|
|
|
date: Fri, 23 Nov 2007 15:02:26 -0800,
group: microsoft.public.exchange.design
back
Optimizing Exchange InterSite traffic
Good afternoon:
We have a main office (with 50 mailbox enabled users and an Internet
connection) and a remote office (with 5 mailbox enabled users and
another Internet connection). There is also another connection between
those offices just for "internal" traffic (AD, DNS, DHCP, VoIP, e-mail,
TS, SMB...).
The main one centralizes AD Services, Corporate applications and files,
Backup System and e-mail. In fact, there is just an Exchange Server 2003
server in that office that manages all incoming and outgoing messages of
the company.
All three WAN connections are ADSL and we created a VPN for interoffice
communication.
The problem appears when we want to optimize the traffic between those
offices, mainly for Active Directory and Exchange Services.
We thought to create two separate sites, one for every office, with
their own DC, DNS, DHCP and Global Catalog, synchronizing data on an
scheduled time. Related to e-mail routing, we thought on installing
another Exchange 2003 Server on the remote office, just for allocating
mailboxes for those 5 users. In the final scenario, all incoming SMTP
traffic would arrive to the main office and then stored there by
default, unless for those 5 users, whose e-mail would be "routed" to the
new Exchange Server (how does it works? is it needed to create a
connector on the main Exchange Server?). And outgoing mail would be
delivered for every office through its own Internet Connection.
In order to prevent to match antispam filters (based on DNS records A,
MX, reverse DNS, Hostname FQDN, etc.) we would configure a host and MX
(with higher value) record for the remote office Internet connection and
the FQDN of that Exchange Server. To prevent using the new MX record, we
would also deny on the remote office's router incoming SMTP traffic.
Do you believe this is a good solution for optimizing traffic (e-mail
and domain services) between offices?
On the Exchange traffic, which action or item needs more bandwith?
Related to the Backup:
How could we centralize the daily backup job of the mailbox storage?
Would it be necessary to send (through the interoffice WAN connection)
all the 5 users mailbox data in a full backup? Is there a faster way
different from using differential or incremental copy?
Would it be possible to create all the mailboxes in the main office
Exchange Server and just a copy of the 5 remote users mailbox in the
remote Exchange Server? And synchronize just changes on the 5 mailboxes
on a scheduled time?
I will really appreciate your help, ideas or suggestions.
Thanks in advance.
date: Fri, 23 Nov 2007 15:02:26 -0800
author: zubero
Re: Optimizing Exchange InterSite traffic
It's not very cost-effective to place an Exchange server at the remote
location for just 5 users. This should be done only if the bandwidth between
the 2 is insufficient for allowing remote access using OWA / Outlook Cached
Mode / Outlook Anywhere (RPC over HTTP), etc.
Other responses inline.
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------------------------
"zubero" wrote in message
news:Xns99F26B2B2E8zuberotelelinees@207.46.248.16...
> Good afternoon:
>
> We have a main office (with 50 mailbox enabled users and an Internet
> connection) and a remote office (with 5 mailbox enabled users and
> another Internet connection). There is also another connection between
> those offices just for "internal" traffic (AD, DNS, DHCP, VoIP, e-mail,
> TS, SMB...).
> The main one centralizes AD Services, Corporate applications and files,
> Backup System and e-mail. In fact, there is just an Exchange Server 2003
> server in that office that manages all incoming and outgoing messages of
> the company.
> All three WAN connections are ADSL and we created a VPN for interoffice
> communication.
>
> The problem appears when we want to optimize the traffic between those
> offices, mainly for Active Directory and Exchange Services.
> We thought to create two separate sites, one for every office, with
> their own DC, DNS, DHCP and Global Catalog, synchronizing data on an
> scheduled time. Related to e-mail routing, we thought on installing
> another Exchange 2003 Server on the remote office, just for allocating
> mailboxes for those 5 users.
Not very cost-effective to place a remote Exchange server for just 5 users.
Does the available bandwidth insufficient to allow these 5 users remote
access using OWA / Outlook in Cached Mode?? If not, I would recommend
considering a bandwidth increase instead.
