB & ADAM service on the EDGE .
White Paper: Edge Subscription and Synchronization
http://technet.microsoft.com/en-us/library/bb310755(EXCHG.80).aspx#EdgeSyncsynchronization
Anil -
Clarification about source and destination IPs for internal clients and Edge server
I just wanted to get some clarification on the correct traffic flow between internal Lync clients and the Edge server.
From all the diagrams I've looked at I was under the impression that if internal clients need to hit the Edge server to talk to external clients they should always do so through the Edge Internal interface which bridges to the Edge External interface and
out to the internet. Specifically port 3478 from the Edge AV External interface to the internal clients.
We aren't seeing that in our environment. When internal clients are talking to external clients we see the Edge AV External interface communicating directly with the internal client. In fact we found this out because after the migration to Lync
2013 external users couldn't created a AV connection to internal users on either the Lync servers. We saw traffic on 3478 being dropped between the Edge AV External interface and the internal client. Once we opened that port AV traffic worked.
We never put this rule in until we introduced Lync 2013. Lync 2010 didn't seem to require it.
Is that the correct flow?I would also really love to know the outcome of this but it looks like the thread is marked as "Answered" and it is not so.
I've been working with a troublesome Lync deployment in which internal users are having issues sharing their desktop with external and federated users. After opening up all the 50000-59999 range for TCP/UDP on the A/V Edge external interface things are working
much better, but we still see sporadic failures.
It lead us to start digging into the network traffic. We see that UDP traffic on port 3478 is being routed back from the external client to the Edge A/V's external interface, inside of the DMZ's perimeter, then directly to the internal client on the internal
network. It doesn't look like it's making a connection since the stream is so small, so I wonder if there is a design flaw in my topology?
There are persistent static routes on the Edge server that use the internal interface to route internally directed traffic over the internal gateway. Tracert confirms the flow, but in wireshark traces, running during successful connections, UDP port 3478
is still sending packets directly to the internal IP from Edge's A/V address.
We also see successfully connected sessions communicate on a different network route that we use to handle internet traffic rather than our Lync topology's route (the one defined for A/V traffic). The connection opens on ports in the 50000 range, but goes
over a router that we have not configured for such traffic. Is that possible?
Why is UDP traffic on 3478 trying to go directly to internal clients from external interface ?
It sounds like it's happening elsewhere... Is this a legitimate issue to be diagnosing? Has it been observed and/or resolved by others? -
Loadbalancing, DAG and direct server return
Hi,
I've one DAG with 6 servers.
CAS and MBX are installed on the same servers, running Exchange 2013 SP1 on Windows Server 2012 R2
DAG is configured without a cluster administrative access point.
Our hardware loadbalancers can be configured to do NAT or Direct Server Return (DSR).
The loadbalancer runs within the same subnet as the Exchange servers.
Yesterday I switched from using NAT to DSR. To do that I've added a loopback adapter and gave it the same IP as the load balancers virtual server + Subnet 255.255.255.255
Then I allowed the Exchange server to process the packets.
netsh interface ipv4 set interface "team" weakhostreceive=enabled
netsh interface ipv4 set interface "loopback" weakhostreceive=enabled
netsh interface ipv4 set interface "loopback" weakhostsend=enabled
Everything seemed to work fine and the logs showed client ip addresses instead the load balancer ip address connecting to the server.
After checking the Eventlogs I saw that this broke my DAG-replication.
Cluster network 'Cluster Network 3' is partitioned. Some attached failover cluster nodes cannot communicate with each other over the network. The failover cluster was not able to determine
the location of the failure. Run the Validate a Configuration wizard to check your network configuration. If the condition persists, check for hardware or software errors related to the network adapter. Also check for failures in any other network components
to which the node is connected such as hubs, switches, or bridges.
Any idea how to fix this?
I like the idea of using DSR and see real client ips or are you all using NAT?
Thank you.
