VMWare – EXMBX1 (Windows/Exchange Cluster)
Active CCR Node (1117.58GB/2 = 558.79GB)
It doesn’t make sense to allocate the entire 1117.58GB if the passive
nodes don’t have that kind of space.  We can use the other allocated
space for the OS installation, and the next VMWare based Exchange role
(below…)

VMWare – EXHUB1
The HUB transport is the role in Exchange that pushes email from the
mailbox server to clients vice versa.
It is recommended that the “witness share” be on the HUB transport
server.  This share prevents split brain syndrome in a clustered
environment.

Dell PowerEdge 2950 III – SHJXS010 (Windows/Exchange Cluster)
Passive CCR Node (679.83GB)
VSS – Volume Shadow Copy Service
The passive node’s storage speed is irrelevant, as this server is not
servicing clients on the network, so reaction time is not important.

Dell PowerEdge 2950 III – SHJXS011
Client Access Server – OWA
HUB Transport – It’s ideal to have more than one HUB transport, if
this HUB transport isn’t on this server, the clients passing
information from OWA will have to send the data further into the
network to the VMWare server.  Also, if one of the HUB transports go
down, there will be an auxiliary HUB to push email.
 I don’t want OWA on VMWare – it needs the ability to be interfaced
with the Edge Transport for security, etc.

Dell PowerEdge SC 4000 Series – SHJXS012
Edge Transport – Security Layer, Front-End of Exchange 2007
No other roles can be combined with the Edge Transport.

On Sun, 11 May 2008 11:44:59 -0700 (PDT), Cody 
wrote:

>VMWare – EXMBX1 (Windows/Exchange Cluster)
>Active CCR Node (1117.58GB/2 = 558.79GB)
>It doesn’t make sense to allocate the entire 1117.58GB if the passive
>nodes don’t have that kind of space.  We can use the other allocated
>space for the OS installation, and the next VMWare based Exchange role
>(below…)

As long as you know that you're unsupported at the moment. The policy
might well change in the coming few months but not at the moment.

>
>VMWare – EXHUB1
>The HUB transport is the role in Exchange that pushes email from the
>mailbox server to clients vice versa.
>It is recommended that the “witness share” be on the HUB transport
>server.  This share prevents split brain syndrome in a clustered
>environment.

Ok, so far so good.

>
>Dell PowerEdge 2950 III – SHJXS010 (Windows/Exchange Cluster)
>Passive CCR Node (679.83GB)
>VSS – Volume Shadow Copy Service
>The passive node’s storage speed is irrelevant, as this server is not
>servicing clients on the network, so reaction time is not important.

Rubbish. The reaction of the passive node is all-important. It's a
cluster. Unless you assign the same performance characteristics to the
passive node you are doing to be under pressure to get the active back
on line when you have to fail over. Exchange  is not supposed to suck
when you fail over from Active to Passive.

>
>Dell PowerEdge 2950 III – SHJXS011
>Client Access Server – OWA
>HUB Transport – It’s ideal to have more than one HUB transport, if
>this HUB transport isn’t on this server, the clients passing
>information from OWA will have to send the data further into the
>network to the VMWare server.  Also, if one of the HUB transports go
>down, there will be an auxiliary HUB to push email.
> I don’t want OWA on VMWare – it needs the ability to be interfaced
>with the Edge Transport for security, etc.

Huh? What do you think OWA has got to do with the Edge box? They don't
interact with each other at all. The CAS should be on a VMware
instance (subject to the supportability caveats already mentioned)

>
>Dell PowerEdge SC 4000 Series – SHJXS012
>Edge Transport – Security Layer, Front-End of Exchange 2007
>No other roles can be combined with the Edge Transport.

Why aren't you virtualizing this?

Honest opinion? Go back to the drawing board and engage someone who
knows this properly.  You have fallen down in the CAS and Edge design
and you haven't even mentioned what SAN you're using. Given the tin
you have I wouldn't bother with VMware. I'd put the Mailbox on a
physical and use the HT and CAS together with the antispamagents
installed (It's PowerShell - look it up) on the HT. Put a physical for
the Edge in when you can afford to do so.

