There are two methods to remove an Exchange Server certificate. The first method is to…
Exchange high availability namespace design and planning
An Exchange Server is already up and running in the organization. Before installing a second Exchange Server, it’s good to go to the drawing board. Exchange high availability namespace design and planning is by far the most crucial task. Take your time, and write the topology before deploying. In this article, you will learn about Exchange high availability namespace design and planning configuration.
Table of contents
Information Exchange high availability namespace design
Before you start, look at the Exchange Server course and install the first Exchange Server. By doing that, you will clearly understand how to install, configure, and manage Exchange Server.
When installing Exchange Server on-premises, it doesn’t matter which version you choose; this can be Exchange 2010/2013/2016/2019; the internal URLs match the fully qualified domain name (FQDN) of the Exchange Server. This design is by default.
Let’s have examples of what internal hostnames look like:
- .local
- .priv
- .internal
- .lan
You are asking for trouble if you proceed like this, for example:
- You can’t buy a third-party certificate based on the internal FQDN URLs
- Autodiscover certificate warnings and issues when connecting with clients
- You can’t load balance between multiple Exchange Servers with an internal FDQN
- Adding another Exchange Server in the environment will cause problems
- Configuring Exchange Hybrid deployment will cause problems
Note: We recommend making use of a generic namespace. For example, mail.yourdomain.com.
In our example, we have an internal domain with the name exoip.local and external domain exoip.com. Therefore, we will configure the namespace as mail.exoip.com.
Exchange high availability namespace planning
An architecture view of Exchange high availability namespace is shown below in the diagram.
- The public DNS/External DNS zone will have a mail.exoip.com record that resolves to the firewall or router’s public IP address. It will then NAT any external connections to the load balancer internal IP.
- The internal DNS zone will have a mail.exoip.com record that resolves to the load balancer internal IP address.
If you have a multi-site (Site A and Site B), then an unbound model is an excellent choice, and it will look like the diagram below.
Configure Kemp load balancer
Install and configure Kemp load balancer with an IP address. After that, add both the Exchange Servers to the load balancer for HTTPS high availability.
Configure internal DNS for Exchange Server
Configure the DNS zones internally with Pinpoint DNS. Both these records are A records.
| Record Type | DNS Name | Internal IP Address |
|---|---|---|
| A | mail.exoip.com | 192.168.1.54 |
| A | autodiscover.exoip.com | 192.168.1.54 |
Read the article Configure internal DNS for Exchange Server.
Configure internal and external URL in Exchange Server
Configure the Exchange Server internal and external URLs with the same name. Almost all the URLs will have mail.exoip.com in the configuration. That’s because the AutoDiscover URL will be different.
| Service | Internal and External URL |
|---|---|
| AutoDiscover | https://autodiscover.exoip.com/Autodiscover/Autodiscover.xml |
| Exchange Control Panel | https://mail.exoip.com/ecp |
| Exchange Web Services | https://mail.exoip.com/EWS/Exchange.asmx |
| Exchange ActiveSync | https://mail.exoip.com/Microsoft-Server-ActiveSync |
| Offline Address Book | https://mail.exoip.com/OAB |
| Outlook Web App | https://mail.exoip.com/owa |
| MAPI over HTTP | https://mail.exoip.com/mapi |
| Outlook Anywhere | mail.exoip.com |
Read the article Configure Internal and External URL in Exchange Server.
Configure external DNS for Exchange Server
There are six records that we are going to add to the public DNS. These are the A record, CNAME record, and MX record. The MX record will have four records for high availability.
Note: Always use a spam filter to protect your Exchange Server organization from incoming and outgoing spam. The one we recommend is the SpamBull cloud spam filter.
| Record Type | TTL | DNS Name | Priority | Value |
|---|---|---|---|---|
| A | 300 | mail.exoip.com | 73.122.35.127 | |
| CNAME | 300 | autodiscover.exoip.com | mail.exoip.com. | |
| MX | 300 | @ | 10 | mx1.spambull.com. |
| MX | 300 | @ | 20 | mx2.spambull.com. |
| MX | 300 | @ | 30 | mx3.spambull.com. |
| MX | 300 | @ | 40 | mx4.spambull.com. |
Read the article Configure external DNS for Exchange Server.
Conclusion
You learned about Exchange high availability namespace design and planning best practices. This is a setup for multiple Exchange Servers in a single site. Please pay close attention to the namespace design and plan it accordingly to avoid problems in the future.
Did you enjoy this article? You may also like Load Exchange Management Shell in PowerShell ISE. Don’t forget to follow us and share this article.
What Others Are Reading
Hi, Ali!
Thank you so much for the article!
After reading it, I didn’t get to the end of one thing.
If I have several servers, for example EXCH1 and EXCH2, located in different datacenters. How to configure DNS properly and how to configure web addresses properly? Should the virtual directories on all servers have the same appearance (e.g. mail.domain.com/owa)? Do I understand correctly that I need to rely on DNS Round Robin? Or is it better to install a balancer with external and private ip to which external and internal clients will access?