Kind regards,
Carsten
Name : dag1
Servers : {ex1, ex2, ex3, ex4, ex5, ex6}
WitnessServer : witnesseerver.domain.com
WitnessDirectory : C:\Witness\dag.domain.com
AlternateWitnessServer :
AlternateWitnessDirectory :
NetworkCompression : InterSubnetOnly
NetworkEncryption : InterSubnetOnly
ManualDagNetworkConfiguration : False
DatacenterActivationMode : Off
StoppedMailboxServers : {}
StartedMailboxServers : {}
DatabaseAvailabilityGroupIpv4Addresses : {255.255.255.255}
DatabaseAvailabilityGroupIpAddresses : {255.255.255.255}
AllowCrossSiteRpcClientAccess : False
OperationalServers :
PrimaryActiveManager :
ServersInMaintenance :
ServersInDeferredRecovery :
ThirdPartyReplication : Disabled
ReplicationPort : 64327
NetworkNames : {}
WitnessShareInUse :
DatabaseAvailabilityGroupConfiguration :
AutoDagSchemaVersion : 1.0
AutoDagDatabaseCopiesPerDatabase : 1
AutoDagDatabaseCopiesPerVolume : 1
AutoDagTotalNumberOfDatabases : 0
AutoDagTotalNumberOfServers : 0
AutoDagDatabasesRootFolderPath : C:\ExchangeDB
AutoDagVolumesRootFolderPath : C:\ExchangeVol
AutoDagAllServersInstalled : False
AutoDagAutoReseedEnabled : True
AutoDagDiskReclaimerEnabled : True
AutoDagBitlockerEnabled : False
ReplayLagManagerEnabled : False
MailboxLoadBalanceMaximumEdbFileSize :
MailboxLoadBalanceRelativeLoadCapacity :
MailboxLoadBalanceOverloadedThreshold :
MailboxLoadBalanceUnderloadedThreshold :
MailboxLoadBalanceEnabled : False
AdminDisplayName :
ExchangeVersion : 0.10 (14.0.100.0)
DistinguishedName : CN=dag1,CN=Database Availability Groups,CN=Exchange Administrative Group
(FYDIBOHF23SPDLT),CN=Administrative
Groups,CN=Company,CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=domain,DC=com
Identity : dag1
ObjectCategory : domain.com/Configuration/Schema/ms-Exch-MDB-Availability-Group
ObjectClass : {top, msExchMDBAvailabilityGroup}
OrganizationId :
OriginatingServer : dc1.domain.com
IsValid : True
ObjectState : UnchangedHi,
Thanks for your sharing.
Thanks
Mavis
Mavis Huang
TechNet Community Support -
Hi,
I have all exchange role installed all is working fine without edge role. CAS is load balance with nbl and MBX is with DAG. If i involve edge do i have to deploy multiple role and do same NBL for load balance, if i invovle what would be my dns setting will
this point to edge role, what owa url will point to edge or remains on cas if on edge do Edge have to redirect to cas or ressovle itself the request.
Your Guideline regarding edge
thanksHi shani,
Thank you for your question.
If i involve edge do i have to deploy multiple role and do same NBL for load balance
A: if we want to receive/send email from/to Internet though Edge, we could deploy Edge server in DMZ, if we want to configure Edge server
redundancy and load balance, we could install multiple Edge servers in DMZ. We suggest we put a Hub Transport server into each site, and then establish a 1:1 ratio of Hub Transport to Edge Transport servers. In such a configuration,
each Hub Transport server is synchronized to only one Edge Transport server. And each Edge Transport server connect to a separate Internet connection through different ISPs. Servicing multiple Edge Transport servers with a single ISP creates a potential single
point of failure. Using multiple ISPs ensures that if you will still have Internet access, even if there is an ISP problem.
what owa url will point to edge or remains on cas if on edge do Edge have to redirect to cas or ressovle itself the request.
A: As zhen’s said, we didn’t modify the URL to point to Edge. We just have MX record in ISP.
If there are any questions regarding this issue, please be free to let me know.
Best Regard,
Jim -
Co-Locate Client Access and Edge Transport Role on Same Server?
Co-Locate Client Access and Edge Transport Role on Same Server?
Is it possible/supported to install the Edge Transport Server Role on the same machine that the Client Access role is installed on now that 2013 SP1 has added support back in for the Edge Transport Role?
jonNo.
Unless something has radically changed from before...