In the final scenario, all incoming SMTP
> traffic would arrive to the main office and then stored there by
> default, unless for those 5 users, whose e-mail would be "routed" to the
> new Exchange Server (how does it works?
Based on Active Directory lookups....
> is it needed to create a
> connector on the main Exchange Server?).
Connectors are created between Routing Groups - if the remote server is
placed in a new Routing Group, you will need Routing Group Connectors both
ways. If there is no specific requirement for controlling email traffic like
transferring large messages after-hours or at fixed intervals, a single
Exchange server at a remote location doesn't call for a separate/new Routing
Group and creation of Connectors.
> And outgoing mail would be
> delivered for every office through its own Internet Connection.
Possible - if each office is in its own Routing Group, create a SMTP
Connector for address space * scoped to the local Routing Group.
> In order to prevent to match antispam filters (based on DNS records A,
> MX, reverse DNS, Hostname FQDN, etc.) we would configure a host and MX
> (with higher value) record for the remote office Internet connection and
> the FQDN of that Exchange Server. To prevent using the new MX record, we
> would also deny on the remote office's router incoming SMTP traffic.
Not sure what you're trying to accomplish here.... can you clarify further?
> Do you believe this is a good solution for optimizing traffic (e-mail
> and domain services) between offices?
Look at comments above.
> On the Exchange traffic, which action or item needs more bandwith?
>
> Related to the Backup:
> How could we centralize the daily backup job of the mailbox storage?
Centralize as in backups of remote servers to the same location? Or simply
managing backups centrally (but backed up to backup devices/media local to
each location)? The former would of course eat up a lot of bandwidth... For
the latter, most third-party software lets you control backup agents
centrally...
> Would it be necessary to send (through the interoffice WAN connection)
> all the 5 users mailbox data in a full backup?
Depending on bandwidth and how large the mailboxes are... again, you can
avoid this by simply having those users access the Exchange server at the
main office.
> Is there a faster way
> different from using differential or incremental copy?
> Would it be possible to create all the mailboxes in the main office
> Exchange Server and just a copy of the 5 remote users mailbox in the
> remote Exchange Server?
>And synchronize just changes on the 5 mailboxes
> on a scheduled time?
No. Exchange Server 2007 has replication features for high availability, but
none aimed at meeting such a requirement.
>
> I will really appreciate your help, ideas or suggestions.
>
> Thanks in advance.
Take a step back and give this another thought - what is the problem you're
trying to address? If AD traffic is creating bandwidth issues, placing an
Exchange server at the remote location isn't the solution. It will help the
5 remote users use a local Exchange server and they'll be happier. However,
you'll have increased management costs.
As far as AD replication traffic is concerned, there shouldn't be a lot of
replication for an environment of that size, imo.
date: Sat, 24 Nov 2007 09:53:49 -0800
author: Bharat Suneja [MVP]
Re: Optimizing Exchange InterSite traffic
Thank you for your answer.
Responses inline.
"Bharat Suneja [MVP]" wrote in
news:uQ1O5LsLIHA.6108@TK2MSFTNGP03.phx.gbl:
> Subject: Re: Optimizing Exchange InterSite traffic
> From: "Bharat Suneja [MVP]"
> Newsgroups: microsoft.public.exchange.design
>
> It's not very cost-effective to place an Exchange server at the remote
> location for just 5 users. This should be done only if the bandwidth
> between the 2 is insufficient for allowing remote access using OWA /
> Outlook Cached Mode / Outlook Anywhere (RPC over HTTP), etc.
>
Nowadays, we are using Microsoft Exchange Server 2003 and clients are
OWA and Microsoft Outlook 2003 with Cached Mode.
The final scenario is to obtain two almost "autonomous" offices for
Internet access, AD and messaging and a centralized system, with a
dedicated ADSL connection with VPN configured for file sharing,
corporate applications (Terminal Server), backup (management and tape
storage) and VoIP.
As a result, I'd like to have two options to compare by myself and show
pros and cons of them. It is, one as you said using OWA, Outlook Cached
Mode and RPC over HTTPS, and another solution based on a new Exchange
Server (and DC...), which is the option that customer is very interested
in (he is thinking also in a better scalability) and I don't fully know.
> Other responses inline.
