Scott Schnollscott.schnoll@microsoft.comPrincipal Technical WriterMicrosoft CorporationUNC302

Agenda

Discuss the topology changes introduced in Exchange Server 2010

Client Access

Transport

Mailbox

Understand our guidance on server sizing

Exchange 2010 Enterprise Topology

Enterprise Network

ExternalSMTP

servers

MailboxStorage of mailbox and public folder

items

Edge TransportRouting & AV/AS

Unified MessagingVoice mail & voice access

Phone system (PBX or VOIP)

Client AccessClient connectivity

Web services

Hub TransportRouting & Policy

Web browser

Outlook (remote user)

Mobile phone

Outlook (local user)

Line of business application

Consolidation of Store Access PathsM

idd

leTi

er

Exchange Biz Logic

Mai

lbo

x MAPI RPC

Store

Exchange Components

OWA

SyncUM

Transport Agents

Mailbox Agents

WS

Entourage

Outlook / MAPI clients

DAV

Mid

dle

Tier

MAPI, RFR &

NSPI RPC

Exchange Core Biz Logic

ExchangeBiz Logic

Mai

lbo

x

MAPI RPC

Store

Exchange Components

OWA

SyncUM

Transport Agents

Mailbox Agents

WS

Outlook / MAPI clients

Entourage

Architectural Changes

Client AccessThe middle tier

CAS is true middle tier with new services and functionality designed to restrict all Outlook data access to a single common path by migrating Mailbox and Directory endpoints to CAS

Outlook data connections go to RPC Client Access service on CAS instead of connecting directly to mailbox servers

Address Book service on CAS replaces the DSProxy interface

Public folder connections connect directly to the Mailbox server, but through RPC Client Access service on backend

MBX

Exchange CAS Array

Outlook Clients

GC

Client AccessHow RPC Client Access service improves experience

Provides a better client experience during switchovers/failoversWhen a MBX server fails over, Outlook client will only see ~30 sec disconnection, as compared to 1-TTL min before

Uses the same business logic for Outlook and other CAS clientsCalendar logging + fix up

Content/body conversion

Greatly simplifies AD topology requirements for Outlook

Supports more concurrent connections/mailboxes per Mailbox server

Reduces code and client logic in Exchange Store process for increased reliability

Client AccessHow directory referral connections work1. Outlook calls get Address Book

server API

2. CAS queries Active Directorya. Mailbox location (AD site)

b. Mailbox version

c. RpcClientAccessServer property of mailbox database

3. CAS tells Outlook which CAS or CAS array should be used for directory requests

4. Outlook connects to the appropriate CAS

If mailbox is moved back to 2003/2007, CAS will redirect the client to the mailbox server so that it can provide a referral to a global catalog server

Otherwise, all legacy mailboxes will get directory referrals from mailbox server

CAS

2010

MBX 2010 GC

1

2

3

CAS

2010

MBX 2010 GC

4

AD

Site 1

AD

Site

2

Client AccessOutlook anywhere improvements

Outlook Anywhere clients use the Address Book service on CAS for directory-related requests

This architecture resolves the issue regarding DSProxy and split HTTP connections that are due to using SSL-ID load balancing solutions

MailboxAD

Outlook connecting

with Outlook

Anywhere

RPC_IN_DATA

RPCLDAP

CASRPC Client Access and

Address Book services

Windows 2008+RPC/HTTP Proxy

HTTPS

RPC_IN_DATA

HTTPS

RPC_OUT_DATA

RPC_OUT_DATA

Client AccessWriting to the directory

New behavior ensure that Outlook can write changes to Active Directory for the following scenarios

Distribution group membership

Delegate management

Certificate management

When the Address Book service detects one of these modifications, it will utilize the appropriate cmdlet to commit the change to Active Directory based on the property tag (assuming user is scoped and authorized to make those changes)

Add/Remove-DistributionGroupMember

Set-Mailbox -PublicDelegates

Set-Mailbox -UserCertificate -UserSMIMECertificate

Exchange Server 2007

Outlook Clients

Client AccessScaling mailbox connections

MBX

60K connections / MBX server

Exchange Server 2007

MBX

60K outbound connections / CAS IP (W2K8)

CAS GC

60K outbound connections / MBX server

Outlook Anywhere Clients

Client AccessScaling mailbox connections

MBXExchange CAS NLB

# of CAS serversx 100 connections / CAS RPCCA

service/process

Outlook Clients

GCLDAP

Exchange Server 2010

Client AccessFirewall/proxy guidelines

Internet Security and Acceleration (ISA) Server 2006Kernel memory limitations imposed by the 32-bit architecture