On May 11, 3:21 pm, "Mark Arnold [MVP]"  wrote:
> On Sun, 11 May 2008 11:44:59 -0700 (PDT), Cody 
> wrote:
>
> >VMWare – EXMBX1 (Windows/Exchange Cluster)
> >Active CCR Node (1117.58GB/2 = 558.79GB)
> >It doesn’t make sense to allocate the entire 1117.58GB if the passive
> >nodes don’t have that kind of space.  We can use the other allocated
> >space for the OS installation, and the next VMWare based Exchange role
> >(below…)
>
> As long as you know that you're unsupported at the moment. The policy
> might well change in the coming few months but not at the moment.
>
>
>
> >VMWare – EXHUB1
> >The HUB transport is the role in Exchange that pushes email from the
> >mailbox server to clients vice versa.
> >It is recommended that the “witness share” be on the HUB transport
> >server.  This share prevents split brain syndrome in a clustered
> >environment.
>
> Ok, so far so good.
>
>
>
> >Dell PowerEdge 2950 III – SHJXS010 (Windows/Exchange Cluster)
> >Passive CCR Node (679.83GB)
> >VSS – Volume Shadow Copy Service
> >The passive node’s storage speed is irrelevant, as this server is not
> >servicing clients on the network, so reaction time is not important.
>
> Rubbish. The reaction of the passive node is all-important. It's a
> cluster. Unless you assign the same performance characteristics to the
> passive node you are doing to be under pressure to get the active back
> on line when you have to fail over. Exchange  is not supposed to suck
> when you fail over from Active to Passive.
>
>
>
> >Dell PowerEdge 2950 III – SHJXS011
> >Client Access Server – OWA
> >HUB Transport – It’s ideal to have more than one HUB transport, if
> >this HUB transport isn’t on this server, the clients passing
> >information from OWA will have to send the data further into the
> >network to the VMWare server.  Also, if one of the HUB transports go
> >down, there will be an auxiliary HUB to push email.
> > I don’t want OWA on VMWare – it needs the ability to be interfaced
> >with the Edge Transport for security, etc.
>
> Huh? What do you think OWA has got to do with the Edge box? They don't
> interact with each other at all. The CAS should be on a VMware
> instance (subject to the supportability caveats already mentioned)
>
>
>
> >Dell PowerEdge SC 4000 Series – SHJXS012
> >Edge Transport – Security Layer, Front-End of Exchange 2007
> >No other roles can be combined with the Edge Transport.
>
> Why aren't you virtualizing this?
>
> Honest opinion? Go back to the drawing board and engage someone who
> knows this properly.  You have fallen down in the CAS and Edge design
> and you haven't even mentioned what SAN you're using. Given the tin
> you have I wouldn't bother with VMware. I'd put the Mailbox on a
> physical and use the HT and CAS together with the antispamagents
> installed (It's PowerShell - look it up) on the HT. Put a physical for
> the Edge in when you can afford to do so.

So you're saying the Edge server doesn't send/recieve email messages
from OWA?

Also, both of those PowerEdge 2950 III'ls are overkill for what we
need.  If the passive node kicks in, the only thing slower would be
the disks (10k rpm instead of 15krpm.)  You're right, it's not suppose
to suck, but your also not suppose to run off  of the passive node
like it's the primary system.  The services that are clustered windows
wise are on the 15k rpm OS RAID setup on the PowerEdge 2950 III.  The
cluster  won't suffer any performance issues.  Both active/passive
nodes "windows services" that are clustered will operate on 15k rpm
drives.

I am not going to NAT anything into my network.  The Edge transport
will remain in the DMZ.  We have two HP servers that are interfaced
with the VMWare/SAN system.

You're right - Virtualizing this isn't supported, so I don't know why
you think slapping the Edge transport server on the VMWare system is a
great idea.  I think I am pusing it as it is with the clustering of
Exchange in VMWare.

I appreciate your overview.  Anything that gets my mind going is a
good thing.

I have had several Exchange engineer's overview the plan so far, and
there haven't been too many don'ts.  They did mention a VLAN to
seperate the heartbeat.  I will have my CCIE do this.

