Shadow Redundancy Exchange Server 2016








Are you researching about the features of Shadow Redundancy in Exchange Server 2016? 

This guide is for you.


Shadow redundancy was introduced in Exchange 2010 to provide redundant copies of messages before they are sent to mailboxes.

However, in Exchange 2010, shadow redundancy delays deleting a message from the queue database on a Hub Transport server until the server verifies that the next hop in the message delivery path completes the delivery.

As long as shadow redundancy is enabled, the Mailbox server that receives the message makes a redundant copy of the message on another Mailbox server within the transport high availability boundary before acknowledging receipt of the message back to the sending server.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to resolve Technical related issues.

In this context, we shall look into Shadow redundancy in Exchange Server 2016 as well as its features.


Requirements of Shadow Redundancy Exchange Server 2016

Shadow redundancy requires multiple Mailbox servers:

1. If the Mailbox server is not a member of a DAG, the other Mailbox servers must be on the local Active Directory site.

2. And if the Mailbox server is a member of a DAG, the other Mailbox servers must belong to the same DAG. The other DAG members can be in the local Active Directory site, or in a remote site.


By default, if the DAG spans multiple Active Directory sites, shadow redundancy prefers creating a redundant copy of the message in a remote site for site resiliency.

Shadow redundancy helps to ensure that all messages in the transport pipeline are made redundant while they are in transit. If Exchange determines the original message was lost in transit, it will deliver the redundant copy of the message.

The Shadow queue is the delivery queue where the shadow server stores shadow messages. For messages with multiple recipients, each next hop for the primary message requires separate shadow queues.


Situations where shadow redundancy cannot protect messages in transit:

The following are some of the instances where Shadow Redundancy Exchange Server 2016 cannot protect messages:

1. In single Exchange server environments.

2. In under-provisioned DAGs.

3. During the simultaneous failure of two or more Mailbox servers involved in the shadow redundancy of a message.


Is Shadow redundancy is enabled by default?

By default, shadow redundancy is enabled globally in the Transport service on all Mailbox servers.


How shadow messages are created in Shadow Redundancy Exchange Server 2016 ?

The main goal of shadow redundancy is to always have two copies of a message within a transport high availability boundary while the message is in transit.

Where and when the redundant copy of the message is created depends on where the message came from, and where the message is going.

The following are the three determining factors for creating shadow messages:

1. Firstly, receiving a message from outside a transport high availability boundary (the DAG, or an Active Directory site in non-DAG environments).

2. Messages sent outside a transport high availability boundary.

3. Receiving a message from the Mailbox Transport Submission service from a Mailbox server within the transport high availability boundary.


Shadow redundancy with Exchange 2010 Hub Transport servers in the same Active Directory site

When an Exchange 2010 Hub Transport server transmits a message to an Exchange 2016 Mailbox server in the same Active Directory site the Exchange 2010 advertises support for shadow redundancy using the XSHADOW command.

But the Mailbox server doesn't advertise support for shadow redundancy.

However, this prevents the Exchange 2010 Hub Transport server from creating a shadow copy of the message on an Exchange 2016 Mailbox server.

When the Transport service on an Exchange 2016 Mailbox server transmits a message to an Exchange 2010 Hub Transport in the same Active Directory site, the Exchange 2016 Mailbox server shadows the message for the Exchange 2010 Hub Transport server.


SMTP timeouts

During the attempt to make a redundant copy of the message, the SMTP connection between servers could timeout.

The sending server will re-deliver the message that did not get an acknowledgment. 

However, the duplicate message detection will prevent Exchange mailbox users from seeing this.

When the sending server resubmits the message, the primary server will create another shadow copy of the message.

There will not be any relationship between the shadow messages during message resubmissions by the sending server.


Maintaining shadow messages in Shadow Redundancy Exchange Server 2016

After the successful creation of the shadow message, the work of shadow redundancy will begin.

The primary server and the shadow server have to stay in contact with each other to track the progress of the message.

When the primary server successfully transmits the message to the next hop, the next-hop acknowledges receipt of the message. The primary server updates the discard status of the message as delivery complete.

A success message is not usually kept in a shadow queue. The shadow server moves the shadow message from the shadow queue into Safety Net when it gets a success message.

The shadow server determines the discard status of the shadow messages in its shadow queues by querying the primary server.

After the shadow server opens an SMTP session with the primary server, the primary server responds with the discard notifications for messages that apply to the querying shadow server.

Disk stores the Discard notifications. So, if the Microsoft Exchange Transport service restarts, the discard notifications persist.

And the SMTP communication between the shadow server and the primary server is the heartbeat that determines the availability of the servers.


Shadow Redundancy Manager

It is the core component on a Mailbox server that manages redundancy. Shadow Redundancy Manager is responsible for maintaining the following information for all the primary messages that a server processes.


Responsibilities of Shadow Redundancy Manager

Shadow Redundancy Manager does the following actions for all the shadow messages that a shadow server has in its shadow queues:

1.  Maintaining the list of primary servers for each shadow message.

2. Comparing the original database ID and the current database ID of the queue database that stores the primary copy of the message.

3. Checking the availability of each primary server for a shadow message is in the queue.

4. Processing discard notifications from primary servers.

5. Removing the shadow messages from the shadow queues after receiving all possible discard notifications.

6. Deciding when the shadow server should take ownership of shadow messages, becoming a primary server.


[Need assistance with Exchange Server? We are happy to help you. ]



Conclusion

This article will guide you on the features of Shadow Redundancy #Exchange Server 2016. 

To remove all messages from a particular queue, click the Queues tab. 

Select a queue, right-click, and then select Remove #Messages (with NDR) or Remove Messages (without NDR).

Submission queue. #Mailbox servers and Edge Transport servers. Holds messages that have been accepted by the Transport service, but haven't been processed. Messages in the Submission queue are either waiting to be processed, or are actively being processed.


Advantages and Features of Exchange Server 2016:

1. Improved search experience. Thanks to the asynchronous and decentralized architecture.

2. New cloud-focused architecture that supports mobility.

3. Easier collaboration on SharePoint and OneDrive.

4. Faster failover and failure isolation.

5. Outlook on the web and Outlook app feature enhancement.


For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com