>
> --
> Bharat Suneja
> MVP - Exchange
> www.zenprise.com
> NEW blog location:
> exchangepedia.com/blog
> ----------------------------------------------
>
>
> "zubero" wrote in message
> news:Xns99F26B2B2E8zuberotelelinees@207.46.248.16...
>> Good afternoon:
>>
>> We have a main office (with 50 mailbox enabled users and an Internet
>> connection) and a remote office (with 5 mailbox enabled users and
>> another Internet connection). There is also another connection
>> between those offices just for "internal" traffic (AD, DNS, DHCP,
>> VoIP, e-mail, TS, SMB...).
>> The main one centralizes AD Services, Corporate applications and
>> files, Backup System and e-mail. In fact, there is just an Exchange
>> Server 2003 server in that office that manages all incoming and
>> outgoing messages of the company.
>> All three WAN connections are ADSL and we created a VPN for
>> interoffice communication.
>>
>> The problem appears when we want to optimize the traffic between
>> those offices, mainly for Active Directory and Exchange Services.
>> We thought to create two separate sites, one for every office, with
>> their own DC, DNS, DHCP and Global Catalog, synchronizing data on an
>> scheduled time. Related to e-mail routing, we thought on installing
>> another Exchange 2003 Server on the remote office, just for
>> allocating mailboxes for those 5 users.
>
> Not very cost-effective to place a remote Exchange server for just 5
> users. Does the available bandwidth insufficient to allow these 5
> users remote access using OWA / Outlook in Cached Mode?? If not, I
> would recommend considering a bandwidth increase instead.
>
It is just an issue of having another option and try to minimize some
traffic between offices on bussiness hours. We are also considering a
bandwidth increase also for a better performance, espec. for VoIP and
maybe (not sure) videoconference.
>
> In the final scenario, all incoming SMTP
>> traffic would arrive to the main office and then stored there by
>> default, unless for those 5 users, whose e-mail would be "routed" to
>> the new Exchange Server (how does it works?
>
> Based on Active Directory lookups....
>
>
>> is it needed to create a
>> connector on the main Exchange Server?).
>
> Connectors are created between Routing Groups - if the remote server
> is placed in a new Routing Group, you will need Routing Group
> Connectors both ways. If there is no specific requirement for
> controlling email traffic like transferring large messages after-hours
> or at fixed intervals, a single Exchange server at a remote location
> doesn't call for a separate/new Routing Group and creation of
> Connectors.
>
>
>> And outgoing mail would be
>> delivered for every office through its own Internet Connection.
>
> Possible - if each office is in its own Routing Group, create a SMTP
> Connector for address space * scoped to the local Routing Group.
>
We are not thinking on specific requirement for controlling email
traffic between offices (i. e. transferring large message after-hours),
just mailbox storaging in a per office basis; but due to the SMTP
connector for outgoing e-mail in the remote office through its own
Internet connection, then it will be necessary to create another routing
group, is it correct?
>
>> In order to prevent to match antispam filters (based on DNS records
>> A, MX, reverse DNS, Hostname FQDN, etc.) we would configure a host
>> and MX (with higher value) record for the remote office Internet
>> connection and the FQDN of that Exchange Server. To prevent using the
>> new MX record, we would also deny on the remote office's router
>> incoming SMTP traffic.
>
> Not sure what you're trying to accomplish here.... can you clarify
> further?
There are some antispam filters based on DNS queries to verify sender,
so if every office uses its own Internet connection to send e-mail, it
would be necessary to add a new A record in forward DNS and configure
PTR record in reverse DNS.
>
>> Do you believe this is a good solution for optimizing traffic (e-mail
>> and domain services) between offices?
>
> Look at comments above.
>
>
>> On the Exchange traffic, which action or item needs more bandwith?
>>
>> Related to the Backup:
>> How could we centralize the daily backup job of the mailbox storage?
>
> Centralize as in backups of remote servers to the same location? Or
> simply managing backups centrally (but backed up to backup
> devices/media local to each location)? The former would of course eat
> up a lot of bandwidth... For the latter, most third-party software
> lets you control backup agents centrally...
>
We'd like to obtain a backup of remote mailboxes data in the main office
but looking for a way to send the minimum amount of data through the
VPN.