On Sun, 11 May 2008 13:14:39 -0700 (PDT), Cody 
wrote:

>On May 11, 3:21 pm, "Mark Arnold [MVP]"  wrote:
>> On Sun, 11 May 2008 11:44:59 -0700 (PDT), Cody 
>> wrote:
>>
>> >VMWare – EXMBX1 (Windows/Exchange Cluster)
>> >Active CCR Node (1117.58GB/2 = 558.79GB)
>> >It doesn’t make sense to allocate the entire 1117.58GB if the passive
>> >nodes don’t have that kind of space.  We can use the other allocated
>> >space for the OS installation, and the next VMWare based Exchange role
>> >(below…)
>>
>> As long as you know that you're unsupported at the moment. The policy
>> might well change in the coming few months but not at the moment.
>>
>>
>>
>> >VMWare – EXHUB1
>> >The HUB transport is the role in Exchange that pushes email from the
>> >mailbox server to clients vice versa.
>> >It is recommended that the “witness share” be on the HUB transport
>> >server.  This share prevents split brain syndrome in a clustered
>> >environment.
>>
>> Ok, so far so good.
>>
>>
>>
>> >Dell PowerEdge 2950 III – SHJXS010 (Windows/Exchange Cluster)
>> >Passive CCR Node (679.83GB)
>> >VSS – Volume Shadow Copy Service
>> >The passive node’s storage speed is irrelevant, as this server is not
>> >servicing clients on the network, so reaction time is not important.
>>
>> Rubbish. The reaction of the passive node is all-important. It's a
>> cluster. Unless you assign the same performance characteristics to the
>> passive node you are doing to be under pressure to get the active back
>> on line when you have to fail over. Exchange  is not supposed to suck
>> when you fail over from Active to Passive.
>>
>>
>>
>> >Dell PowerEdge 2950 III – SHJXS011
>> >Client Access Server – OWA
>> >HUB Transport – It’s ideal to have more than one HUB transport, if
>> >this HUB transport isn’t on this server, the clients passing
>> >information from OWA will have to send the data further into the
>> >network to the VMWare server.  Also, if one of the HUB transports go
>> >down, there will be an auxiliary HUB to push email.
>> > I don’t want OWA on VMWare – it needs the ability to be interfaced
>> >with the Edge Transport for security, etc.
>>
>> Huh? What do you think OWA has got to do with the Edge box? They don't
>> interact with each other at all. The CAS should be on a VMware
>> instance (subject to the supportability caveats already mentioned)
>>
>>
>>
>> >Dell PowerEdge SC 4000 Series – SHJXS012
>> >Edge Transport – Security Layer, Front-End of Exchange 2007
>> >No other roles can be combined with the Edge Transport.
>>
>> Why aren't you virtualizing this?
>>
>> Honest opinion? Go back to the drawing board and engage someone who
>> knows this properly.  You have fallen down in the CAS and Edge design
>> and you haven't even mentioned what SAN you're using. Given the tin
>> you have I wouldn't bother with VMware. I'd put the Mailbox on a
>> physical and use the HT and CAS together with the antispamagents
>> installed (It's PowerShell - look it up) on the HT. Put a physical for
>> the Edge in when you can afford to do so.
>
>So you're saying the Edge server doesn't send/recieve email messages
>from OWA?

Not directly, you still need the HT in there so the basis of your
understanding the design is in error.

>
>Also, both of those PowerEdge 2950 III'ls are overkill for what we
>need.  If the passive node kicks in, the only thing slower would be
>the disks (10k rpm instead of 15krpm.)  You're right, it's not suppose
>to suck, but your also not suppose to run off  of the passive node
>like it's the primary system.

Err, yes, you are; that's the point !!!

>  The services that are clustered windows
>wise are on the 15k rpm OS RAID setup on the PowerEdge 2950 III.  The
>cluster  won't suffer any performance issues.  Both active/passive
>nodes "windows services" that are clustered will operate on 15k rpm
>drives.

You have RAID set up in the OS? Oh my, your performance is going to
suck, badly. I think you're in error and you're actually using the
hardware RAID from the Dell box and you've just described it badly.

>
>I am not going to NAT anything into my network.  The Edge transport
>will remain in the DMZ.  We have two HP servers that are interfaced
>with the VMWare/SAN system.
>
? Not sure where this fact fits into the conversation. Natting is
irrelevant to this topic right now.

