Corporate Headquarters:
Copyright © 2007 Cisco Systems, Inc. All rights reserved.
Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA
Integrating Microsoft Exchange Server 2007 in a
Cisco Multisite Data Center Design
This document provides design and configuration guidance for site and server load balancing, Secure
Sockets Layer (SSL)- offload and WAN optimization in a Microsoft Exchange Server 2007 environment
when it is deployed into a Cisco multisite data center architecture. An overview of the various Microsoft
Exchange Server 2007 roles and operations will be given to provide the reader some context as to how
the application environment is impacted in a multisite data center design.
Audience
This document is intended for network engineers and architects who need to understand both the basics
of a Microsoft Exchange environment and the design and configuration options for providing advanced
network services for Microsoft Exchange Server 2007.
Document Objectives
The objective of this document is to provide customers guidance on how to leverage a Cisco multisite
data center design to support a Microsoft Exchange Server 2007 environment. The document is not
meant to introduce the reader to basic Cisco data center design configurations nor is it meant to be a
resource to learn the details of Microsoft Exchange Server 2007. The reader must be familiar with the
basic Cisco data center concepts and products as well as the basics of Microsoft Exchange Server 2007
components, roles, and deployment scenarios as documented by Microsoft Corporation. The
prerequisite knowledge can be acquired through many documents and training opportunities available
both through Cisco and Microsoft. Below are a few recommended information resources that readers
would find useful in these areas of interest:
Cisco Connection Online – Data Center:
http://www.cisco.com/go/dc
Cisco Solution Reference Network Designs (SRND):
http://www.cisco.com/go/srnd
Microsoft Exchange Server 2007:
2
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
http://www.microsoft.com/exchange/default.mspx
Document Format and Naming Conventions
User-defined properties such as access control list names and policy definitions are shown in ALL CAPS
to assist the reader in understanding what is user-definable versus command specific. All commands are
shown in Courier font. All commands that are applicable to the section covered will be in BOLD.
Solution Overview
The multisite solution described in this document equally applies across financial, manufacturing,
consumer or information-based industries interested in constructing and deploying efficient and
productive data centers. Data centers house the applications and information critical to the business,
whatever that may be. Today, enterprises recognize that a data center is more than racks of compute
power, but an asset with the potential to provide a competitive edge. As a result, industries are
reevaluating their data center deployments with an interest to consolidate or expand where necessary to
address the following:
• New infrastructure including network and compute resources (64-bit platforms, blade servers,
switches, and routers)
• Regulatory compliance (typically resulting in expanded security and storage infrastructure)
• Facility space, power, and cooling to support new infrastructure
• New application environments and performance expectations
• Disaster recovery
The multisite solution described in this document focuses on the expectations of the application of four
fundamental design goals:
• Application high availability
• Application scalability
• Data and application security
• Application performance
This document highlights network-based technologies used within and between data centers to achieve
these objectives.
Solution Topology
Figure 1 depicts the Microsoft Exchange Server 2007 solution topology tested, where two distinct data
centers (Data Center 1 and Data Center 2) are deployed leveraging Cisco's infrastructure design best
practices. Note that each site provides local redundancy, scalability, and security for the applications it
hosts. A multisite solution should simply extend the functionality of a single-site and should not
compromise the integrity of either.
At each site in Figure 1, the hub and mailbox servers leverage the Layer 2 and 3 services of a well
designed access and aggregation layer. The access and aggregation layers consist of the Cisco Catalyst
6500s with Sup720s. In the aggregation layer of each site, a pair of Cisco 7200 routers with NPE-G2s
provide an L2TPv3 tunnel. This tunnel establishes Layer 2 adjacency between sites on a per-VLAN
basis, efficiently meeting the requirements of our Exchange Server 2007 environment while controlling
3
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
spanning tree domain creep. The L2TPv3 tunnel traverses the core layer, which is a high-speed Layer 3
fabric consisting of the Cisco Catalyst 6500s with Sup720s. The red lines indicate the use of 10
GigabitEthernet throughout the access, aggregation, and core layers.
Figure 1 defines two points of access into the data center for remote users via the WAN or the Internet.
The remote branch users in the WAN benefit from the transparent and symmetric application
optimization services of the Cisco Wide Area Application Services (WAAS). Cisco Wide Area
Application Engines (WAEs) are located at each site and at the remote branch. Users originating from
the Internet connect via a DMZ local to each data center site. The DMZ consists of Cisco Catalyst 6500s
with Sup720s housing the Cisco Application Control Engine (ACE) service module, which provides
application and security services. The Exchange edge and CAS roles reside in this location. In addition,
the Internet edge houses a cluster of Cisco ACE Global Site Selectors (GSS), which monitor the state of
each data center's Exchange application environment and uses this knowledge to provide intelligent
selection between sites.
