Using 2 NICs and 2 MX Records on 1 Exchange 2003 Server

My organization has two separate T1 IP pipes provided by different ISP's, each configured to move traffic upstream and downstream. Each also has a public MX record in DNS: MX 1 value = 10, MX 2 value = 20. Each MX has also been listed to perform reverse DNS to avoid bouncebacks.

The idea is, if one pipe or ISP fails, the other picks up the slack, and mail still flows in both directions.

We use one robust, non-clustered Exchange 2003 Server to perform both front-end mail functions and to host mailboxes. This machine has dual identical NICs which are assigned consecutive internal class C addresses (192.168.0.5 and 192.168.0.6).

The internal addresses are NAT'ed in firewall (SonicWall Pro3060) to their public MX's. The firewall has been further configured to fail IP pipe 1 over to IP pipe 2.

The question is: What hazards am I inviting by configuring in this manner? Is pointing multiple public mail records at one front-end/back-end Exchange server a security threat? Am I overlooking some obvious no-no?

I should also note that I don't know if this topology will work in practice, because I haven't physically plugged into NIC 2 yet.









tmeierAsked:
Who is Participating?
 
SembeeConnect With a Mentor Commented:
If it was me doing this, I would be looking at a router to sit in front of the Exchange server, rather than trying to get Windows to do the job.

The problem is Windows, not Exchange.

You can only have one default gateway, so even if you enable the other NIC and plug the connection in to it, all that is going to happen is Windows will get in a state and fill your event logs up with errors. In the event of a failure you would have to change the default gateway itself.

However there are routers that support dual WAN connections and can change the routing on the fly, and those would make a much better job. You could then leave a single default gateway on the Exchange server and not have to worry about network reconfigurations in the event of a failure.

Simon.
0
All Courses

From novice to tech pro — start learning today.