>You're right - Virtualizing this isn't supported, so I don't know why
>you think slapping the Edge transport server on the VMWare system is a
>great idea.  I think I am pusing it as it is with the clustering of
>Exchange in VMWare.

The Edge is just an SMTP engine and like you've said, the tin is
overkill as physical so if you do need the Edge (in terms of what you
have and what you want in your security infrastructure) then it makes
sense to be virtualsed.

>
>I appreciate your overview.  Anything that gets my mind going is a
>good thing.
>
>I have had several Exchange engineer's overview the plan so far, and
>there haven't been too many don'ts.  They did mention a VLAN to
>seperate the heartbeat.  I will have my CCIE do this.

You have a single CCR pair? You hardly need a CCIE to get a crossover
cat5 cable and stick them into the network cards. Really, it's as
simple as that, you don't need a CCIE to help you with that.


You need to sit down with these engineers and get them to explain
traffic flow to you as the whole thing about the OWA and Edge (above)
proves you need a little assistance, as does the fact that nobody's
told you about the heartbeat cable. no VLAN, no CCIE required. It
might be different if you were having an eight node SCC cluster but
not with the A/P CCR setup.

>
>>
>>Also, both of those PowerEdge 2950 III'ls are overkill for what we
>>need.  If the passive node kicks in, the only thing slower would be
>>the disks (10k rpm instead of 15krpm.)  You're right, it's not suppose
>>to suck, but your also not suppose to run off  of the passive node
>>like it's the primary system.
>
>Err, yes, you are; that's the point !!!

Aye! Any node of the CCR cluster could be the passive node at any
time. You cant build it as if one node is the "better node", that
defeats the pupose. 


>
>

> Aye! Any node of the CCR cluster could be the passive node at any
> time. You cant build it as if one node is the "better node", that
> defeats the pupose.

Wow, a virtual machine with 'acceptable' storage for your preferred CCR 
node, versus physical hardware and 'slow' storage for your CCR node that you 
aren't giving any love too.

From the sounds of it, this might be for a lot of users? How many are you 
looking to support on this configuration?

