PeopleSoft Adoption Made Smooth & Simple!
On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool. Claim Your Free WalkMe Account Now
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Internet connection failover and mx records
Posted on 2006-06-09
Here's the scenario:
Client has 2 sites that are far apart, each site having 1 Internet connection with intentionally different ISPs.
The 2 sites will be linked together with a private "site to site" 2mbit link presented as ethernet at both ends.
The first site has an exchange server accepting incoming mail via smtp. At the moment, the 2nd site accesses their email from Outlook using ssl over rpc. Not an issue in itself but the country the client operates from sufferes from slow, unreliable (and costly!) internet connections that are 256Kbit/s at best.
The intention would be to have the mx records for the exchange server set up as follows:
priority 10 on the static, public IP 1st internet connection (existing)
priority 10 or 20 for the static, public IP on the 2nd site's internet connection*
priority 30 for the ISP's mail server on the 1st site's internet connection**
*The smtp traffic for this will obviously have to go through the "site to site" link to reach the exchange server.
**This is incase the exchange server itself is down.
I am intending to provide provide fault tolerance for both site's internet and email access by installing a router in each site that has load balancing/failover wan links such as the zyxel zywall 35. That way if site 1's internet connection goes down, site 2's is available for all.
As an additional benefit, if the dedicated link goes down, site 2's Outlook users could hopefully still access their exchange mailbox. However I'm not sure on how dns would behave as the internal and external fqdn for the rpc proxy resolve to different ip addresses (192.168.x.x and 195.x.x.x respectively). Should dns caching on the WinXP client PCs be disabled?
I basically need the following answered:
1. Are my intended changes to the mx records sensible?
2. Is the Zywall 35 a good choice for failover applications such as my situation?
3. Is it feasible for site 2's outlook users to be able to access the exchange server in the event of the "site to site" link being down?
If anyone can answer 1 or more questions I will gladly split points- I'd offer more points if I was allowed!
Yours hopefully,
Jon.
Client has 2 sites that are far apart, each site having 1 Internet connection with intentionally different ISPs.
The 2 sites will be linked together with a private "site to site" 2mbit link presented as ethernet at both ends.
The first site has an exchange server accepting incoming mail via smtp. At the moment, the 2nd site accesses their email from Outlook using ssl over rpc. Not an issue in itself but the country the client operates from sufferes from slow, unreliable (and costly!) internet connections that are 256Kbit/s at best.
The intention would be to have the mx records for the exchange server set up as follows:
priority 10 on the static, public IP 1st internet connection (existing)
priority 10 or 20 for the static, public IP on the 2nd site's internet connection*
priority 30 for the ISP's mail server on the 1st site's internet connection**
*The smtp traffic for this will obviously have to go through the "site to site" link to reach the exchange server.
**This is incase the exchange server itself is down.
I am intending to provide provide fault tolerance for both site's internet and email access by installing a router in each site that has load balancing/failover wan links such as the zyxel zywall 35. That way if site 1's internet connection goes down, site 2's is available for all.
As an additional benefit, if the dedicated link goes down, site 2's Outlook users could hopefully still access their exchange mailbox. However I'm not sure on how dns would behave as the internal and external fqdn for the rpc proxy resolve to different ip addresses (192.168.x.x and 195.x.x.x respectively). Should dns caching on the WinXP client PCs be disabled?
I basically need the following answered:
1. Are my intended changes to the mx records sensible?
2. Is the Zywall 35 a good choice for failover applications such as my situation?
3. Is it feasible for site 2's outlook users to be able to access the exchange server in the event of the "site to site" link being down?
If anyone can answer 1 or more questions I will gladly split points- I'd offer more points if I was allowed!
Yours hopefully,
Jon.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
The MX records look good to me except you must choose 10 for one 20 for the other and 30 for the last one.
I have used the Zywall for some customers and it works good. Some people that are hardcore cisco freaks say to only use cisco equipment but then you have to buy two routers and do a bunch of programming to get it to work where as the dual wan router is pretty easy to setup. Go for it with the Zywall
The clients should have no issues getting their email because it will use the first mx record and if it cant make it there it will choose the second one and so on until it either times out or makes a connection.
I think you will be ok with the config you have in mind
I have used the Zywall for some customers and it works good. Some people that are hardcore cisco freaks say to only use cisco equipment but then you have to buy two routers and do a bunch of programming to get it to work where as the dual wan router is pretty easy to setup. Go for it with the Zywall
The clients should have no issues getting their email because it will use the first mx record and if it cant make it there it will choose the second one and so on until it either times out or makes a connection.
I think you will be ok with the config you have in mind
Ok, we have two site with different domain names.
What we have done is that we create 3 MX records, just like you did.
Both sites are connected via 1Mbps link.
For site 1:
1st MX record points to Exchange on site 1
2nd MX points to Exchange on site 2
3rd MX points to ISP
For site 2:
1st MX record points to Exchange on site 2
2nd MX points to Exchange on site 1
3rd MX points to ISP
Both exchange are setup to receive email for each other.
Now in our internal DNS we have created few MX records as well.
Site 1:
1st MX record for site 2 domain via internal IP
2nd MX record for site 2 domain via external IP
site 2:
1st MX record for site 1 domain via internal IP
2nd MX record for site 1 domain via external IP
This ensures that we receive mails even if our internet is down in either of the site.(Both sites have different ISP)
Also, it provides load balancing, if for some reason first exchange is busy, second can receive the mail and send it to us via internal link, after sometime.
What we have done is that we create 3 MX records, just like you did.
Both sites are connected via 1Mbps link.
For site 1:
1st MX record points to Exchange on site 1
2nd MX points to Exchange on site 2
3rd MX points to ISP
For site 2:
1st MX record points to Exchange on site 2
2nd MX points to Exchange on site 1
3rd MX points to ISP
Both exchange are setup to receive email for each other.
Now in our internal DNS we have created few MX records as well.
Site 1:
1st MX record for site 2 domain via internal IP
2nd MX record for site 2 domain via external IP
site 2:
1st MX record for site 1 domain via internal IP
2nd MX record for site 1 domain via external IP
This ensures that we receive mails even if our internet is down in either of the site.(Both sites have different ISP)
Also, it provides load balancing, if for some reason first exchange is busy, second can receive the mail and send it to us via internal link, after sometime.
Hi Guys,
sorry for the delay getting back to your comments (I've been away)
I think I'll got the Zyxel route for the "dual wan" function as I want to avoind the learning curve on cisco stuff so thanks for that wrwii12.
Prashsax- It seems like you've got a goos failsafe for your email system. At the moment, because of costs contraints, my client has only the 1 exchange server but I'm interested in how you configure 2 exchange boxes to receive and then deliver mail for each other. could you give me an insight into this?
Thank you both for your help- will split the points between you both!
sorry for the delay getting back to your comments (I've been away)
I think I'll got the Zyxel route for the "dual wan" function as I want to avoind the learning curve on cisco stuff so thanks for that wrwii12.
Prashsax- It seems like you've got a goos failsafe for your email system. At the moment, because of costs contraints, my client has only the 1 exchange server but I'm interested in how you configure 2 exchange boxes to receive and then deliver mail for each other. could you give me an insight into this?
Thank you both for your help- will split the points between you both!
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month6 days, 23 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.