Maybe it could be a solution to configure a daily backup job for data in
the remote office and store it locally (i. e. Disk based media) and
create a weekly backup to store data in the main office (in tape media
storaged later in a safe place out of the office). What about this
option?
>> Would it be necessary to send (through the interoffice WAN
>> connection) all the 5 users mailbox data in a full backup?
>
> Depending on bandwidth and how large the mailboxes are... again, you
> can avoid this by simply having those users access the Exchange server
> at the main office.
>
>> Is there a faster way
>> different from using differential or incremental copy?
>> Would it be possible to create all the mailboxes in the main office
>> Exchange Server and just a copy of the 5 remote users mailbox in the
>> remote Exchange Server?
>>And synchronize just changes on the 5 mailboxes
>> on a scheduled time?
>
> No. Exchange Server 2007 has replication features for high
> availability, but none aimed at meeting such a requirement.
Should it be possible to use this feature in this scenario to replicate
mailbox storage from remote Exchange Server to the main one and backup
all the data in the Exchange Server allocated in the main office?
>
>>
>> I will really appreciate your help, ideas or suggestions.
>>
>> Thanks in advance.
>
> Take a step back and give this another thought - what is the problem
> you're trying to address? If AD traffic is creating bandwidth issues,
> placing an Exchange server at the remote location isn't the solution.
> It will help the 5 remote users use a local Exchange server and
> they'll be happier. However, you'll have increased management costs.
>
> As far as AD replication traffic is concerned, there shouldn't be a
> lot of replication for an environment of that size, imo.
>
>
Thank you again for your help.
As you said, placing an Exchange server at the remote location isn't the
solution for 5 users, but we are looking for an option that satified
mainly the interoffice bandwidth use and also help remote users to be
happier (just a marketing issue) thinking they are more "autonomous".
In fact, it is difficult to evaluate the real problem because customer
doesn't want to analize interoffice traffic to evaluate real cost of AD,
DNS, DHCP, messaging... Maybe it would be enough increasing bandwidth
and apply QoS (it is going to be used), but the situation is difficult
when it is not just a technical issue.
I believe we must show two options: The most cost effective (OWA, RPC
ofer HTTPS...) and another based in a separate AD site with their own
Exchange Server and compare both of them. Finally, if customer prefers
the second option, we will must to think a better use of the new
infraestructure (i. e. using remote office as a backup for SMTP traffic
if main office Internet connection goes down).
Note: We don't obtain material benefit for this solution (just the
experience of a good design and implementation), then we are not
interested on a more expensive solution to gain money.
With best regards,
--
Carlos Jiménez
CCNA, CEH
Microsoft Certified Professional
date: Sun, 25 Nov 2007 05:31:10 -0800
author: zubero
Re: Optimizing Exchange InterSite traffic
>>>I believe we must show two options: The most cost effective (OWA, RPC
>>>ofer HTTPS...) and another based in a separate AD site with their own
>>>Exchange Server and compare both of them. Finally, if customer prefers
>>>the second option, we will must to think a better use of the new
>>>infraestructure (i. e. using remote office as a backup for SMTP traffic
>>>if main office Internet connection goes down).
If that's the case... sure. As you stated, not as much technical
requirements-driven....
--
Bharat Suneja
MVP - Exchange
www.zenprise.com
NEW blog location:
exchangepedia.com/blog
----------------------------------------------
"zubero" wrote in message
news:Xns99F393B4D8653zubero@207.46.248.16...
> Thank you for your answer.
>
> Responses inline.
>
>
>
> "Bharat Suneja [MVP]" wrote in
> news:uQ1O5LsLIHA.6108@TK2MSFTNGP03.phx.gbl:
>
>> Subject: Re: Optimizing Exchange InterSite traffic
>> From: "Bharat Suneja [MVP]"
>> Newsgroups: microsoft.public.exchange.design
>>
>> It's not very cost-effective to place an Exchange server at the remote
>> location for just 5 users. This should be done only if the bandwidth
>> between the 2 is insufficient for allowing remote access using OWA /
>> Outlook Cached Mode / Outlook Anywhere (RPC over HTTP), etc.