ISA:CAS ratio 3:1 (worst case – heavy Outlook Anywhere usage)Important when you have a large percentage of your users connected via Outlook Anywhere, as the ratio of Transmission Control Protocol (TCP) connections to users is much higher than you would see for Outlook Web Access (OWA), ActiveSync, POP, or IMAP traffic

Beyond ISA 2006 … pre-release product informationForefront Unified Access Gateway (UAG)

Next-generation secure remote access product and the future version of Microsoft Intelligent Application Gateway—native 64-bit architecture

Will be tested with Exchange Server 2010

Forefront Threat Management Gateway (TMG)Next-generation network security product and the future version of Microsoft ISA Server—native 64-bit architecture

Will be tested with Exchange Server 2010

Client AccessArchitectural considerations

VersioningExchange 2010 CAS required in every AD site where Exchange 2010 MBX is deployed

Exchange 2007 MBX requires Exchange 2007 CAS

Load balancingIf planning on deploying more than 8 CAS servers in a load balanced array, consider deploying hardware load balancing solution

If CAS is co-located with highly available Mailbox server, then non-Windows NLB solution is needed (e.g., hardware load balancer, ISA load balancing, or third-party software-based load balancing)

Architectural Changes

Transport RolesResiliency issues in Exchange 2007

Transport database is statefulLoss of service results in loss of mail

Transport dumpster impacts the environmentIn extreme cases, up to 200% increase in IOPS/message due to many SGs and inefficient cache usage when compared to similar scenarios without dumpster

Redelivery submission results in entire quota being redelivered and store removing duplicates

Transport RolesExchange 2010 resiliency improvements

Shadow redundancy is a new feature of transportProvides redundancy for messages for the entire time they are in transit

Transport becomes stateless

Eliminates need for RAID, which reduces 50% write I/O

Transport Dumpster ChangesDatabase replication feedback is now used to control which messages remain in transport dumpster

When message has been replicated to all database copies, message is truncated from transport dumpster

Transport dumpster size is now based on log replication latency and frequency of feedback

Transport RolesHow does shadow redundancy work?

1

2

1. Hub (shadow) delivers message to Edge1 (primary)Detects that Edge1 supports Transportredundancy through XSHADOW verbHub moves message to shadow queue and stamps Edge1 as current, primary owner

2. Edge1 (primary) receives message (becomes “primary owner”)Edge1 delivers message to next hop Edge1 updates discard status of the message indicating delivery complete to foreign MTA

Hub

Edge1 Edge2

Foreign

MTA

Transport RolesHow does shadow redundancy work?

1

2

3. Success: Hub (shadow) queries Edge1 (primary) for expiry status

Hub issues XQDISCARD command (next SMTP Session),Edge1 checks local discard status and responds with list of messages considered delivered Hub deletes messages from its shadow queue

4. Failure: Hub (shadow) queries Edge1 (primary) discard status and resubmits

Hub opens SMTP session, issued XQDISCARD command (heartbeat)—if Hub can’t contact Edge1 within timeout, resubmits messages in shadow queue—resubmitted messages are delivered to Edge2 (go to #1)

43

Hub

Edge1 Edge2

Foreign

MTA

Transport RolesShadow redundancy: other scenarios

For systems that do not support shadow redundancy, Exchange 2010 utilizes a delayed acknowledgement process

SMTP submission from Exchange 2003/2007, 3rd party Message Transfer Agent( MTA ) and Mail User Agent (MUA - UM, POP and IMAP clients)

250 response delayed up to 30 sec (default)

If transport server fails before ack, client resubmits

Mailbox Submission redundancy relies on copy of message in sender’s “Sent Items” folder

Mail Submission Service resubmits copy when hub doesn’t acknowledge successful delivery of message

System generated (Journal Report, NDR) are considered “side effects” of original message submission, tracked as part of original delivery status

Transport RolesExchange 2010 performance enhancements

ESE changes:ESE page size is 32KB

ESE database page compression

Intrinsic long value record storage

ESE version store maintenance

DB cache size increased to 1GB

Checkpoint depth increased to 512MB

Results: With transport dumpster changes and ESE improvements, transport IOPS requirements are targeted to be reduced by more than 50%

Larger message sizes are supported without causing backpressure

Transport RolesEdge transport improvements

Better Performance for EdgeSync via Deltasync ModeUnder this mode, each time EdgeSync service only reads the delta change since last sync and updates the target accordingly

Support for safe senders and blocked senders Configurable Safe List quotas

Administrator defined blocked senders

Automatic update of Safe Sender list propagation into Active Directory

Transport RolesResilient routing for co-located HA Mailbox/Transport

Hub Transport attempts to re-route a message for a local Mailbox server to another Hub Transport server in same site if the Hub Transport server is also a DAG member and it has a copy of the mailbox database mounted locally