EDIT
No, nothing has changed:
"If you want to install the Exchange 2013 Mailbox or Client Access roles on a computer, see
Install Exchange 2013 Using the Setup Wizard. The Edge Transport role can't be installed on the same computer as the Mailbox or Client Access server roles."
http://technet.microsoft.com/en-us/library/dn635117(v=exchg.150).aspx
Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. -
How to install and configure ms exchange server 2007 both role hub and edge transport role in one network
Hi,
Edge role is design for perimeter networks, to keep security risks minimum. So it’s not recommended to have edge role in internal network. Must have separate network or subnet for edge services.
If you are playing around it in labs, then you can put edge role within same subnet as other exchange roles and no specific requirements in that case.
Thanks.
MachPanel - Premium Cloud Automation Solution -
Problems with SNOM 7XX phones and presence of Lync Edge server
Hi to all,
we have this problem, this is the scenario (two Lync 2013 st ed. servers):
- lync 2013 FE server have internal IP address 172.21.212.XXX with internal gateway 172.21.212.254
- lync 2013 edge server have two network interface:
First INTERFACE: 3 IPs in 172.21.30.XXX (Access, web and A/V Edge) for external connection with 172.21.30.254 and internal gateway (IP NAT with public IP)
Second INTERFACE: IP 172.21.212.XXX for internal connection without gateway
- snom 7XX (50 phones) are connect to the lync server and all internal call works fine. All phones are in an internal dedicated network 172.21.218.XXX with default gateway 172.21.218.254
- when making external call with 7XX SNOM phones, the call was routed to Trunk COLT with Lync Mediation server and all works fine.
- when Lync Mediation server receive a call from our trunk COLT we have this situation:
All Lync 2013 clients work fine, audio is OK, (network 172.21.216.XXX)
Polycom CX3000 work fine audio is OK (network 172.21.218.XXX)
SNOM 710, 720, 760 FW 8.8.2.16 UC series, phones ring but NO SOUNDS from the phones and after a few seconds "Call failed due to network issues."
The only way to solve the problem is to disable the connection with Lync Edge server (remove gateway 172.21.30.254)
BUT this is not the solution because now we have no connection with INTERNET (skype, web conferencing doesen't work without edge gateway)
Why SNOM phones try to use the EDGE gateway to connect the call? Why doesn't use Lync Mediation server?
Can you help us to find a solution?
Thanks
AurelioHi,
Thanks to all for yours support.
Today, we have done some test (no employee in office today
J) and we have solved the problems.
The old implementation have had this configuration:
- the phone numbers have had a no E.164 format compliant: for all users number, the phone number have had this format TEL:012345XYZW ; EXT=XYZW with the normalization
rules:
Starting digits: 01234567
Length: At least 8 digits
Digit to remove: 0
Digit to add: nothing
Pattern to match ^(01234567\d*)$
All worked fine with this previous configuration:
Lync 2010 std with only mediation server function + Lync 2013 std front-end with all the others functions and Lync 2013 std Edge server for external connection with
Lync client Skype world, BUT we have had disabled in SNOM phones ICE function because if ICE was enabled no voice can we hear from the phones.
After dismissed Lync 2010 with only a Lync 2013 infrastructure, this configuration don’t permit to use edge server because with ICE enabled or disabled no voice from
SNOM phones.
Today we have done this operation:
Setting in Lync 2013 control panel all number for all users, in E.164 format compliant:
The phone number now have this format TEL:+39012345XYZW ; EXT=XYZW and we have deleted the previous normalization roles.
We have added this role for the EXT numbers:
Name: Routing Interno
Starting Digits: XY
Length: Exactly 4 (i.e. XYZW)
Digit to remove 0
Digit to add: +39012345
Pattern to match: ^(XY\d(2))$
Translation rule: +39012345$1
Internal extension = checked
And now all work fine.
