Microsoft Exchange 2013 Architecture explained
In this article, we deal with the architecture in exchange 2013 and details about two server roles- Client Access server role and Mailbox server role.
This article is a summary of the contents explained in Microsoft Teched presentation by Scott Schnoll on Exchange 2013 Architectural Deep Dive. All credit goes to him and the exchange team!
Let’s begin by understanding the architecture of 2013 and how it is different from legacy versions.
The exchange 2000 and 2003 was a very basic model for exchange. There was a basic exchange which included everything and which administrator had to configure everything as per the organization’s requirements. It also relied on third parties for data redundancy.
With the 2007, continuous replication was introduced including data and server redundancies to the picture for the first time. Also, separation of server roles which eased management and deployment flexibility. With the 2010 version of exchange, separate HA solutions were introduced along with database availability control. Role based access control and hybrid deployment were also introduced with this version. The issues with previous versions of exchange were that the deployments process was complicated. Load balancing was difficult and needed expensive solutions. They also required too many namespaces.
With the new release of Exchange, that is the exchange 2013, we can see an extensive use of building blocks t facilitate deployment at all scales- from self hosted small organizations to office 365. With that the server role and network layer have improved. Versioning and inter op principles have been introduced. All these changes will result in
- Improved Hardware efficiency
- Simplified Deployment process
- Cross version inter-op
- Failure Isolation
The building block structure explains the architecture of exchange as constituted by two building blocks, the Client Access server and the Mailbox server. A Group of client access servers are called the client access array. A group of mailbox servers are called the DAG. Both these blocks are loosely coupled in terms of
- User Partitioning- We can upgrade the client access servers independently of the mailbox server maintaining the version functionality. It also facilitates deploying the same namespace.
- User Partitioning
- Geo Affinity
In exchange 2013, every server can be considered as an island. We can separate each of the server functionality into three components as access, data logic and storage. Unlike in exchange 2010, in exchange 2013 each of the components can communicate with another server only through its corresponding component in the other server. Which means that cross communication is not allowed. This kind of a structure gives us failure isolation, server isolation, functionality isolation etc.
In Exchange the functional layer consisted of Hardware Load Balancer, Client Access Hub transport and finally mailbox server. With 2013, the load balancer layer was reduced to load balancers with tcp affinity (layer IV load balancer instead of Layer VII) which is cheaper and easier. Middle Layer was split into multiple layers. Authentication and Proxy redirection capabilities from CAS were separated. The rest of the middle layers, like protocols, were merged with the mailbox layer.
Client access server role in Exchange Server 2013
Now we will discuss about Client access server role in Exchange Server 2013. CAS is an internal forest domain joined machine. It is a light weight protocol proxy consisting of 3 main components, namely, the Client access protocol (HTTP, IMAP, POP), the SMTP and UM Call router. It is used as an exchange aware proxy server, which means that it understands requests from different protocols like outlook web app, EAS etc. Exchange can then properly route the request to a mailbox server. It also support legacy server with redirect or proxy logic and contains logic to route specific protocol requests to destination end-point.
A group of CAS servers is a Client access server array. It provides load balanced connection to the clients. Similar to exchange 2010, CAS array provide unified end point for client connectivity and authentication.
Architecture consists of a load balancer upfront, which is a layer 4 load balancer. Client access has ISS which is for the http proxy components. It also have POP, IMAP, SMTP and UM components. Mailbox consists of IIS, Remote Power Shell- for configuration objects and mail queue. It also consist primary UM stack, SMTP stack and protocols like OWA and the mailbox database.
Internet Apps like outlook web app, exchange active sync, EAC and remote power shell communicate to the mailbox server through the client access first (through the load balancer) via http and then to the mailbox through proxies via the http.
POP/IMAP and SMTP also connect to the mailbox server in the same way. UM connects through a different method. It first sends a SIP request to the UM call router in the CAS which answers the request and sends a SIP redirection to the caller who can now connect to the mail box via SIP and RTP directly.
OUTLOOK CONNECTIVITY IN EXCHANGE 2013
In exchange 2013, RPC over TCP has been disabled. All outlook communications are now through RPC over HTTP (Outlook Anywhere). This unifies the CAS protocol methods and provides a stable and reliable connectivity network between clients and server and between CAS and Mailbox Server. It also reduces the number of namespaces required. It also eliminates end user interruptions. Hence moving mailboxes around in DAG and moving mailboxes between mailbox databases are now easy.
Exchange 2013 has also made the namespaces simpler. It no longer requires multiple namespace for site resilient solutions or site specific scenarios. Recovery of CAS and mailbox has been separated. This allows us to set up a single worldwide namespace.
Advantages of new Architecture
- Simplifies the network layer- layer 4 load balancer used
- Reduces the number of namespaces required
- Enables deployment flexibility
Front End Transport Service
Another component in the CAS in exchange 2013 is front end server which handles all the inbound and outbound mails of the exchange organization. It does not however, queue any mail locally and is stateless. No storage is available. It redirects the mail. It also functions as a layer 7 proxy inside the software having full access to protocol conversation.
Front End Transport Service Architecture
It has a very simple architecture consisting of SMTP Receive component containing the protocol agents and a Router component containing the hub server which determines the recipient of the message.
