“For a complete guide to security, check out ‘Security + Study Guide and DVD Training System’ from Amazon.com“
Many senior Engineers also pay close attention to finer details to make things run better, or to be proactive in avoiding disaster. In this article we will discuss just that… the little details that make any Microsoft Windows Exchange 2003 deployment a cut above the rest. These tips were taken from a real world deployment and implemented to make the deployment go better, easier, more effective.
Broken out into each subheading, you will find 15 tips that we consider very important points to cover when assessing your current Exchange environment. You will find Tips 1-7 in this article and the second half in Part 2 of this article set. Since this article was created by two engineers currently involved in a global Exchange 2003 deployment spanning hundreds of sites all across the world, this article will cover optimization techniques that were used in that real world deployment such as off-loading to a front-end server, applying security and disaster recovery to your site, using a dedicated server or appliance to filter out spam and malware which will improve system performance, proper server sizing, memory and proper disk configuration and much more. Let’s take a look at each in detail.
1. Use Bridgehead Servers
Applying optimization techniques will most times equal better performance. Better performance should always be sought after by systems administrators and engineers because you know demand will increase, load will increase, but hardware is fixed. By optimizing, you get to fine tune your environment to provide a better return on investment.
To optimize your Exchange environment, consider what sort of tasks can be off-loaded to a front-end server and move these tasks to these servers. A Bridgehead server is a Microsoft Exchange Server computer that acts as the endpoint of a connection between two sites and is responsible for routing messages through that connection.
Typical uses for front-end servers are to off-load OWA (Outlook Web Access), IMAP4 (Internet Message Access Protocol v4), POP3 (Post Office Protocol v3), and SMTP (Simple Mail Transfer Protocol) relaying from your internal mailbox servers.
Figure 1 shows a few items you will want to pay attention to (such as clustering, using dedicated devices for dedicated roles, proper line sizing and so on. For this example, we are just primarily focused on offloading traffic to a front-end server to ease the load on the main mail server.
Offloading OWA has the added benefit of enabling the use of forms-based authentication, which improves security by allowing session time-outs. Also consider moving any public folders or resource mailboxes that have event syncs associated with them to a dedicated back-end server so that your users are not impacted by problems that may arise out of the event service using excessive resources.
2. Use Dedicated Security Devices
Dodging the responsibility of Spam and Virus protection is not a good way to run your email system especially since most viruses and malware target Microsoft products. If you do deploy it then its imperative that you consider the impact that these added services and resources will bring to your systems. Try to consider that every time you add a software package on a system, you inevitably take a bite out of what that system can handle normally, its resource pool not lowered, you are asking it to do more.
This being said, it’s very important to always consider sticking with what Microsoft is, a distributed software model and deploy a ‘distributed’ design when you consider security and protection. To shortchange the budget in this area is a mistake; you wind up impacting the performance of the whole deployment because you try to run too much on one system, that is already taxed by its own services, remember, an Exchange Server has to run Active Directory so between the base NOS install ‘and’ Exchange, you really shouldn’t consider running too much more on that system. Think about when you have to turn on logging, then what? Your system will collapse if you are running a firewall, Virus protection, Spam and everything else on the same system you are running your email on, you are asking for problems.
Consider using a dedicated server or appliance to filter out SPAM and Viruses before you allow them to enter your Exchange environment. This alone can reduce the number of messages being processed by your system by as much as 80%. If you can’t remove the load, then find devices to help share it, as you can see, you will gain back a lot of performance power.
3. Size your Servers with the Right Hardware
Despite servers and operating systems that support 32 GB or more RAM, Exchange 2003 is still a 32-bit application that is limited to utilizing 4 GB of RAM, so building servers with more than 4 GB of RAM on an Exchange server is a waste of money. With this limitation, the sweet spot for processors is 4. Any more than 4 CPU’s and you’re very likely to hit a RAM bottleneck long before the CPU’s become a bottleneck, so buying 8 or 16 processor servers will not gain you much performance over a 4 CPU system either. This means that a 4 processor server with 4 GB of RAM is the practical limit for a high-performing Exchange server.
