One of the new features in Exchange 2010 that many people are not familiar with is the CAS Array. The CAS array is a really neat feature for clients looking for High Availability in their Exchange organization and wants to remove the chance for a single point of failure.
In the old versions of Exchange clients would connect directly to the mailbox server but that is no longer the case in Exchange 2010 (http://www.scottfeltmann.com/index.php/2009/10/26/sizing-exchange-2010-client-access-servers). This leads us to the reason why CAS arrays are so important in the Exchange 2010 environment. In Exchange 2010 clients now connect directly to the CAS. The CAS then will proxy the client to the mailbox server. This means that all outlook client connectivity is now routing through the CAS. When not using the CAS array the outlook client will connect directly to the CAS and remain connected to that CAS. In the event of an outage the Outlook client will lose connectivity to the Exchange Mailbox Server and will not be able to fail over to another CAS in the Active Directory Site since it has already established a connection to a CAS which is now down. How does the Outlook client find the CAS? When a CAS is deployed in Active Directory it will create a service connection point (SCP). This SCP then tells clients the clients via autodiscover how to find a CAS. If an organization has multiple CAS then there are multiple SCP created in AD. This process holds true in both Exchange 2007 and Exchange 2010. The difference is Exchange 2010 has the ability to create Client Access Array’s.
So, you’re asking yourself, ok, what is a Client Access Array? Well, I’m glad you asked! In Exchange 2010 Microsoft introduced a new concept for High Availability for the Client Access Servers called a CAS Array. What organizations are now capable of doing is configuring a set of Client Access Servers to act as one by using Network Load Balancing (NLB), either Windows or a Hardware Load Balancer will do. When using NLB admins create a DNS record that points to a Virtual IP address (VIP). Behind this VIP will be the Client Access Servers. You may have one or twenty. Keep in mind though, if using one, when that server goes down, users lose connectivity. (I’m assuming that you know how to NLB the Client Access Servers, unfortunately I don’t have anything written on setting up NLB but there are some good articles out there.) So, if you have three CAS in your environment you are capable of creating a new array which will include all three of these servers. The array will point to the NLB hostname which will then route the traffic to one of the CAS behind the NLB URL. In the event that a CAS should go offline, and since the client is connecting directly to the NLB URL and IP the client will be redirected to a functioning CAS and be able to maintain their connection!
Now that we have an idea of what a Client Access Array is the next logical step is creating the array! In order to create a new Client Access Array we will use the new command of “New-ClientAccessArray”. This command will create an object that represents a load balanced array of CAS within a single Active Directory Site. Keep in mind, that each array is specific to the AD site. This means if you have multiple sites with Client Access Servers you can create arrays specific to that site.
The following example is the command for creating a new array, this command will create a server array named cas.scottfeltmann.com:
New-ClientAccessArray –FQDN cas.scottfeltmann.com –Name “cas.scottfeltmann.com” –Site “HQ”
The Fqdn parameter specifies the fully qualified domain name (FQDN) of the Client Access server array. (Required)
The Name parameter specifies the name of the Client Access server array.
The Site parameter specifies the Active Directory site to which the Client Access server array belongs. (Required)
In the event that exchange databases already existed prior to the creation of the CAS array you will need to configure the databases to point to the new array. To do this you can use the following command:
Set-MailboxDatabase Databasename –RpcClientAccessServer “cas.scottfeltmann.com”
Otherwise, when a new database is created it will automagically detect the Client Access array and point users to the load balanced URL.
In close if you’re looking for some HA you will want to use the Client Access Array to provide the highest level of redundancy for your Outlook client connection. Keep in mind you will still need another form of HA for OWA and ActiveSync. ISA 2006 presents a group solution for this process as well since ISA can direct traffic to multiple Exchange Client Access Servers. For more information on NLB Exchange 2010 CAS see my link here: (http://www.scottfeltmann.com/index.php/2009/10/21/network-load-balancing-recommended-for-exchange-2010-cas-public-facing-internet-facing-and-internal/)
Edit:
I would also like to point out that if you would like to remove a CAS from a CAS Array you will need to remove that Client Access Server from the NLB array. This can be done either through WNLB if that is what you are using or via your NLB appliance. Simply remove the desired server from the NLB and that server will no longer be included in the CAS Array.
We will surely subscribe to this post,,, because of its very relevant topics that in searching searching for more.
How to remove CAS from Windows NLB? Can you tell me the detailed steps?
Hi Jack,
To remove a single host, right-click the host on which you want to disable Network Load Balancing, and click Delete Host. This process will remove the host from the WNLB and that CAS will no longer be used for load balancing.
Hope this answers your question!
Scott
[...] Client Access Arrays [...]
Can I use the “owa.company.com” as the FQDN and name for the CAS array?
Hi Tony, Yes, you can use owa.company.com as the FQDN as long as you’re using split DNS. This means you have DNS servers for your internet clients and DNS for your intranet clients.
[...] For more info on a CASArray see my previous post Exchange 2010 Client Access Server Array (CAS Array). [...]
Is it possible to set up a CAS array with the CAS servers residing in different subnets? We have a failover site and want to have one CAS server there and one in production.
Thanks!
Don, this would depend on how your AD sites and services are configured along with what you are using for Load Balacing. If you have a spanned AD site and the NLB device can support multiple subnets I don’t see a problem HOWEVER you will have a single point of entry for your VIP (may be able to configure multiple VIPs but I have never tried). So for redundancy yes, but if you were to have a site failure in the IP where the Virtual Name (Casarray) is accessed you would not be able to access the CASArray. In this situation you could use Outlook anywhere and slow link detection.
We have an issue where we are intermittently losing connection to our casarray. It connects and users are working fine at first, then it freezes up and users can’t get back in. It all works fine when setting the RPCClientAccessServer to a specific CAS server, but we get this issue with our CAS array. Our CAS servers are all virtual and were running it in Multicast. We think this is network /ARP related. Anyone have any ideas ? We’ve already disabled RPCEncryption
Alex, have you seen the following articles?
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1556
and
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006580
In the article it says ” In the event of an outage the Outlook client will lose connectivity to the Exchange Mailbox Server and will not be able to fail over to another CAS in the Active Directory Site since it has already established a connection to a CAS which is now down. How does the Outlook client find the CAS?”
If that is the case, if i close out of Outlook and reopen outlook, will my client pick up the other CAS server and connect to it?
Hi Scott,
If I have multi site exchange, can I create multi CAS array with the same name?
Site A: mail.company.com (CAS member: CAS-01 & CAS-02)
Site B: mail.company.com (CAS member: CAS-03 & CAS-04)
Site C: mail.company.com (CAS member: CAS-05 & CAS-06)
I use split DNS.
Thanks.
Hmm, good question. I’m not sure. If you have a seperate DNS environment the next question I would ask is your DAG configuration, and then also your Active Directory configuration.
Do you have a single AD Domain? how many AD Sites? Also, DNS is it totally isolated? What about users and OWA access? What if a user in Site A is visiting in Site B?
I wouldn’t recommend it but I don’t see why it couldn’t be done if you’re isolated…