4
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
This document discusses each of the areas defined in Figure 1 to provide a better understanding of the
application and the network deployed to support it.
Figure 1 Solution Topology
Hub
Access
Layer
Data Center 1 Data Center 2
Aggregation
Layer
Core
Layer
Internet
WAN
Hub
Edge
WAN
Agg
ACE
GSS
Internet
DC Edge
CAS
Branch Branch
Layer 2 Tunnel
MailboxMailbox Hub Hub
Edge
WAN
Agg
WAE
Farm
CAS
MailboxMailbox
222766
ACE
GSS
WAE
Farm
5
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
Cisco Technology Overview
This section provides an overview of the main Cisco products and technologies used in this design. The
following products are addressed:
• Cisco Application Control Engine (ACE)
• Cisco ACE Global Site Selector (ACE GSS)
• Cisco Wide Area Application Engine (WAE)
The Cisco ACE provides a highly available and scalable data center solution from which the Microsoft
Exchange Server 2007 application environment can benefit. Currently, the Cisco ACE is available as an
appliance or integrated service module in the Cisco Catalyst 6500 platform. The Cisco ACE features and
benefits include the following:
• Device partitioning (up to 250 virtual ACE contexts)
• Load balancing services (up to 16 Gbps of throughput capacity and 345,000 L4 connections/second)
• Security services via deep packet inspection, access control lists (ACLs), unicast reverse path
forwarding (uRPF), Network Address Translation (NAT)/Port Address Translation (PAT) with
fix-ups, syslog, and so on
• Centralized role-based management via Application Network Manager (ANM) GUI or CLI
• SSL-offload (up to 15,000 SSL sessions via licensing)
• Support for redundant configurations (intra-chassis, inter-chassis, and inter-context)
The following sections describe some of the Cisco ACE features and functionalities used in the
Microsoft Exchange Server 2007 application environment.
ACE Virtualization
Virtualization is a prevalent trend in the enterprise today. From virtual application containers to virtual
machines, the ability to optimize the use of physical resources and provide logical isolation is gaining
momentum. The advancement of virtualization technologies includes the enterprise network and the
intelligent services it offers.
The Cisco ACE supports device partitioning where a single physical device may provide multiple logical
devices. This virtualization functionality allows system administrators to assign a single virtual ACE
device to a business unit or application to achieve application performance goals or service-level
agreements (SLAs). The flexibility of virtualization allows the system administrator to deploy
network-based services according to the individual business requirements of the customer and technical
requirements of the application. Service isolation is achieved without purchasing another dedicated
appliance that consumes more space and power in the data center.
Figure 2 shows the use of virtualized network services afforded via the Cisco ACE and Cisco Firewall
Services Module (FWSM). In Figure 2, a Cisco Catalyst 6500 housing a single Cisco ACE and FWSM
supports the business processes of five independent business units. The system administrator determines
the application requirements and assigns the appropriate network services as virtual contexts. Each
context contains its own set of policies, interfaces, resources, and administrators. The Cisco ACE and
FWSMs allow routed, one-arm, and transparent contexts to co-exist on a single physical platform.
6
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
Figure 2 Service Chaining via Virtualized Network Services
Note For more information on ACE virtualization, see the Application Control Engine Module Virtualization
Configuration Guide at the following URL:
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_guide_book09186
a00806882c6.html
SSL-Offload
The Cisco ACE is capable of providing secure transport services to applications residing in the data
center. The Cisco ACE implements its own SSL stack and does not rely on any version of OpenSSL.
The Cisco ACE supports TLS 1.0, SSLv3, and SSLv2/3 hybrid protocols. There are three SSL relevant
deployment models available to each ACE virtual context:
221232
BU-2
Aggregation Switch
One Arm Mode
Service Chain
Routed Mode
Service Chain
Routed Mode
Service Chain
No Service
Chain
Transparent
Service Chain
Transparent
Service Chain
BU-3BU-1 BU-5 BU-6BU-4
One Arm
VLAN 99
VLAN 6
VLAN 60
VLAN 5
VLAN 15VLAN 4
VLAN 55
VLAN 33
VLAN 22 VLAN 225
VLAN 3
7
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
• SSL termination—Allows for the secure transport of data between the client and ACE virtual
context. The Cisco ACE operates as an SSL proxy, negotiating and terminating secure connections
with a client and a non-secure or clear text connection to an application server in the data center.
