3. Managing Database Availability Group Networks
Each database availability group must have a minimum of two networks: one for replication traffic, referred to as the group's replication network, and one for MAPI and other traffic, referred to as the group's messaging network.
While you should have only one messaging network, you can create
additional replication networks in a database availability group and
configure them using the Exchange Management tools.
Adding or Removing Availability Group Networks
Each database
availability group network must have a unique name of up to 128
characters, one or more subnet associations, and an optional
description of up to 256 characters. When you configure the network,
you can dedicate the network to replication traffic or dedicate the
network to MAPI traffic.
Note
Disabling replication does not guarantee that Exchange will not use
a network for replication. If all configured replication networks are
offline, failed, or otherwise unavailable, and only a nonreplication
network remains, Exchange will use that network for replication until a
replication-enabled network becomes available.
Note
Every network address has a network identifier
that identifies the network and a host identifier that identifies the
individual host on the network. The network ID is seen as the prefix of
an IPv4 or IPv6 address, and the host ID is the suffix. When you define
an availability group network, you need to identify the network and
then specify the number of bits in the network number that are part of
the network ID (and the remaining bits are understood to be part of the
host ID). To write a block of IPv4 addresses and specify which bits are
used for the network ID, you write the network number followed by a
forward slash and the number of bits in the network ID, as follows:
NetworkNumber/# of bits in the network ID
The slash and the number of bits in the network ID are referred to
as the network prefix. By default, Class A IPv4 networks have 8 bits in
the network ID, Class B IPv4 networks have 16 bits, and Class C IPv4
networks have 24 bits.
IPv6 doesn't use subnet masks to identify which bits belong to the
network ID and which bits belong to the host ID. Instead, each IPv6
address is assigned a subnet prefix length that specifies how the bits
in the network ID are used. The subnet prefix length is represented in
decimal form. If 48 bits in the network ID are used, the subnet prefix
length is written as FEC0:1234:5678::/48 to represent the IPv6
addresses FEC0:1234:5678:: through FEC0:1234:5678::FFFF:FFFF:FFFF:FFFF.
You can create a network for a database availability group by
completing the following steps:
-
In the Exchange Management Console, expand the Organization
Configuration node and then select the related Mailbox node. On the
Database Availability Group tab, the bottom panel shows the networks
currently associated with the selected availability group.
-
Right-click the database availability group you want to work with and then select New Database Availability Group Network.
-
On the New Database Availability Group Network page, shown in Figure 4
enter a unique name for the database availability group network of up
to 128 characters and then provide an optional description for the
database availability group network of up to 256 characters.
-
Under Network Subnets, click Add to add a network subnet to the database availability group network. Subnets should be entered using a format of IPv4Address/Bitmask, such as 192.168.15.0/24, or IPv6Address/NetworkSubnetPrefix,
such as FEC0:1234:5678::/48. If you add a subnet that is currently
associated with another database availability group network, the subnet
is removed from the other database availability group network and
associated with the network being created.
-
To establish the network as the replication network for the group,
leave the Enable Replication check box selected. Otherwise, clear the
check box to use the network as the messaging network for the group.
-
Click New to create the database availability group network. On the
Completion page, the Summary states whether the operation was
successful. If an error occurred, you need to take the appropriate
corrective action. Otherwise, click Finish.
You can remove a network from a database availability group by completing the following steps:
-
In the Exchange Management Console, expand the Organization
Configuration node and then select the related Mailbox node. On the
Database Availability Group tab, the bottom panel shows the networks currently associated with the selected availability group.
-
Right-click the database availability group network you want to remove, and then click Remove.
In the Exchange Management Shell, you can list availability group networks using Get-DatabaseAvailabilityGroupNetwork.
If you enter Get-DatabaseAvailabilityGroupNetwork without additional
parameters, you see a list of all configured networks for all
availability groups. Use the –Identity parameter to specify the name of
the network to query. Use the –Server parameter to obtain health
information for the network from a specific Mailbox server. The
following example lists detailed information for all the networks
associated with EastCampusDAG1:
Get-DatabaseAvailabilityGroupNetwork -Identity EastCampusDAG1 |
format-list
The following example lists detailed information for the Repl network associated with EastCampusDAG1:
Get-DatabaseAvailabilityGroupNetwork -Identity EastCampusDAG1\Repl |
format-list
You create or remove group networks using New-DatabaseAvailabilityGroupNetwork and Remove-DatabaseAvailabilityGroupNetwork. Samples Example 3 and Example 4 provide the syntax and usage.
