rilliam
asked on
DNS and routing issues with dyndns and firewall
we have the following
server1 - domain controller 2003
server2 - exchange 2003, domain controller
linux router running iptables.
our active directory domain is like domain.local
I added another wan ip to the router and forwarded smpt,imap4 and pop to the exchange server
I can send out email successfully.
I want to use dyndns to configure our DNS domain which is ourdomain.net to work with our exchange server. Meaning I want to receive email on our exchange server. Right now the domain is resolving to an external provider.
How can I do this?
server1 - domain controller 2003
server2 - exchange 2003, domain controller
linux router running iptables.
our active directory domain is like domain.local
I added another wan ip to the router and forwarded smpt,imap4 and pop to the exchange server
I can send out email successfully.
I want to use dyndns to configure our DNS domain which is ourdomain.net to work with our exchange server. Meaning I want to receive email on our exchange server. Right now the domain is resolving to an external provider.
How can I do this?
ASKER
Is there a way to test my ability to receive email from the outside without moving our dns name over?
ASKER
My domain is .local, wont this effect my ability to recieve email on the excahnge server?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> I want to use dyndns to configure our DNS domain which is
> ourdomain.net to work with our exchange server. Meaning
> I want to receive email on our exchange server. Right now the
> domain is resolving to an external provider.
> How can I do this?
First, stop using DynDNS. If you're allocated an IP address, make it static. Yell, scream and pay your ISP. Sending SMTP to a "floating" host really erks me.
DNS/MX records -- weren't really meant to deal with boxen that "float". rDNS is even more nutty in a dyn-dns environment.
In short, your SMTP, just like your HTTP might be at address a.b.c.d.
You're making services available to the "planet" -- and wanting them to be reliable.. Flippity-Floping the IP address of the hosting boxen is going to do all but obfuscate the situation.
DynDNS is cheap and silly. fsck it..
good luck,
Sc.
> ourdomain.net to work with our exchange server. Meaning
> I want to receive email on our exchange server. Right now the
> domain is resolving to an external provider.
> How can I do this?
First, stop using DynDNS. If you're allocated an IP address, make it static. Yell, scream and pay your ISP. Sending SMTP to a "floating" host really erks me.
DNS/MX records -- weren't really meant to deal with boxen that "float". rDNS is even more nutty in a dyn-dns environment.
In short, your SMTP, just like your HTTP might be at address a.b.c.d.
You're making services available to the "planet" -- and wanting them to be reliable.. Flippity-Floping the IP address of the hosting boxen is going to do all but obfuscate the situation.
DynDNS is cheap and silly. fsck it..
good luck,
Sc.
ASKER
Excellent Thanks alot for reading my mind.
we try, mate, we try, :)
rillam,
I assume you know what MX records are now.
Make your Dyn-DNS box "lowest cost MX". Get your ISP to handle Secondary and Tertiary MX costs for your domain -- and store/forward email to "you".
Without that, you're going to lose email.. because some ISPs cache DNS values for 24-48 hours.. nevermind how "dynamic" you want them to be. (they ignore the TTL, technically.. see NANOG for recent discussion.)
I want to make a rant here: DynDNS is stupid. End of story. An IP address is always assigned to your (external) interface, yes? If one IP-addr is in use, why not make it static? What would that cost?! Space is ARIN registered, be it either dynamic or static..
Grumble.
Best wishes,
Scott..
I assume you know what MX records are now.
Make your Dyn-DNS box "lowest cost MX". Get your ISP to handle Secondary and Tertiary MX costs for your domain -- and store/forward email to "you".
Without that, you're going to lose email.. because some ISPs cache DNS values for 24-48 hours.. nevermind how "dynamic" you want them to be. (they ignore the TTL, technically.. see NANOG for recent discussion.)
I want to make a rant here: DynDNS is stupid. End of story. An IP address is always assigned to your (external) interface, yes? If one IP-addr is in use, why not make it static? What would that cost?! Space is ARIN registered, be it either dynamic or static..
Grumble.
Best wishes,
Scott..
I have to assume the wan ip you set is one given you by your ISP.