SMTP message is received by the SMTP Receive module which performs operations like content filtering, recipient filtering etc. It then runs through the Protocol agents and subsequently the HUB selector so as to determine the recipient of the message. It then passes the message to the SMTP Send module which then directs the message to the corresponding mailbox.
When a message is coming in from a mailbox the message goes through the protocol agents and then to the SMTP send module which is then redirected to the external SMTP server.
The HUB selector finds out the destination of the SMTP message with the help of Delivery Groups. This feature was present in the Exchange 2010, only without a defined name. There are various types of delivery groups namely
- Active Directory Site- Uses active directory topology to successfully send the message to its destination based. These are employed for messages that are not a part of any DAG and messages that are from 2010 and 2007 mailbox server.
- Mailbox- If a collection of mailbox server are available and the message is not a part of any DAG and messages that are not from 2010 and 2007 mailbox server then the recipient is selected as the closest mailbox server.
- DAG- if the mailbox is in a DAG that will be the used routing group. One of the DAG members having the recipient address is chosen so that the message can be proxied to that server. It is based on the recipient. If a message has only a single mailbox recipient, mailbox within the DAG based on proximity of the AD site is chosen. If there are multiple mailbox recipient, Mailbox server in closest DAG is chosen, factoring in site proximity. If there are no mailbox recipients (like distribution group) then a random mailbox server, considering the local AD site, is chosen.
Front End Transport Service Benefits
- Gives centralized, load balanced place of egress and ingress for SMTP as in hub and edge transport.
- It also enables Sender/Recipient/Connection protocol filtering
- It eliminates unwanted hops as it is not a store and forward proxy.
- It scales based on the number of connections.
Mailbox Server Role
The mailbox server role hosts everything related to data. It contains all the components that process, render and store the exchange data. This means all the above mentioned functions are not performed in CAS but in mailbox server.
Only CAS servers can connect to the mailbox server. All clients except the UM connections are connected to the CAS. Also, connectivity to the mailbox is provided by the mailbox database hosting the active database copy.
Database Availability Group
It is pretty much the same as in exchange 2010. It is a collection of up to 16 mailboxes severs using continuous replication and backend failover clustering. It can also be extended to multiple sites.
Upgradations that are made in DAG are in the storage, resilience and HA sections of the DAG.
Mailbox Related Changes
Some of the major changes made to the mailbox are
- Managed Store
- IOPS reduction
- Larger mailbox support
- Modern Public Folder
- New search infrastructure
It is the totally revamped version of the information store in exchange (store.exe). It uses the worker process model. It contains a service controller process and a worker process for each of the database mounted on the system. With the worker process, exchange 2013 failure isolation in database level.
The store services are a controller process managing the lifecycle of worker process. As databases are mounted and dismounted, the store service runs or terminates worker processes.
The worker process is responsible for their corresponding database, performing services to the database.
ESE Cache management
With the server store worker model, on requirement is the proper management of ESE Cache. Instead of the dynamic buffer model in exchange 2010, the ESE management algorithm allocates memory for store worker process based on RAM. It is allocated based on the number of local database copies and the maximum active database value. The cache allocation is not done however, dynamically.
Exchange 2013 dropped IOPS roughly 50%-70% compared to what Exchange 2010 used and around a 95.5% reduction from Exchange 2003 to Exchange 2013.
With changes in the store schema, namely
- Usage of blobs to store data, especially message properties
- Reduced use of long value records
- Changes in passive copy IO like higher checkpoint depth and improved ESE logging to preserve cache during failover.
Elimination of Scheduled Maintenance
With the new exchange, the need for scheduled maintenance, have been thoughtfully eliminated. The exchange now employs Time based assistance which based on the time and available resources perform maintenance.
Background maintenance period has been extended to 4 or 5 weeks in Exchange 2013.
Modern Public Folders in Exchange 2013
Modern Public folders have been made completely optional as exchange 2013 supports outlook 2007 or later which do not require public folders. The public folder in exchange 2013 is based on mailbox architecture. There is no default public folder database or public folder tree. Public folder mailboxes are created instead if the user requires. The first mailbox thus created is the hierarchy mailbox. This is where the writeable copy of the public folder tree is stored. Each of the subsequent public folder mailboxes is called the content mailbox which is created as required. All content mailboxes will also contain a copy of the hierarchy.
The advantage of the mailbox model is that higher levels of availability can be achieved through continuous replication. However, all these changes do not affect the end user appearance.
Working with public folders
in Exchange 2013
- User connects to the public folder mailbox.
- That mailbox then responds with where the queried content is.
- All content operations are then redirected to that mailbox containing the required content.
- All folder hierarchy changes are intercepted and written to the writeable copy of the hierarchy contained in the primary public folder mailbox.
- All public folders are then updated about the hierarchy changes.
- Once the public folder is filled up, a new public folder can be created.
New Search Infrastructure
The Microsoft search engine has been removed from the new version of the exchange. Now, exchange uses the FAST search engine. This reflects in the query performance and the indexing performance.
The FAST consists of two primary components- the Content Transformation Service (CTS) and the Interaction Management Service (IMS).
The CTS receives the incoming documents, run them through filters and store the content in the FAST core. The IMS takes in the queries, parse them and reconstruct the query and retrieve the required information from the FAST core.
Keywords: Exchange 2013 Architecture, difference between exchange 2007, 2010 and 2013, Learn exchange 2013 architecture.