"Deep Exchange 2013"06 namespaces

In the previous chapters, you might notice that the term "namespace" is associated with the concept of a C # language or that namespace in an XML document. But here it means more in favor of URLs or FQDNs, such as an Exchange 2010 RPC Client Access The array client Access array may have a namespace called mail.contoso.com, and the namespace that belongs to OWA is owa.contoso.com, and in Exchange 2013, the design planning process for namespaces becomes less complex. Let's see.

Using a single namespace:

The simplest and most common practice is to use a single namespace for all services except Autodiscover, which requires you to parse the namespace for both internal and external DNS, and to ensure that both internal and external users can resolve to the correct address.

And if a single namespace is applied on Outlook Anywhere (that is, your Outlook Anywhere uses mail.contoso.com connections inside and outside), your internal and external authentication must be the same. And look at the following analysis, as mentioned in the previous chapter, Outlook will first try the internal URL, but under current conditions, you use the same URL internally and externally, causing outlook to think that it is in the internal network environment, so it takes an internal authentication method.

Assign a namespace to each service?

In the previous Load Balancing section we discussed this practice by assigning a namespace to each service (which is typically configured with its external address), such as owa.contoso.com,eas.contoso.com,ews.contoso.com. (Note that the URL of the Exchange Admin Center and the URL of OWA are often linked.) This advantage is mentioned earlier, a four-tier load balancer can monitor the operation of each service, saving costs. Disadvantage is that more than one set up a point of failure, but also to increase the user's complexity, and finally the certificate, if you use a wildcard public network certificate, you have to add additional costs, because the availability of the domain name is added, Also, certificates on Exchange have to add these additional URLs to the Subjectalternativename consumer alternate name.

To achieve this, you only need to make changes to the virtual directory on the appropriate server using the Set-*virtualdirectory Series command. Similar to the following:

Get-activesyncvirtualdirectory | Set-activesyncvirtualdirectory–externalurl activesync.contoso.com

Configure single internal naming for Outlook Anywhere

By default, when you have just installed Exchange 2013 and you use a get-outlookanywhere command to view the default Outlook Anywhere configuration, you will see that the external host name is empty. The internal hostname, by default, is the FQDN of the CAS server, which is probably as follows:

Get-clientaccessserver | Get-outlookanywhere | Select Identity, *hostnameidentity externalhostname internalhostname----------------------------------------cas01\ RPC (Default Web site) cas01.contoso.comcas02\rpc (Default Web site) CAS02.contoso.com

So just imagine, as long as I've got a load balancer, there's a namespace for mail.contoso.com, and then I'll have both CAs for Outlook Anywhere is configured as mail.contoso.com, is it possible to load-balance and fail-over internally? The configured commands are simple

Get-outlookanywhere | Set-outlookanywhere-internalhostname Mail.contoso.com–internalclientsrequiressl $true

Notice here, remember what I mentioned in the previous chapter, when an internal user connects using Outlook Anywhere, the default is to go to HTTP, which means that SSL encryption is not required. So here you can use the-internalclientsrequiressl $True to set up an internal client for Outlook Anywhere that also requires SSL encryption.

Configure external naming for Outlook Anywhere

Or that sentence, no matter what you choose to name, make sure that he can be properly resolved by DNS. I have seen the strict requirements for this environment, internal and external domain names separate, internal use outlook.contoso.com, external use mail.contoso.com. Results similar to the following:

Get-outlookanywhere | Select Identity, *hostnameidentity externalhostname internalhostname------------- ---------------------------cas01\rpc (Default Web Site) mail.contoso.com outlook.contoso.comcas02\rpc (Default Web Site) mail.contoso.com outlook.contoso.com

Non-binding namespace model

What does the so-called Exchange 2013 single-namespace feature mean? Let's keep looking.

2013 CAS only proxy client requests to the MBX server that owns the active database copy, which is no longer limited by the Active Directory site, in other words. In the Shanghai AD site of the Exchange 2013 CAs, can fully request proxy to the ad site in Beijing MBX. In this way, you no longer assign a name to each datacenter, but you can use a unified naming method.

Together with the CAS no longer required for Exchange 2013, it does reduce the number of namespaces to some extent.

Look at the following picture, we will comb, first look at the left green site there are two data centers, DAG1 is a cross-data center Dag,sitea users regardless of which data center to connect to the CAs, can be proxied to the appropriate MBX.

Then do not assume that the DAG is the boundary, if we use a technology such as Geo-dns, then the siteb in different geographical locations do not need additional namespaces, through Geo-dns the user request to resolve to the siteb of the CAs, and then proxy to the SiteA dag.

The consequence of this scenario is that 50% of the traffic in each data center is represented from other data centers (how do you ask how the two datacenters use the same namespace?) DNS polling ... ）

650) this.width=650; "height=" 227 "title=" clip_image002[1] "style=" border:0px; "alt=" clip_image002[1] "src=" http://s3.51cto.com/wyfs02/M01/6F/0E/wKiom1WQudvhSQsIAAFWKQYWwr0650.jpg "border=" 0 "/>    

" One of the changes in Exchange is to enable clients to get multiple accessible locations." Assume that the client is able to use multiple accessible locations ( Almost all client access protocols in Exchange are based on HTTP(examples include Outlook ,Outlook everywhere,EAS,EWS,OWA ,EAC, etc.), and all supported HTTP clients can use multiple IPs Address), so that failover can be provided on the client. You can configure DNS to pass multiple IP addresses to clients during name resolution . For example, the client requests a mail.contoso.com and retrieves two IP addresses (or four IP addresses). However, clients can reliably use many of the IP addresses retrieved by the client . This makes the client's situation significantly better, because if an IP address fails, the client can try to connect one or more other addresses. If the client tries an address but the address fails, it waits about a Second and then tries the next address in the list. Therefore, if the VIP of the Client Access server array is lost , the client's recovery takes place automatically after approximately a second. "

Binding namespace Model

Under the bound namespace model, the user is assigned to a particular datacenter, that is, the user is switched to a different datacenter only if a failover occurs in the primary data center that is assigned to it.

To put it bluntly, name the data center on top of the graph above, such as datacenter1.contoso.com,datacenter2.contoso.com and so on. Then simply controlling the mount location of the mailbox database is equivalent to controlling the user connection.

Summarize

This is a lot to pull, although it doesn't feel much organized, but the main goal is to make it clear and understand that the purpose of the namespace design for Exchange is to plan the namespace in such a way or another in daily planning. For a single namespace feature, if there's anything you don't understand, you can look at the TechNet link posted in the article, which is very good.

Today we'll talk about Autodiscover in the next chapter.

At the end of the campaign:

650) this.width=650; "height=" 107 "title=" clip_image001 "style=" border:0px; "alt=" clip_image001 "src=" http:/ S3.51cto.com/wyfs02/m02/6e/d5/wkiol1wjljwrgz9oaabc44dzlpk214.jpg "border=" 0 "/>

http://www.itcharger.com/

The IT gas station around you!

Also welcome to pay attention to Itcharger's public number, updated weekly articles will be published on this; There are also other articles about Microsoft's private cloud technology to share.

650) this.width=650; "height=" 269 "title=" clip_image002 "style=" border:0px; "alt=" clip_image002 "src=" http:/ S3.51cto.com/wyfs02/m02/6e/d9/wkiom1wjlhyxurifaadcfys9vre020.jpg "border=" 0 "/>

This article is from the "Castamere Rainy season" blog, be sure to keep this source http://sodaxu.blog.51cto.com/8850288/1668960

"Deep Exchange 2013"06 namespaces