We have solved another problem:
Lync client 2013 can't find new users:
all new Lync users are not discovered from Lync 2013 client, probably because this setting is present with Lync 2010:
PS C:\> Get-CsAddressBookConfiguration
Identity
: Global
RunTimeOfDay
: 1:30 AM
KeepDuration
: 30
SynchronizePollingInterval : 00:00:30
MaxDeltaFileSizePercentage : 20
UseNormalizationRules
: True
IgnoreGenericRules
: False
EnableFileGeneration
: True
With only Lync 2013 servers we have changed
IgnoreGenericRules to True
To set UseNormalizationRules and IgnoreGenericRules to true for Lynk 2013 infrastructure.
http://technet.microsoft.com/en-us/library/jj205160.aspx
For us all the problems are SOLVED!
Aurelio -
I need send and receive emails for edge server 2010
i have exchnage 2010 in our orgnization now working fine , i can send and receive emails for hub and also we have tmg and fortigate firewall(200B) , already install and configuration edge server(configure edge subscribtion file and edge sync) but still message
sent form hub and also receive form hub , what to do to receive from edge ? please help me i have 3 month search to fix his problem.Hello,
I recommend you use the Test-EdgeSynchronization cmdlet to check if the subscribed Edge Transport servers have a current and accurate synchronization status. If you have configured EdgeSynchronization successfully, please delete send connector
on Hub transport server.
Please uncheck "anonymous users" on receive connector for Hub server.
Please follow the ExchangeITPro's suggestion to check DNS MX record.
Cara Chen
TechNet Community Support -
ADAM Service cannot be started on edge server - cannot uninstall the role and ...
Hi,
after a storage failure, some files seemed to be damaged on exchange 2010 edge server
it said it could not connect to DC and i realized that is because ADAM service stopped
I tried to start it but encountered a weird error (0xc000000) some thing like that
so i found that adamntds.dit is corrupted
I issued this :
C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\data\Adam>eseutil /p adamntds.dit
it said integrity check ok but after that again ADAM does not start and says
this service started and the stopped ... (the famous message we all know)
1- now is there any way to fix it?
2- is it reasonable to use the other edge server database file on this one (we have two edge servers) or it is non-sense
3- according to this
http://social.technet.microsoft.com/Forums/exchange/en-US/93ed667c-5a37-404c-9471-d2525621a371/adam-service-wont-start-on-edge-transport?forum=exchange2010
and the advice of Ed my dear friend on Technet, itmay be better to reinstall it
but it does not even let me to uninstall it and says :
Summary: 2 item(s). 1 succeeded, 1 failed.
Elapsed time: 00:02:58
Configuring Prerequisites
Completed
Elapsed Time: 00:00:41
Edge Transport Role Prerequisites
Failed
Error:
The Active Directory Application Mode (ADAM) service must be started before Setup can continue.
Click here for help... http://technet.microsoft.com/en-US/library/ms.exch.err.default(EXCHG.141).aspx?v=14.3.123.3&e=ms.exch.err.Ex28883C&l=0&cl=cp
so somebody please tell MS guys if i could start it why should i uninstall it :P
and i do not want to use manual methods to do the removal if possible
and much better if i can fix it without even uninstall exchange
thanks to allHi,
I would like to verify if you have a backup of ADAM directory.
If yes, please put it on the server and try to start the ADAM service.
If no, I recommend you recover the ADAM directory as the following steps:
1. Use esentutl /g.
2. If Integrity check is successful, use this cmdlet: esentutl /d.
3. Use esentutl /r edb.
4. If above steps fail, use esentutl /p adamntds.dit. Then delete all files in the directory except for the adamntds.dit. (Note: Before you delete the files, please take a backup for them.)
5. Try starting ADAM service.
Hope it helps.
If there are any problems, please feel free to let me know.
Best regards,
Amy
Amy Wang
TechNet Community Support -
Lync Edge and Proxy server public DNS records port forwarding rules
Hi All
I have question in regards to port forwarding rules for port 443 of simple url.
I have 4 public ip addresses.
1 edge server (4 nics , 3 running with different ip for sip, meet and dialin in DMZ network, 1 connected to internal local network).
1 proxy server (2 nics, 1 running with an ip which is in DMZ same as edge, and 1 connected to internal local network)
1 front end (lync 2013 standard installed.) connected to internal local network
1 office web apps . connected to internal local network
The question is that I am using 3 public ip addresses respectively on public DNS records for sip, meet and dialin(av) and using port 443 which has been set on edge server. So , I can use 3 DMZ network ip address on edge for sip, meet
and dialin (av) port forwarding from 3 public ip addresses as per in Microsoft document.