Example 3. New-DatabaseAvailabilityGroupNetwork cmdlet syntax and usage
Syntax
New-DatabaseAvailabilityGroupNetwork -Name NetworkName
-DatabaseAvailabilityGroup DAGName
[-Description Description
] [-DomainController FullyQualifiedName
]
[-IgnoreNetwork <$true | $false>] [-ReplicationEnabled <$true | $false>]
[-Subnets SubnetIds
]
Usage
New-DatabaseAvailabilityGroupNetwork -DatabaseAvailabilityGroup
"EastCampusDAG1" -Name "Primary DAG Network" -Description ""
-Subnets "{192.168.10.0/24, 192.168.15.0/24}" -ReplicationEnabled $true
Example 4. Remove-DatabaseAvailabilityGroupNetwork cmdlet syntax and usage
Syntax
Remove-DatabaseAvailabilityGroupNetwork -Identity NetworkName
[-DomainController FullyQualifiedName
]
Usage
Remove-DatabaseAvailabilityGroupNetwork
-Identity "EastCampusDAG1\Primary DAG Network"
Changing Availability Group Network Settings
Database availability group networks have several properties that
you can configure, including the network name, description, associated
subnets, and replication status. The replication status determines
whether the network is used as the replication network for the group or
the messaging network for the group. When replication is enabled, the
network is used as the replication network for the group. When
replication is disabled, the network is used as the messaging network
for the group.
You can manage the settings for a group network by completing the following steps:
-
In the Exchange Management Console, expand the Organization
Configuration node and then select the related Mailbox node. On the
Database Availability Groups tab, the bottom panel shows the networks
currently associated with the selected availability group.
-
Right-click the network you want to work with and then select Properties.
-
On the General tab, the top field shows the name of the network. You
can enter a new name if desired and optionally change the network
description.
-
Each network must contain at least one subnet. Subnets must be added using a format of IPAddress/Bitmask, such as 192.168.15.0/24, or IPv6Address/NetworkSubnetPrefix, such as FEC0:1234:5678::/48. Use the options provided to add, edit, or remove subnets for the network.
-
To establish the network as the replication network for the group,
select the Enable Replication check box. Otherwise, clear the check box
to use the network as the messaging network for the group.
-
Click OK to save your settings.
You can use Set-DatabaseAvailabilityGroupNetwork to configure basic settings for availability group networks. Example 5 provides the syntax and usage for Set-DatabaseAvailabilityGroupNetwork.
Example 5. Set-DatabaseAvailabilityGroupNetwork cmdlet syntax and usage
Syntax
Set-DatabaseAvailabilityGroupNetwork -Identity NetworkName
[-Description Description
] [-DomainController FullyQualifiedName
]
[-IgnoreNetwork <$true | $false>] [-Name NewName
] [-ReplicationEnabled
<$true | $false>] [-Subnets Subnets
]
Usage
Set-DatabaseAvailabilityGroupNetwork
-Identity "EastCampusDAG1\Primary DAG Network"
-ReplicationEnabled $False
Advanced options for the networks associated with availability
groups are set at the group level. Advanced options you can configure
include encryption, compression,
and the TCP port used for replication. Database availability groups
support data encryption using the built-in encryption capabilities of
the Windows Server operating system. When you enable encryption,
database availability groups use Kerberos authentication between
Exchange servers to encrypt and decrypt messages. Encryption helps
maintain the integrity of the data. Network encryption is a property of
the database availability group and not a property of a database
availability group network.
You can configure database availability group network encryption by
using the –NetworkEncryption parameter of the
Set-DatabaseAvailabilityGroup cmdlet in the Exchange Management Shell.
The possible encryption settings are as follows:
-
Disabled Network encryption is not used for any database availability group networks.
-
Enabled Network encryption is used on all database availability group networks for replication and seeding.
-
InterSubnetOnly Network encryption is used only with database availability group networks on the same subnet.
-
SeedOnly Network encryption is used on all database availability group networks for seeding only.
Database availability groups also support built-in compression.
You configure network compression by using the –NetworkCompression
parameter of the Set-DatabaseAvailabilityGroup cmdlet in the Exchange
Management Shell. The possible compression settings are as follows:
-
Disabled Network compression is not used for any database availability group networks.
-
Enabled Network compression is used on all database availability group networks for replication and seeding.
-
InterSubnetOnly Network compression is used only with database availability group networks on the same subnet.
-
SeedOnly Network compression is used on all database availability group networks for seeding only.
You can specify the TCP port to use for replication by
using the –ReplicationPort parameter of the
Set-DatabaseAvailabilityGroup cmdlet in the Exchange Management Shell.