Mail Submission service was modified so that it would prefer to not submit messages to a local Hub Transport role when Mailbox/Hub server is a member of a DAG. The behavior is to load balance across other Hub Transport servers in same AD site, and fall back to local Hub Transport server if there are no other available Hub Transport servers in the same site

Transport RolesArchitectural considerations

Shadow redundancy enables RAID-less solutions for mail.que database

Routing version boundary change:

Exchange 2010 Mailbox servers can only submit to Exchange 2010 Hub Transport servers and Exchange 2010 Hub Transport servers can only deliver to Exchange 2010 Mailbox servers

Exchange 2007 Mailbox servers can only submit to Exchange 2007 Hub Transport servers and Exchange 2007 Hub Transport servers can only deliver to Exchange 2007 Mailbox servers

Exchange 2010 Hub Transport servers can communicate with Exchange 2007 Hub Transport servers via SMTP (and vice versa)

For Edge, Exchange 2010 Hub Transport will become authoritative for Edgesync in the coexistence scenario

Architectural Changes

MailboxStore/ESE changes

Exchange 2007 Issues Exchange Server 2010

Exchange does many small, random input/outputs (I/Os) which inhibit the types of disks that can be used

Exchange store schema and ESE optimized for fewer large, smoother, sequential I/Os

•Store schema changes•DB I/O size improvements•Database cache effectiveness improvements•ESE optimized for new store schema

Result: Exchange 2010 reduces I/O by an additional 70% when compared to Exchange Server 2007 and is optimized for SATA class disks

Large item count per folder is an issue due to restricted views (affects large mailbox deployments)

Schema changes of the table structure and deferred index updates greatly improves restricted view performance

Result: Supports 100,000 items per folder

Outlook Personal Folder Files (PSTs) are a litigation, security, and management nightmare

New Messaging Records Management features•Item level policy settings•Archive mailbox feature for importing and storing PST data•Compliance Officer search capabilities

Result: PSTs can be removed by placing data into Exchange repository and can be searched easily

Attend UNC304 – Storage in Exchange Server 2010 – Today @ 5:00 PM, Arena 2

MailboxHigh availability changes

Other advantagesStep up to automatic failover without rebuilding the mailbox server

Incrementally add replicated copies to meet business needs

No subnet or special DNS requirements

Single-copy cluster Cluster Continuous Replication

Exchange Server 2010High Availability

*Over granularity Server-level Server-level Database-level

Copies of data 1 2 2 to 16

*Over time ~2 min ~2 min ~30 sec (POR)

*Over management Windows Cluster Windows Cluster Exchange Server

Data replication SCR or 3rd party replication Continuous replication Continuous replication

Management tools Separate Separate Unified

Host other roles? No No Yes

Attend UNC303 – High Availability in Exchange Server 2010 – Today @ 3:30 PM, Arena 1B

MailboxArchitectural considerations

Streaming backup support has been removed

Utilize direct-attached storage (DAS) solutions to reduce costs with large mailboxes and continuous replication

Leverage the Storage Cost Calculator

Deploy Database Availability Groups (DAGs) and use replication to achieve high availability

If deploying 3 or more database copies, consider RAID-less storage design and combining logs and database on same spindles

Ensure unique database names across the organization

MailboxArchitectural considerations

Large mailbox support (10 GB+) enables different scenariosDeploy Office 2007 Service Pack 2 (SP2) or later

Leverage records management functionality

Scenario 1:Deploy a single mailbox to contain all data

Scenario 2:Deploy primary mailbox to support 1-2 years worth of data

Deploy archive mailboxes to allow end users to retain long-term needed data

MailboxPublic Folders

Co-existence support between Mailbox server 2010 and Mailbox server 2003/2007

Outlook can access public folder data from Exchange 2010, 2007, or 2003

OWA 2010 only gives access to public folders with replicas located on Exchange 2010

This is different from OWA 2007, which had a redirection behavior, opening up OWA 2000/2003 for public folders on older mailbox servers in separate browser windows

Get-PublicFolderStatistics now captures last user access

Unlike Exchange 2007, public folder stores can no longer be enabled for continuous replication, but you can create a public folder store on a mailbox server that resides in a DAG

Public Folder replication is your data resiliency solution

Agenda

Discuss the topology changes introduced in Exchange Server 2010

Understand our guidance on server sizing

Scale Out vs. Scale Up

Scale out is a strategic choice made by Microsoft

Focus is on supporting large mailboxes at low cost, goal to further decrease input/output (I/O) to reduce Total Cost of Ownership (TCO)