However, I also have a reverse proxy .Hence, my understanding is all public DNS records except SIP and port 443 should be pointed and port forwarded to reverse proxy ip address which is in DMZ network as it would redirect 443 and 80 to 4443 and 8080 to front
end.
Now the question has been clear, if simple URLs public DNS record and port forwarding rules for port 443 should be pointed to reverse proxy server, why they need to be set on each ip address and port number in Front end server topology to edge server?
If anyone knows, please give a help how to set it correct and what is supposed to be a correct configuration for a topology lync 2013Hi George
Thanks for your reply. Attached is my topology which could make my it bit clear. You may see the public dns host record from the image. I set sip, meet, dialin , and owa 4 host records. The first 3 records are pointed to lync edge by doing a NAT with port
443 which is the same as per you said. However my understanding is they should be pointed to reverse proxy instead as for instance, I need meet.xxx.com with port 443 to be redirected to port 4443 through reverse proxy server to the front end. So when the external
customers who do not have lync client installed to their machine then we can shoot a lync meeting and send to them via outlook and they just need to click on join lync meeting link in the email to join in such a meeting based on IE. (Is my understanding correct?)
If lync web meeting works like so , then the question is why I need to set three SAME addresses in front end topology builder for edge and make them point to edge server instead?
1. Access Edge service (SIP.XXX.COM) ---> I understand that it is used for external login lync front end.
2. Webconf edge server(Can I set to meet.xxx.com which is the same as simple URL that points to reverse proxy?) ----> If I can set this address to be the same as simple url address that points to reverse proxy, why should it need to be NATed to edge
instead? TO BE HONEST, if I HAVE tested, if I set this url as sip.xxx.com which means to use a single FQDN and ip address with port 444 and points simple url meet.xxx.com to reverse proxy, it will still work to join lync meeting sent by
outlook.I DO NOT REALLY UNDERSTAND WHAT this URL used for at this stage.
3. AV edge --- same as webconf
Regards
Wen Fei Cao -
SAN certificate for external access for edge server and reverse proxy
Hello
I have a question related to the certificate planning for LYNC 2013 EDGE SERVER .
For external access and mobile user's , Iwant to enable all the feature for external user's .
im planning to purchase san certificate ,
my first question do I need only one SAN for both my edge server and the reverse proxy ?
my second question about the name's that shoud be added to the certificate ?
sip.mydomain.com
av.mydomain.com
webconf.mydomain.com
what else I should add ? I want to add the names for all feature access.
Kind Regards
MKYour Front End Pool should only contain front end servers, does it also contain your edge and back end? If so, this is a misconfiguration.
If you're planning to implement high availability, you'll want a different internal web services FQDN name than your pool name (unless you load balance the entire pool with a hardware load balancer).
You'll want your external web services FQDN to be different from your pool name if you want to use the mobile client on the internal network. Once you've come up with a new and otherwise unused FQDN for this purpose, you'll want that as additional
SAN on your cert.
Since you're not using this for the internal certificate, you can also pull admin.mydomain.com and LYNC2013-FE.mydomain.com off of the cert as those are needed internally only.
Lyncdiscoverinternal you can leave on if you need your internal mobile clients to not throw certificate errors because they don't trust your internal certificate authority, but this name would then need to be pointed to a reverse proxy or something that
can present the third party certificate.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Edge server high availability and next hop to FE servers
Hi All,
As per the article https://technet.microsoft.com/en-us/library/gg412847.aspx "Each Edge Server is a multihomed computer
with external and internal facing interfaces. The adapter Domain Name System (DNS) settings depend on whether there are DNS servers in the perimeter network. If
no DNS servers exist in the perimeter, the Edge Server(s) use external DNS servers to resolve Internet name lookups, and each Edge Server uses a HOST to resolve the next hop server names to IP addresses."
If i have 3 FE servers with DNS load balancing, where the pool.contoso.com would be associated with 192.168.0.1,
192.168.0.2, 192.168.0.3.