Oliver

On May 11, 7:29 pm, "Mark Arnold [MVP]"  wrote:
> On Sun, 11 May 2008 13:14:39 -0700 (PDT), Cody 
> wrote:
>
>
>
>
>
> >On May 11, 3:21 pm, "Mark Arnold [MVP]"  wrote:
> >> On Sun, 11 May 2008 11:44:59 -0700 (PDT), Cody 
> >> wrote:
>
> >> >VMWare – EXMBX1 (Windows/Exchange Cluster)
> >> >Active CCR Node (1117.58GB/2 = 558.79GB)
> >> >It doesn’t make sense to allocate the entire 1117.58GB if the passive
> >> >nodes don’t have that kind of space.  We can use the other allocated
> >> >space for the OS installation, and the next VMWare based Exchange role> >> >(below…)
>
> >> As long as you know that you're unsupported at the moment. The policy
> >> might well change in the coming few months but not at the moment.
>
> >> >VMWare – EXHUB1
> >> >The HUB transport is the role in Exchange that pushes email from the
> >> >mailbox server to clients vice versa.
> >> >It is recommended that the “witness share” be on the HUB transport> >> >server.  This share prevents split brain syndrome in a clustered
> >> >environment.
>
> >> Ok, so far so good.
>
> >> >Dell PowerEdge 2950 III – SHJXS010 (Windows/Exchange Cluster)
> >> >Passive CCR Node (679.83GB)
> >> >VSS – Volume Shadow Copy Service
> >> >The passive node’s storage speed is irrelevant, as this server is not
> >> >servicing clients on the network, so reaction time is not important.
>
> >> Rubbish. The reaction of the passive node is all-important. It's a
> >> cluster. Unless you assign the same performance characteristics to the
> >> passive node you are doing to be under pressure to get the active back
> >> on line when you have to fail over. Exchange  is not supposed to suck> >> when you fail over from Active to Passive.
>
> >> >Dell PowerEdge 2950 III – SHJXS011
> >> >Client Access Server – OWA
> >> >HUB Transport – It’s ideal to have more than one HUB transport, if> >> >this HUB transport isn’t on this server, the clients passing
> >> >information from OWA will have to send the data further into the
> >> >network to the VMWare server.  Also, if one of the HUB transports go> >> >down, there will be an auxiliary HUB to push email.
> >> > I don’t want OWA on VMWare – it needs the ability to be interfaced
> >> >with the Edge Transport for security, etc.
>
> >> Huh? What do you think OWA has got to do with the Edge box? They don't
> >> interact with each other at all. The CAS should be on a VMware
> >> instance (subject to the supportability caveats already mentioned)
>
> >> >Dell PowerEdge SC 4000 Series – SHJXS012
> >> >Edge Transport – Security Layer, Front-End of Exchange 2007
> >> >No other roles can be combined with the Edge Transport.
>
> >> Why aren't you virtualizing this?
>
> >> Honest opinion? Go back to the drawing board and engage someone who
> >> knows this properly.  You have fallen down in the CAS and Edge design> >> and you haven't even mentioned what SAN you're using. Given the tin
> >> you have I wouldn't bother with VMware. I'd put the Mailbox on a
> >> physical and use the HT and CAS together with the antispamagents
> >> installed (It's PowerShell - look it up) on the HT. Put a physical for
> >> the Edge in when you can afford to do so.
>
> >So you're saying the Edge server doesn't send/recieve email messages
> >from OWA?
>
> Not directly, you still need the HT in there so the basis of your
> understanding the design is in error.
>
>
>
> >Also, both of those PowerEdge 2950 III'ls are overkill for what we
> >need.  If the passive node kicks in, the only thing slower would be
> >the disks (10k rpm instead of 15krpm.)  You're right, it's not suppose
> >to suck, but your also not suppose to run off  of the passive node
> >like it's the primary system.
>
> Err, yes, you are; that's the point !!!
>
> >  The services that are clustered windows
> >wise are on the 15k rpm OS RAID setup on the PowerEdge 2950 III.  The
> >cluster  won't suffer any performance issues.  Both active/passive
> >nodes "windows services" that are clustered will operate on 15k rpm
> >drives.
>
> You have RAID set up in the OS? Oh my, your performance is going to
> suck, badly. I think you're in error and you're actually using the
> hardware RAID from the Dell box and you've just described it badly.
>
>
>
> >I am not going to NAT anything into my network.  The Edge transport
> >will remain in the DMZ.  We have two HP servers that are interfaced
> >with the VMWare/SAN system.
>
> ? Not sure where this fact fits into the conversation. Natting is
> irrelevant to this topic right now.
>
> >You're right - Virtualizing this isn't supported, so I don't know why
> >you think slapping the Edge transport server on the VMWare system is a
> >great idea.  I think I am pusing it as it is with the clustering of
> >Exchange in VMWare.
>
> The Edge is just an SMTP engine and like you've said, the tin is
> overkill as physical so if you do need the Edge (in terms of what you
> have and what you want in your security infrastructure) then it makes
> sense to be virtualsed.
>
>
>
> >I appreciate your overview.  Anything that gets my mind going is a
> >good thing.
>
> >I have had several Exchange engineer's overview the plan so far, and
> >there haven't been too many don'ts.  They did mention a VLAN to
> >seperate the heartbeat.  I will have my CCIE do this.
>
> You have a single CCR pair? You hardly need a CCIE to get a crossover
> cat5 cable and stick them into the network cards. Really, it's as
> simple as that, you don't need a CCIE to help you with that.
>
> You need to sit down with these engineers and get them to explain
> traffic flow to you as the whole thing about the OWA and Edge (above)
> proves you need a little assistance, as does the fact that nobody's
> told you about the heartbeat cable. no VLAN, no CCIE required. It
> might be different if you were having an eight node SCC cluster but
> not with the A/P CCR setup.- Hide quoted text -
>
> - Show quoted text -

You're mis-understood many of the things I have typed.. lol

I am not using software RAID.  You also took me too seriously when I
said your not suppose to use the passive node like it's the primary
system.  You are a bad administrator if you let the passive node
continue to service your clients and let the active node stay down.
You're suppose to fix the issue with the active node, and flip the
role of active back to the primary system.

You can run command line commands to switch which node is active, or
passive for that matter.  It's the admin's job to keep an eye on his
systems.