Always consider doing research on your hardware, especially when it comes to Exchange, every once of power you can get out of your system, you should be considering how to obtain that power. As well, always use the proper hardware, such as ensuring that you purchase approved hardware for your vendor (make sure if you run your system on Dell, you check Dell’s site or your vendor for exact matching) and check the Microsoft hardware Compatibility List. (www.microsoft.com/hcl/)
4. Make sure to use Hyper-Threading
Hyper-Threading Technology allows multi-threaded software applications to execute threads in parallel. When a system has the ability to switch between multiple threads of execution to give the user the appearance that it’s all happening at the same time, this is called multithreading. Hyper-Threading Technology allows for a new level of performance for evolving enterprise software applications that require more and put higher demands on processors, this need will only continue to grow.
Be sure to turn Hyper-Threading on. This will give an instant CPU gain of between 15%-25% with no additional cost. This is true no matter if you have a single or quad processor server.
5. Run Windows Server 2003
Exchange 2003 and Windows Server 2003 were designed together and memory tuning, processor optimization, and several other performance aspects of Windows Server 2003 are all utilized by Exchange 2003. You can do the deployment in other ways, but the best gains can be yours if you plan to keep Windows Server 2003 and Exchange Server 2003 together.
6. Verify and Set your Memory Configuration
Exchange 2003 does much of the memory tuning that was manual under Exchange 2000. One of the few remaining memory configurations that you need to manually tune with Exchange 2003 is to modify the boot.ini if your system has more than 1 GB of RAM. On a Windows 2003 server, you need to modify the c:\boot.ini file with the addition of the /3GB and /USERVA=3030 settings.
Sample boot.ini for Windows 2003 servers:
Boot Loader] Timeout=30 Default=multi(0)disk(0)rdisk(0)partition(2)\WINNT [Operating Systems] multi(0)disk(0)rdisk(0)partition(2)\WINNT=”Microsoft Windows Server 2003″ /fastdetect /3GB /USERVA=3030
For Windows 2000 Advanced Server, the /3GB switch is used, but the /USERVA=3030 switch is invalid. For Windows 2000 Standard Server, no switches can be used at all, and Exchange will be limited to 2 GB of usable RAM, and the remaining RAM will be allocated to the OS or other processes running on the system.
7. Network Configuration and Performance
Network configuration on local LAN segments will rarely be an issue for modern hardware with the efficiency of modern LAN adapters. With users connecting across a WAN, however, bandwidth and latency are both very important factors to consider in overall Exchange performance.
With Exchange 2003 and Outlook 2003, however, Microsoft has introduced Cached Mode Exchange, which greatly reduces the impacts of latency and bandwidth issues across a WAN. In real world deployments, Cached Mode Exchange against an Exchange 2003 server can average as little as 1 Kbps per user at peak usage.
In this case, a T-1 that is dedicated to Exchange traffic could handle as many as 1500 users, a vast improvement. Other improvements include compressed data streams and an optimized RPC protocol that requires significantly fewer round-trips per operation, resulting in better end-user insulation from both bandwidth and latency issues commonly experienced with Exchange 5.5 and Exchange 2000.
In Part 1 of this article you have been shown how to pay close attention to detail when attempting to be a cut above the rest and make a great Exchange Deployment better. Remembering these finer, smaller details when rolling out and then managing your Microsoft Windows Exchange 2003 deployment will ensure you a better performing system. Always make sure to back up your systems before applying any patch or fix, make sure to test in a lab segment and always have a back out plan for your production systems.
Rob and Chad are both currently involved in a global Exchange 2003 deployment spanning hundreds of sites all across the world. 15 tips were provided from a real world deployment that the authors considered very important points to cover when assessing your current Exchange environment in hopes that they help you as much as they have helped us. Rob would like to personally thank Chad Conrow for his assistance with this article. You can reach Rob Shimonski in the Forums on this website. Stay tuned for Part 2 coming soon…
Links and Reference
Downloads for Exchange Server 2003
Get the latest updates, service packs, add-ins, tools, and trial software that you can download or order from Microsoft.
Optimizing Storage for Exchange Server 2003
Published: September 2, 2004