How do i create Host record for front end pool in the edge server? i mean which among the 3 ips should i use? as i can use only one IP in the host file record for a host name.
If i create pool.contoso.com
192.168.0.1 and that server is unavailable then the whole purpose of Edge and FE HA is defeated !!The same doc says: "Edit the HOST file on each Edge Server to contain a record for the next hop server or virtual IP (VIP) (the record will be the Director, Standard Edition server, or a Front End pool that was configured as the Edge Server next hop
address in Topology Builder). If you are using DNS load balancing, include a line for each member of the next hop pool."
But you're right, it was my understanding that only the first line of the hosts file was used. I'd have to presume the application is somewhat intelligent about this or it's incorrect guidance. I've never tested it.
You could use internal DNS too, resolving the issue, but if your DMZ was ever penetrated, someone could potentially use DNS to help map out your network. Otherwise, you'd want to add a DNS server in your DMZ or use HLB just for this which I wouldn't
be in love with.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications
This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Installing and configuring additional Edge Server role[2007] in AD site
Hello Guys,
We are planning to migrate our edge server to a new hardware. so my plan is to install new edge server and configure in a new hardware first and then decommisioing the old one.
Currently we have four servers deployed as below.
Edge Server - INEDGE001
HUB/CAS - INHUBCAS002 & INHUBCAS003
Mailbox - INMBOX004
Kindly provide the steps for this edge server harware migration.
~KarthickHi,
Based on my research, here are the steps about moving Edge server to a new hardware:
1.Capture all of your Edge Transport server configuration data
2.Shut down the existing Exchange 2007 server
3.Reset the computer account for the existing Exchange 2007 server
4.For drives that contained Exchange 2007 data, configure drive letters on the new server to map to or match the configuration of the old server.
5.Setup new Exchange 2007
6.When the Setup program has completed, install the Exchange 2007 service pack that was installed on the existing server.
7.Install any Exchange 2007 post-service pack hotfixes that were installed on the existing server.
8.Copy the ImportEdgeConfig.ps1 script to the root folder of your user profile on the server that you are restoring.
9.Validate the configuration file, and create an answer file that will provide server-specific information when the file is imported
10.Open the answer file, and modify any settings that are invalid for the server.
11.Import the Edge Transport server configuration by using the ImportEdgeConfig.ps1 script.
12.Run the EdgeSync process to replicate Active Directory information to Active Directory Application Mode (ADAM) and perform regularly scheduled synchronization.
For more detail inforamtion, you can refer to the following article:
http://technet.microsoft.com/en-us/library/bb332339(v=exchg.80).aspx
Thanks,
If you have feedback for TechNet Subscriber Support, contact
[email protected]
Angela Shi
TechNet Community Support
Maybe you are looking for
-
How do I find the serial number for my creative cloud apps?
I just downloaded Photoshop and Lightroom as part of the photography bundle for CC. Each time I launch the app, it is asking me to enter my serial number or continue as a trial. Does anyone know how to avoid this?
-
Connecting HP Laserjet P1102W to wireless network (then getting drivers!)
Hi, My macbook pro and HP LASERJET P1102W seemed to be communicating just fine when I had snow leapard. Post update to Mountain Lion, problems. I have gotten the printer to work when connected via USB, however not consistently. (Often it cannot rec
-
Suggestions for Adobe Reader for my tablet
I'm not sure if there's a better place to post this, so . . . in using Adobe Reader on my Nexus 7 tablet, I have a few suggestions for features: It would be great if you could include a search function as you find on Adobe Reader for PC and (I assume
-
How to implement third party MSN Messenger chat in KM
Hi Gurus, how to implement a third party MSN chat in KM portal. i got a par file to implement it, which is - "com.sap.netweaver.coll.demo.sdn_cs_messenger.par" but it is not working properly in my portal. please help me to solve this. Thanks in
-
Event making change in another file component (Help)
Hi there: My situation is this: I have a tab with a jPanel, and the jPanel has a button click which will have the same tab displaying a new jPanel instead the old one having that button, I have all these jPanels in individual files. I found it always