Every system is overkill - we have *150* users at most.  They don't
send attachments.  This system is in response to executive orders.  We
had a serious exchange failure that took email offline for 5 days.
They had email flow, but old email was gone until the database could
be repaired.

Will all due respect, I asked for opinions on setup, not what you all
think is best for a fortune 500 company.  So far, the only good
comment I have is to put the Edge on VMWare.

Each system has dual quad core processors, 15k rpm drives for the OS,
and 16GB RAM.  For 150 users people...

>
>You're mis-understood many of the things I have typed.. lol
>
>I am not using software RAID.  You also took me too seriously when I
>said your not suppose to use the passive node like it's the primary
>system.  You are a bad administrator if you let the passive node
>continue to service your clients and let the active node stay down.
>You're suppose to fix the issue with the active node, and flip the
>role of active back to the primary system.

Yes, you need to fix the node that is down, but in CCR there typically
is no primary and secondary node. I think you are misunderstanding us
:)
CCR nodes are peers. There is no requirement to flip back to the
primary system, because both nodes should have the ability to be
"primary". 


>
>You can run command line commands to switch which node is active, or
>passive for that matter.  It's the admin's job to keep an eye on his
>systems.

Yep. Of course.

>
>Every system is overkill - we have *150* users at most.  They don't
>send attachments.  This system is in response to executive orders.  We
>had a serious exchange failure that took email offline for 5 days.
>They had email flow, but old email was gone until the database could
>be repaired.

Then its not overkill. HA is a legitmate concern and 5 days down is
way too long for most places. Heck, some companies would fold if they
were down that long.


>
>Will all due respect, I asked for opinions on setup, not what you all
>think is best for a fortune 500 company.  So far, the only good
>comment I have is to put the Edge on VMWare.

Fortune 500? Naw, doing it right is relevant to any sized company. 
>
>Each system has dual quad core processors, 15k rpm drives for the OS,
>and 16GB RAM.  For 150 users people...

On May 13, 7:10 am, Andy David  {MVP}
 wrote:
> >You're mis-understood many of the things I have typed.. lol
>
> >I am not using software RAID.  You also took me too seriously when I
> >said your not suppose to use the passive node like it's the primary
> >system.  You are a bad administrator if you let the passive node
> >continue to service your clients and let the active node stay down.
> >You're suppose to fix the issue with the active node, and flip the
> >role of active back to the primary system.
>
> Yes, you need to fix the node that is down, but in CCR there typically
> is no primary and secondary node. I think you are misunderstanding us
> :)
> CCR nodes are peers. There is no requirement to flip back to the
> primary system, because both nodes should have the ability to be
> "primary".
>
>
>
> >You can run command line commands to switch which node is active, or
> >passive for that matter.  It's the admin's job to keep an eye on his
> >systems.
>
> Yep. Of course.
>
>
>
> >Every system is overkill - we have *150* users at most.  They don't
> >send attachments.  This system is in response to executive orders.  We
> >had a serious exchange failure that took email offline for 5 days.
> >They had email flow, but old email was gone until the database could
> >be repaired.
>
> Then its not overkill. HA is a legitmate concern and 5 days down is
> way too long for most places. Heck, some companies would fold if they
> were down that long.
>
>
>
> >Will all due respect, I asked for opinions on setup, not what you all
> >think is best for a fortune 500 company.  So far, the only good
> >comment I have is to put the Edge on VMWare.
>
> Fortune 500? Naw, doing it right is relevant to any sized company.
>
>
>
>
>
> >Each system has dual quad core processors, 15k rpm drives for the OS,
> >and 16GB RAM.  For 150 users people...- Hide quoted text -
>
> - Show quoted text -

Well, it just seems the term right is a realative term.  Everyone I
talk to, Exchange Admins/Engineers, VMWare people, Microsoft people,
all have different views.  Even my Director and Manager want it setup
differently from each other.  lmao

My Director is against virtualizing the Edge transport.  I'll
administrate it, even if the solution ends up being something I didn't
agree with.  Thus is the way of things.

I would have liked to slap another NIC in one of my HP’s and setup
Edge on its on little VSwitch.  It would have been secure, and clean.
It’s just an SMTP relay.  It’s not special at all.