The advantage of this design is the offload of application server resources from taxing the CPU and
memory demands of SSL processing, while continuing to provide intelligent load balancing.
• SSL initiation—Provides secure transport between the Cisco ACE and the application server. The
client initiates an unsecure HTTP connection with the ACE virtual context, the Cisco ACE acting as
a client proxy negotiates an SSL session to an SSL server.
• SSL end-to-end—Provides a secure transport path for all communications between a client and the
SSL application server residing in the data center. The Cisco ACE uses SSL termination and SSL
initiation techniques to support the encryption of data between client and server. Two completely
separate SSL sessions are negotiated, one between the ACE context and the client, the other between
the ACE context and the application server. In addition to the intelligent load balancing services the
Cisco ACE provides in an end-to-end SSL model, the system administrator may choose to alter the
intensity of data encryption to reduce the load on either the front-end client connection or back-end
application server connection to reduce the SSL resource requirements on either entity.
SSL URL Rewrite Offload
The Cisco ACE is capable of inserting or deleting HTTP header information for connections it is
sustaining. This capability is highly useful when an application server responds with a HTTP 302 or
“Moved Temporarily” response to a client's HTTP GET or HEAD request. The HTTP 302 response
usually indicates a new HTTP LOCATION URL for the client to access. Modifying the HTTP
LOCATION value for a secure connection is known as SSL URL rewrite. The SSL URL Rewrite feature
allows the system administrator to alter the HTTP LOCATION value returned to the client resulting in
granular control of the application's session flow and persistence in the data center.
SSL Session ID Reuse
SSL session ID reuse allows the client and server to reuse the secret key negotiated during a previous
SSL session. This feature generally improves the volume of SSL sessions that an SSL server or SSL
proxy can effectively maintain. Clients residing with remote connectivity, for instance across a WAN,
generally benefit from this feature. The SSL negotiation load is effectively reduced on the SSL proxy
server while simultaneously improving the user experience as key negotiation is a rather lengthy process.
The Cisco ACE may maintain the SSL session ID indefinitely or up to 20 hours with a timeout
configuration.
It should be noted that SSL ID reuse does not compromise the security of the data center. The ID reuse
feature only acknowledges that a secret key already exists between the client and server. Nonetheless the
client must leverage this key for the application server to receive data from the client. The security
resides in the secret key not the SSL session ID.
Session Persistence
Session persistence is the ability to forward client requests to the same server for the duration of a
session. Microsoft supports session persistence for their Microsoft Exchange environment via the
following methods:
• Source IP sticky
• Cookie sticky
The Cisco ACE supports each of these methods, but given the presence of proxy services in the
enterprise, Cisco recommends using the cookie sticky method to guarantee load distribution across the
server farm wherever possible as session-based cookies present unique values to use for load balancing.
8
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
The following example shows the sessionid cookie inserted into the client’s Microsoft Exchange request
via the Set-Cookie command from the server. It is also possible to insert cookies into the HTTP header
via the Cisco ACE.
(Status-Line):HTTP/1.1 302 Moved Temporarily
Set-Cookie:aceoptimized=R3191602213; path=/
Location:http://owa.ese.cisco.com/owa/auth/logon.aspx?url=http://owa.ese.cisco.com/owa&rea
son=0
Set-Cookie:sessionid=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Set-Cookie:cadata=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT
Connection:close
Content-Length:0
In addition, the Cisco ACE supports the replication of sticky information between devices and their
respective virtual contexts. This provides a highly available solution that maintains the integrity of each
client's session.
Allowed Server Connections
Enterprise data centers should perform due diligence on all deployed server and network devices,
determining the performance capabilities to create a more deterministic, robust, and scalable application
environment. The Cisco ACE allows the system administrator to establish the maximum number of
active connections values on a per-server basis and/or globally to the server farm. This functionality
protects the end device, whether it is an application server or network application optimization device
such as the WAE.
Route Health Injection
Route Health Injection (RHI) allows the Cisco ACE to advertise host routes associated with any number
of virtual IP addresses hosted by the device. The injection of the host route to the remaining network
offers Layer 3 availability and convergence capabilities to the application environment.
