"Deep Exchange 2013"01 Client Access role architecture

Source: Internet
Author: User

The importance of CAS roles in Exchange 2013 is not much to say. In Exchange Server4.0, 5.0, and 5.5, there is no specific Client Access feature role, and Exchange 2000 introduces the concept of Front end servers (front-end), which does not store any mailbox data and only provides client connectivity. Continues to Exchange 2007, bringing the first iteration of the CAS role, which is continuously improved in later products.

At Exchange 2007, the CAS role is already responsible for the following three types of traffic:

    • External connections

    • Internal connection

    • Be redirected by another CAS server, or connected by a proxy.

These three types of traffic processing methods, these exchange-supported connection protocols, and how to implement the principle of protocol support, have undergone significant changes in the Exchange2013. Now Exchange2013 CAS has only two key tasks

    • Authenticating user requests

    • Locate the correct server to deliver the user request


Microsoft respected the tightly coupled architecture concept and, over time, slowly divided exchange code into three functional classes:

    • Storage: Responsible for mailbox storage, transfer and processing. The well-known information store service is one such code.

    • protocol layer, server: responsible for interacting with clients, retrieving message information from a mailbox, formatting mail information for a specific client, providing client services such as synchronization, message addressing, etc...

    • Business Logic Layer for Exchange: responsible for confirming that a request or data is valid, such as creating a calendar item that has an end time earlier than the start time, creating an existing contact, and so on.

Shows the communication model of the above three code blocks in Exchange2010, the protocol layer on the left communicates with the storage layer on the right and the protocol layer (the graph is short of the root line), and the business logic layer communicates with the storage and protocol layer. Here are some potential problems: in the face of some traffic to the new CAS server or protocol requests, older CAS servers may not be able to proxy them.

This architecture also has a lot of dependencies between layers and tiers, and you have to make sure that each site with a mailbox role has a server with CAs and Hub transport roles.

650) this.width=650; "height=" 332 "title=" image "style=" border:0px; "alt=" image "src=" http://s3.51cto.com/wyfs02/M00 /6e/b0/wkiol1wdewrxzb5oaag1v97reuc338.jpg "border=" 0 "/>


and Exchange2013 the component communication mode completely changed, eliminate the different layer of cross-server communication behavior, the protocol layer can only communicate with the protocol layer. Every server is a island.


650) this.width=650; "height=" 391 "title=" image "style=" border:0px; "alt=" image "src=" http://s3.51cto.com/wyfs02/M01 /6e/b4/wkiom1wdd7nij50maahwugxqgt4946.jpg "border=" 0 "/>

As shown, note that the protocol layer of the Communication object, is each protocol one-to-two relationship. This also makes the CAS role a stateless proxy, where the CAS role does not have to maintain the client's session state, without processing any client data (which, of course, sends some data to the client). CAS verifies only the user connection, determines the correct target for the service or protocol it is requesting, and then redirects the user to the proxy or to those targets.


Specifically, CAS provides the following services:

  • IMAP, POP, Outlook Web App, Exchange Admin Center (EAC), Exchange ActiveSync, and Exchange Web Service (EWS). CAS proxy or redirect traffic for these protocols to the appropriate MBX server

  • Send to the appropriate MBX server for offline Address Book (OAB) proxy requests, enabling clients to get timely OAB updates

  • Autodiscover, providing client-oriented services. Enable mobile or desktop client Mailbox Access, Outlook Web app access, mobile device synchronization, or Unified Messaging behavior to get the right service endpoint.

  • The front-end transport (Front end Transport-fet) receives inbound SMTP traffic and proxies to EXCHANGE2013 's MBX server or exchange2007/2010 hub server. The FET does not store or queue any messages.

  • Unified Messaging Call Routing service (UMCR) redirects inbound Unified Messaging requests to the appropriate MBX server

  • A user connection for the Agent Availability service, that is, a service that provides free and busy information.

  • The agent engine for the Mailbox Replication Service (MRS), the Mrs Agent accepts cross-forest mailbox move requests from external organizations and redirects to the appropriate MBX server

  • The initial validation of all services that are supported, such as CAS, is the initial validation of inbound EWS requests before they are sent to other components.


Again, we have to pay attention to what CAS does not offer. First of all, CAS no longer provides MAPI clients with direct connections via RPC over TCP, which means that there is no RPC Client access layer on top of Exchange2013 's CAs (now on the MBX role), and CAS now only accepts Outlook Direct connection to anywhere (MAPI over Http/https).

Why this change, Microsoft's explanation is: first, to enhance the robustness of the client-to-MBX connection, and secondly, to simplify the code. Actually, these are all moved from O365.


Remember that in the CAS schema of 2013, the connection that requests the mailbox data is always dropped to the MBX server that owns the active copy of the mailbox database. This means that 2013 of CAs need to have a way to locate the server. In 2007, the client connects to the RPC endpoint and 2010, the client connects to an FQDN that can represent the RPC endpoint (the database is connected by the Rpcclientaccessserver property, remember?). ), this FQDN may represent a client access array (CAS array) or a separate CAS server. When a user's client has a MBX server in the database where the connected mailbox is located, a failover occurs, or a database switch is made. Then the client needs to update its local MAPI connection profile to reflect the switchover, which requires the client to restart the operation.


In 2013, Outlook uses a globally unique identifier (GUID) to represent the mailbox as the endpoint name for the connection. Each mailbox has a GUID property, so either the MBX server has a copy of the database activity in which the current user's mailbox is located, and the CAs can use the GUID to resolve which server currently has the active copy. This change allows CAs to seamlessly switch connections to the new database active copy, and the client is fully aware of the replica switching action of the backend database.


As a result of this change, the Rpcclientaccessserver attribute is useless, anyway you mbx che cut, i cas hold a GUID original aim.

RPC Clientaccessarray is also gone, the CAS array was designed to provide a unified client access point. However, in 2013, the client requests that no matter which CAS they arrive at can be properly connected to the appropriate MBX, so there is no need for such a logical object.

Of course, for a load balancer, such a logical object is still present (load-balanced server farm), 2010 we need to point the CAS array IP address to the load-balanced virtual ip,2013 There is no such process.


OK, this chapter is written here, in the next chapter we'll talk about several methods of validating CAs.


Finally, advertise a new educational institution:

650) this.width=650; "height=" 107 "title=" image "style=" TEXT-INDENT:2EM; "alt=" image "src=" http://s3.51cto.com/ Wyfs02/m00/6e/b0/wkiol1wc9_gi4i-naaa0ntkh_wq696.jpg "border=" 0 "/>

http://www.itcharger.com/

The IT gas station around you!

Also welcome to pay attention to Itcharger's public number, updated weekly articles will be published on this; There are also other articles about Microsoft's private cloud technology to share.

650) this.width=650; "height=" 269 "title=" qrcode_for_gh_3fa03adaec0e_430 "alt=" qrcode_for_gh_3fa03adaec0e_430 "src= "Http://s3.51cto.com/wyfs02/M02/6E/B0/wKioL1WC9_Gh4tFNAADJ_ThEddE423.jpg" border= "0"/>

This article is from the "Castamere Rainy season" blog, be sure to keep this source http://sodaxu.blog.51cto.com/8850288/1663400

"Deep Exchange 2013"01 Client Access role architecture

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.