Using 2 NICs and 2 MX Records on 1 Exchange 2003 Server

Posted on 2006-04-07
Last Modified: 2006-11-18
My organization has two separate T1 IP pipes provided by different ISP's, each configured to move traffic upstream and downstream. Each also has a public MX record in DNS: MX 1 value = 10, MX 2 value = 20. Each MX has also been listed to perform reverse DNS to avoid bouncebacks.

The idea is, if one pipe or ISP fails, the other picks up the slack, and mail still flows in both directions.

We use one robust, non-clustered Exchange 2003 Server to perform both front-end mail functions and to host mailboxes. This machine has dual identical NICs which are assigned consecutive internal class C addresses ( and

The internal addresses are NAT'ed in firewall (SonicWall Pro3060) to their public MX's. The firewall has been further configured to fail IP pipe 1 over to IP pipe 2.

The question is: What hazards am I inviting by configuring in this manner? Is pointing multiple public mail records at one front-end/back-end Exchange server a security threat? Am I overlooking some obvious no-no?

I should also note that I don't know if this topology will work in practice, because I haven't physically plugged into NIC 2 yet.

Question by:tmeier
    1 Comment
    LVL 104

    Accepted Solution

    If it was me doing this, I would be looking at a router to sit in front of the Exchange server, rather than trying to get Windows to do the job.

    The problem is Windows, not Exchange.

    You can only have one default gateway, so even if you enable the other NIC and plug the connection in to it, all that is going to happen is Windows will get in a state and fill your event logs up with errors. In the event of a failure you would have to change the default gateway itself.

    However there are routers that support dual WAN connections and can change the routing on the fly, and those would make a much better job. You could then leave a single default gateway on the Exchange server and not have to worry about network reconfigurations in the event of a failure.


    Featured Post

    Are your corporate email signatures appalling?

    Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

    Join & Write a Comment

    Suggested Solutions

    Use email signature images to promote corporate certifications and industry awards.
    Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
    In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now