KAL-AP UDP Agent
The Cisco ACE supports the KeepAlive-Appliance Protocol (KAL-AP) via a local UDP agent. This
agent responds to KAL-AP queries from site selectors, such as the Cisco Global Site Selector, to provide
the status and workload associated with one or more virtual IP addresses maintained by an ACE virtual
context. The KAL-AP agent supports both domain and tagged formed queries. Tagged formed queries
allow the verification of VIP state across NAT devices, such as firewalls or routers, and multiple ports
for the same virtual IP address. This real-time information provides a more robust and accessible
application as load and availability information may be leveraged to distribute traffic intelligently across
multiple enterprise sites.
Health Monitoring
The Cisco ACE device is capable of tracking the state of a server and determining its eligibility for
processing connections in the server farm. The Cisco ACE uses a simple pass/fail verdict but has many
recovery and failures configurations, including probe intervals, timeouts, and expected results. Each of
these features contributes to an intelligent load-balancing decision by the ACE context.
Following are the predefined probe types currently available on the ACE module:
• ICMP
• TCP
• UDP
9
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
• Echo (TCP/UDP)
• Finger
• HTTP
• HTTPS (SSL Probes)
• FTP
• Telnet
• DNS
• SMTP
• IMAP
• POP
• RADIUS
• Scripted (TCL support)
Note that the potential probe possibilities available via scripting make the Cisco ACE an even more
flexible and powerful application-aware device. In terms of scalability, the Cisco ACE module can
support 1000 open probe sockets simultaneously.
Application Control Engine Global Site Selector
Overview
The Cisco Application Control Engine Global Site Selector (Cisco ACE GSS) is an appliance that offers
failover protection via Global Server Load Balancing (GSLB). The Cisco GSS device allows the
enterprise to distribute and balance workload across multiple sites, providing the following benefits:
• Work-load distribution
• Disaster recovery and failover protection
• Improved user experience
• DNS offload
The Cisco GSS becomes part of the enterprise's DNS routing hierarchy as the authoritative DNS server
for those services under its domain. The Cisco GSS intelligently resolves DNS requests with the
additional knowledge of the site's availability and the associated application's state. This knowledge is
gained from tight integration with load-balancers such as the Cisco Content Services Switch (CSS),
Cisco Content Switch Module (CSM), and the Cisco ACE. Each of these load-balancers monitor the
state of local application servers and communicate this information to the Cisco GSS where a global
enterprise aware decision can be made. Currently, the Cisco GSS can support approximately 4,000
virtual IP addresses. The Cisco GSS includes the following factors prior to responding to a DNS request:
• Availability
• Proximity
• Load
• Source of the request (DNS proxy)
• Preference
10
Integrating Microsoft Exchange Server 2007 in a Cisco Multisite Data Center Design
OL-15350-01
Solution Overview
Note The Cisco GSS device may also monitor individual servers, IOS SLB devices, DRP-enabled routers,
Cisco's Local Director, and Cisco cache engines.
Keepalives
The Cisco GSS leverages keepalives to determine the state of a particular VIP under its domain. The
Cisco GSS supports the following keepalive types:
• ICMP
• TCP
• HTTP HEAD
• KeepAlive-Appliance Protocol (KAL-AP)
• Scripted Keepalives
• Name Server
These keepalive types can be used individually or in a multiport group to determine the status of a virtual
IP address. As a rule, the Cisco GSS does not respond to a DNS query with a VIP that has been declared
inactive.
The KAL-AP keepalive is particularly useful when the Cisco network load-balancing technology is
present. The Cisco GSS queries the load-balancer at each site for VIP state and load information. The
detailed response received by the Cisco GSS from the network load-balancer can be used to distribute
load efficiently across sites.
Note The keepalive timers may be adjusted to establish an acceptable failure window for the enterprise.
Cisco Content Network Registrar
The Cisco Content Network Registrar (CNR) is a separate process running on the GSS appliance that
provides both DNS and DHCP support. As a full-featured DNS server, the CNR maintains the resource
records (RR) within each enterprise DNS zone it supports. Mail Exchange (MX) resource records are
of particular importance for an enterprise messaging application. MX records provide a list of
hostnames providing mail exchange services within a domain. The CNR subsystem provides the MX
functionality required for successful messaging.
Note For more information on the Cisco Content Network Registrar, refer to:
http://www.cisco.com/en/US/products/sw/netmgtsw/ps1982/index.html
For more information on the Cisco Global Site Selector, refer to:
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_support_series_home.html
Không có nhận xét nào:
Đăng nhận xét