Scaling up increases risk that an outage or failure affects more users

Scaling out provides an opportunity for high availability at low cost

Processor Core Scalability

Single role serversBeta/RC: 12 cores maximum

No benefit moving to 16 cores from a performance perspective

High scale all-in-one server—currently under investigation

Beta/RC: 16 cores max

Client AccessRC sizing guidance

Since CAS role is now a true middle-tier solution, CAS servers require beefier hardware

CAS to Mailbox processor core ratio changes drastically as a result of RPC Client Access service (3:4)

Processor/Memory requirements: 8 cores recommended

2 GB RAM/core recommended (8 GB min)

TransportRC sizing guidance

Memory and processor requirements are staying inline with Exchange 2007 requirements

Processor/Memory requirements: 4 cores recommended

1 GB RAM/core recommended

Transport rule attachment scanning and content encryption technologies may impact these guidelines

MailboxRC sizing guidance

Use 4 – 8 total cores for mailbox16 cores shows decline in throughput on single role machines

RAM4GB base RAM for content indexing and mailbox assistants

2-8MB per mailbox recommended for database cache and will be based on message profile and mailbox size

Example: Light Message Profile with 10+GB mailbox – 8MB memory

Size and prepare disks correctlyUse storage calculator

Unified Messaging RC sizing guidance

Use 4 cores

4-8 GB of RAM recommendedMore than 8 GB is not shown to improve TCO or scale

Not recommended combining with other rolesAudio quality can be affected

Place close to the mailbox servers that host UM-enabled mailboxes

Voice mail preview may impact these guidelines

Exchange 2010 Ratio Guidelines

Processor core ratiosClient Access Server (CAS) : Mailbox = 3 : 4

Hub Transport server : Mailbox= 1 : 7 (no A/V on Hub)

= 1 : 5 (with A/V Hub)

Edge guidance expected to be very similar to Exchange Server 2007

GC: Mailbox= 1 : 4 (32–bit GC)

= 1 : 8 (64-bit GC)

ToolsProfiling

Exchange Profile Analyzer (EPA)

Performance Monitor (Perfmon)

SizingExchange 2010 Mailbox Storage Requirements Calculator

ValidationJetstress 2010 - http://bit.ly/2Gyg7X

Exchange Load Generator “Loadgen”

Remote Connectivity Analyzer –https://www.testexchangeconnectivity.com

MonitoringExchange 2010 Management Pack - http://bit.ly/t3DLW

Key Takeaways

Exchange Server 2010 introduces several paradigm shifts

Client connections are performed through Client Access Server role

Shadow redundancy introduces message resiliency within transport pipeline

High Availability, store, and new compliance scenarios improve data retention, resiliency, and availability

There are changes to server sizing and scalability, most notably with CAS

www.microsoft.com/teched

Sessions On-Demand & Community

http://microsoft.com/technet

Resources for IT Professionals

http://microsoft.com/msdn

Resources for Developers

www.microsoft.com/learning

Microsoft Certification & Training Resources

Resources

Related ContentBreakout SessionsUNC302 Exchange 2010 ArchitectureUNC304 Storage in Exchange 2010UNC305 Exchange 2010 VoicemailUNC306 Migrating to Exchange 2010: Deployment Best PracticesUNC308 Migration and Co-existence with Exchange/Non-Exchange and Exchange Online

Hands-on LabsUNC11-HOL Microsoft Exchange Server 2010 Governance and ArchivingUNC13-HOL Microsoft Exchange Server 2010 Server Management ToolsUNC14-HOL Microsoft Exchange Server 2010 Setup and DeploymentUNC15-HOL Microsoft Exchange Server 2010 Transport RoutingUNC17-HOL Microsoft Exchange Server 2010 Unified Messaging Configuration and Interoperability with Microsoft Office Communications Server 2007 R2

Instructor Led LabsUNC14-ILL Microsoft Exchange Server 2010 Setup and Deployment

Track Resources

Exchange Server 2010 Documentationhttp://technet.microsoft.com/library/bb124558(EXCHG.140).aspx

Read Exchange Team Blog Postshttp://msexchangeteam.com/archive/category/11164.aspx

Participate in Exchange Server 2010 Forumshttp://social.technet.microsoft.com/Forums/en-US/exchange2010/threads

Read Communications Server Team Blog Postshttp://communicationsserverteam.com/

Exchange Server 2010 Release Candidate Download (English)http://www.microsoft.com/exchange/2010/en/us/try-it.aspx

Evaluation Prize

Complete an evaluation onCommNet and enter to win an award winning JABRA premium DECT headset

5 to win per day

RRP $599

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS,

IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.