We have 2 data centers, site 1 and site 2. Site 1 is generally our primary, and site 2 is our Disaster Recovery (DR) site. I want to setup a SQL instance to have extremely high availability. Therefore I was looking at using DB mirroring, with synchronous data writing, high-safety and auto-failover. This requires the usage of a witness server.
Where is the best place to put the witness server? This link seems to indicate the primary site (site 1 in my example): https://social.technet.microsoft.com/Forums/office/en-US/27611fa8-e1f2-4ecf-a8a6-456278943b5b/help-with-placing-servers-to-use-database-mirroring-for-dr-when-only-two-locations-are-available?forum=sqldisasterrecovery
My problem with this setup, is that if the witness and principal are both at site 1, if site 1 goes away (power failure, asteroid impact, lol, anything else that would be a *true* DR scenario), then there is no failover to the mirror server at site 2. However, if you put the witness at site 2, anytime the WAN link between site 1 and site 2 has an issue, the DB will auto-failover to site 2. Is the reason for the recommendation of the witness being at the primary site because the thinking is that WAN link failure is likely more common than a *true* DR scenario that takes out all of site 1?