High Availability Options on Microsoft DirectAccess

Introduction

When planning for DirectAccess, eliminating single points of failure in the infrastructure is key to providing the highest levels of availability for remote access users. DirectAccess includes a number of features to address these concerns, including support for both local and geographic load balancing and failover. In addition, the Celestix E Series appliance includes built-in hardware redundancy to ensure the most stable performance for your DirectAccess servers.

Appliance Redundancy

The Celestix E Series 6400 and 8400 appliance models include numerous hardware features that support high availability. Both include redundant hard disk drives, power supplies, CPU fans, and more. Many of these components are hot-swappable, allowing for their replacement while the unit is still in service. In addition, these appliances feature an abundance of network interfaces, allowing for NIC teaming to provide network-level fault tolerance. While the 3400 series appliance does not include many of the hardware redundancy features that the 6400 and 8400 have, that’s actually by design. The 3400 model was designed primarily for small deployments where the highest levels of availability aren’t required. However, the 3400 model can be deployed where a scale-out architecture is preferred over scale-up. In this scenario, fault tolerance is provided at the appliance level. In the event of a hardware failure in one unit, the remaining units continue to provide service until the unit is replaced. If designed correctly, scale-out offers the advantage of reducing the impact of a unit failure by virtue of the fact that the workload is distributed among more physical devices. Consider a scenario in which you have two units providing service and one fails. When this occurs, you’ve lost half or your total capacity and you no longer have redundancy. Depending on current utilization, the single unit that remains in service may not have enough capacity to meet current demands, which may result in a complete outage. Also, with just one unit online, you now have a single point of failure until the remaining unit is back in service. Now, if you have five units and one fails, you’ve lost only one fifth of your overall capacity. The remaining units should have enough capacity to continue to service requests, and redundancy is still maintained. Keep that in mind when you’re planning your infrastructure!

Local Redundancy

DirectAccess includes support for creating local redundant arrays using either the Windows integrated Network Load Balancing (NLB) or a third-party external load balancer. Using NLB is simple and works reasonably well in small to mid-sized deployments. However, it is less than ideal for larger enterprise deployments. NLB is broadcast-based and is noisy on the wire. All nodes in an NLB array will send out broadcast heartbeat messages every second. If you plan to use NLB, I strongly recommend placing the DirectAccess server’s internal and external network interfaces on dedicated VLANs to isolate the broadcast traffic. DirectAccess does support NLB in multicast operating mode, but this too brings its own set of challenges. For deployments supporting a large number of users, the use of an Application Delivery Controller (ADC) or load balancer is recommended. The use of an ADC enables more granular load monitoring, more intelligent traffic distribution, and higher throughput. In addition, there are scenarios in which the advanced features of an ADC can improve scalability and performance of the DirectAccess solution.

Geographic Redundancy

For organizations with multiple physical locations, additional redundancy can be provided using the multisite deployment option for DirectAccess. For example, if you have a datacenter in Los Angeles and another in Atlanta, you can configure DirectAccess entry points in each location. In this configuration, DirectAccess clients running Windows 8 or later will select the entry point nearest them, which is determined using connection response times to each entry point. If the entry point is not available, or becomes unavailable during a session, the client will automatically connect to another entry point in the organization. Unfortunately, Windows 7 clients lack this capability and must be assigned to a single DirectAccess entry point. There is no dynamic selection of entry points or automatic failover for Windows 7 DirectAccess clients. Also, for the highest levels of availability, it is recommended that you also employ local redundancy for each entry point.

Conclusion

New features in Windows Server 2012 R2 DirectAccess allow for the deployment of DirectAccess in environments with the highest demands for availability. Multisite geographic redundancy and network load balancing for local redundancy, when combined with the stable and robust Celestix E Series advanced hardware appliance platform, ensure that any single points of failure have been addressed and that uptime can be maintained even in cases of planned system maintenance or even a complete datacenter outage.

Additional Resources – Watch our webinar on DirectAccess High Availability Options.

For more information about the E Series appliance platform and DirectAccess, visit celestix.com/edge or call us at +1 (510) 668 0700 or email us at info@celestix.com.