>>
>
>
>
> Nowadays, we are using Microsoft Exchange Server 2003 and clients are
> OWA and Microsoft Outlook 2003 with Cached Mode.
>
> The final scenario is to obtain two almost "autonomous" offices for
> Internet access, AD and messaging and a centralized system, with a
> dedicated ADSL connection with VPN configured for file sharing,
> corporate applications (Terminal Server), backup (management and tape
> storage) and VoIP.
>
> As a result, I'd like to have two options to compare by myself and show
> pros and cons of them. It is, one as you said using OWA, Outlook Cached
> Mode and RPC over HTTPS, and another solution based on a new Exchange
> Server (and DC...), which is the option that customer is very interested
> in (he is thinking also in a better scalability) and I don't fully know.
>
>
>
>
>> Other responses inline.
>>
>> --
>> Bharat Suneja
>> MVP - Exchange
>> www.zenprise.com
>> NEW blog location:
>> exchangepedia.com/blog
>> ----------------------------------------------
>>
>>
>> "zubero" wrote in message
>> news:Xns99F26B2B2E8zuberotelelinees@207.46.248.16...
>>> Good afternoon:
>>>
>>> We have a main office (with 50 mailbox enabled users and an Internet
>>> connection) and a remote office (with 5 mailbox enabled users and
>>> another Internet connection). There is also another connection
>>> between those offices just for "internal" traffic (AD, DNS, DHCP,
>>> VoIP, e-mail, TS, SMB...).
>>> The main one centralizes AD Services, Corporate applications and
>>> files, Backup System and e-mail. In fact, there is just an Exchange
>>> Server 2003 server in that office that manages all incoming and
>>> outgoing messages of the company.
>>> All three WAN connections are ADSL and we created a VPN for
>>> interoffice communication.
>>>
>>> The problem appears when we want to optimize the traffic between
>>> those offices, mainly for Active Directory and Exchange Services.
>>> We thought to create two separate sites, one for every office, with
>>> their own DC, DNS, DHCP and Global Catalog, synchronizing data on an
>>> scheduled time. Related to e-mail routing, we thought on installing
>>> another Exchange 2003 Server on the remote office, just for
>>> allocating mailboxes for those 5 users.
>>
>> Not very cost-effective to place a remote Exchange server for just 5
>> users. Does the available bandwidth insufficient to allow these 5
>> users remote access using OWA / Outlook in Cached Mode?? If not, I
>> would recommend considering a bandwidth increase instead.
>>
>
>
> It is just an issue of having another option and try to minimize some
> traffic between offices on bussiness hours. We are also considering a
> bandwidth increase also for a better performance, espec. for VoIP and
> maybe (not sure) videoconference.
>
>
>>
>> In the final scenario, all incoming SMTP
>>> traffic would arrive to the main office and then stored there by
>>> default, unless for those 5 users, whose e-mail would be "routed" to
>>> the new Exchange Server (how does it works?
>>
>> Based on Active Directory lookups....
>>
>>
>>> is it needed to create a
>>> connector on the main Exchange Server?).
>>
>> Connectors are created between Routing Groups - if the remote server
>> is placed in a new Routing Group, you will need Routing Group
>> Connectors both ways. If there is no specific requirement for
>> controlling email traffic like transferring large messages after-hours
>> or at fixed intervals, a single Exchange server at a remote location
>> doesn't call for a separate/new Routing Group and creation of
>> Connectors.
>>
>>
>>> And outgoing mail would be
>>> delivered for every office through its own Internet Connection.
>>
>> Possible - if each office is in its own Routing Group, create a SMTP
>> Connector for address space * scoped to the local Routing Group.
>>
>
>
> We are not thinking on specific requirement for controlling email
> traffic between offices (i. e. transferring large message after-hours),
> just mailbox storaging in a per office basis; but due to the SMTP
> connector for outgoing e-mail in the remote office through its own
> Internet connection, then it will be necessary to create another routing
> group, is it correct?
>
>
>>
>>> In order to prevent to match antispam filters (based on DNS records
>>> A, MX, reverse DNS, Hostname FQDN, etc.) we would configure a host
>>> and MX (with higher value) record for the remote office Internet
>>> connection and the FQDN of that Exchange Server. To prevent using the
>>> new MX record, we would also deny on the remote office's router
>>> incoming SMTP traffic.
>>
>> Not sure what you're trying to accomplish here.... can you clarify
>> further?
>
>
>
> There are some antispam filters based on DNS queries to verify sender,
> so if every office uses its own Internet connection to send e-mail, it
> would be necessary to add a new A record in forward DNS and configure
> PTR record in reverse DNS.
>
>
>
>>
>>> Do you believe this is a good solution for optimizing traffic (e-mail
>>> and domain services) between offices?
>>
>> Look at comments above.
>>
>>
>>> On the Exchange traffic, which action or item needs more bandwith?
>>>
>>> Related to the Backup:
>>> How could we centralize the daily backup job of the mailbox storage?
>>
>> Centralize as in backups of remote servers to the same location? Or
>> simply managing backups centrally (but backed up to backup
>> devices/media local to each location)? The former would of course eat
>> up a lot of bandwidth... For the latter, most third-party software
>> lets you control backup agents centrally...
>>
>
>
> We'd like to obtain a backup of remote mailboxes data in the main office
> but looking for a way to send the minimum amount of data through the
> VPN.
> Maybe it could be a solution to configure a daily backup job for data in
> the remote office and store it locally (i. e. Disk based media) and
> create a weekly backup to store data in the main office (in tape media
> storaged later in a safe place out of the office). What about this
> option?
>
>
>
>>> Would it be necessary to send (through the interoffice WAN
>>> connection) all the 5 users mailbox data in a full backup?
>>
>> Depending on bandwidth and how large the mailboxes are... again, you
>> can avoid this by simply having those users access the Exchange server
>> at the main office.
>>
>>> Is there a faster way
>>> different from using differential or incremental copy?
>>> Would it be possible to create all the mailboxes in the main office
>>> Exchange Server and just a copy of the 5 remote users mailbox in the
>>> remote Exchange Server?
>>>And synchronize just changes on the 5 mailboxes
>>> on a scheduled time?
>>
>> No. Exchange Server 2007 has replication features for high
>> availability, but none aimed at meeting such a requirement.
>
>
> Should it be possible to use this feature in this scenario to replicate
> mailbox storage from remote Exchange Server to the main one and backup
> all the data in the Exchange Server allocated in the main office?
>
>
>>
>>>
>>> I will really appreciate your help, ideas or suggestions.
>>>
>>> Thanks in advance.
>>
>> Take a step back and give this another thought - what is the problem
>> you're trying to address? If AD traffic is creating bandwidth issues,
>> placing an Exchange server at the remote location isn't the solution.
>> It will help the 5 remote users use a local Exchange server and
>> they'll be happier. However, you'll have increased management costs.
>>
>> As far as AD replication traffic is concerned, there shouldn't be a
>> lot of replication for an environment of that size, imo.
>>
>>
>
>
> Thank you again for your help.
> As you said, placing an Exchange server at the remote location isn't the
> solution for 5 users, but we are looking for an option that satified
> mainly the interoffice bandwidth use and also help remote users to be
> happier (just a marketing issue) thinking they are more "autonomous".
>
> In fact, it is difficult to evaluate the real problem because customer
> doesn't want to analize interoffice traffic to evaluate real cost of AD,
> DNS, DHCP, messaging... Maybe it would be enough increasing bandwidth
> and apply QoS (it is going to be used), but the situation is difficult
> when it is not just a technical issue.
>
> I believe we must show two options: The most cost effective (OWA, RPC
> ofer HTTPS...) and another based in a separate AD site with their own
> Exchange Server and compare both of them. Finally, if customer prefers
> the second option, we will must to think a better use of the new
> infraestructure (i. e. using remote office as a backup for SMTP traffic
> if main office Internet connection goes down).
>
> Note: We don't obtain material benefit for this solution (just the
> experience of a good design and implementation), then we are not
> interested on a more expensive solution to gain money.
>
>
> With best regards,
>
>
> --
> Carlos Jiménez
> CCNA, CEH
> Microsoft Certified Professional
date: Sun, 25 Nov 2007 18:37:32 -0800
author: Bharat Suneja [MVP]
|
|
