There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.
Solved
Internet connection failover and mx records
Posted on 2006-06-09
Here's the scenario:
Client has 2 sites that are far apart, each site having 1 Internet connection with intentionally different ISPs.
The 2 sites will be linked together with a private "site to site" 2mbit link presented as ethernet at both ends.
The first site has an exchange server accepting incoming mail via smtp. At the moment, the 2nd site accesses their email from Outlook using ssl over rpc. Not an issue in itself but the country the client operates from sufferes from slow, unreliable (and costly!) internet connections that are 256Kbit/s at best.
The intention would be to have the mx records for the exchange server set up as follows:
priority 10 on the static, public IP 1st internet connection (existing)
priority 10 or 20 for the static, public IP on the 2nd site's internet connection*
priority 30 for the ISP's mail server on the 1st site's internet connection**
*The smtp traffic for this will obviously have to go through the "site to site" link to reach the exchange server.
**This is incase the exchange server itself is down.
I am intending to provide provide fault tolerance for both site's internet and email access by installing a router in each site that has load balancing/failover wan links such as the zyxel zywall 35. That way if site 1's internet connection goes down, site 2's is available for all.
As an additional benefit, if the dedicated link goes down, site 2's Outlook users could hopefully still access their exchange mailbox. However I'm not sure on how dns would behave as the internal and external fqdn for the rpc proxy resolve to different ip addresses (192.168.x.x and 195.x.x.x respectively). Should dns caching on the WinXP client PCs be disabled?
I basically need the following answered:
1. Are my intended changes to the mx records sensible?
2. Is the Zywall 35 a good choice for failover applications such as my situation?
3. Is it feasible for site 2's outlook users to be able to access the exchange server in the event of the "site to site" link being down?
If anyone can answer 1 or more questions I will gladly split points- I'd offer more points if I was allowed!
Yours hopefully,
Jon.
Client has 2 sites that are far apart, each site having 1 Internet connection with intentionally different ISPs.
The 2 sites will be linked together with a private "site to site" 2mbit link presented as ethernet at both ends.
The first site has an exchange server accepting incoming mail via smtp. At the moment, the 2nd site accesses their email from Outlook using ssl over rpc. Not an issue in itself but the country the client operates from sufferes from slow, unreliable (and costly!) internet connections that are 256Kbit/s at best.
The intention would be to have the mx records for the exchange server set up as follows:
priority 10 on the static, public IP 1st internet connection (existing)
priority 10 or 20 for the static, public IP on the 2nd site's internet connection*
priority 30 for the ISP's mail server on the 1st site's internet connection**
*The smtp traffic for this will obviously have to go through the "site to site" link to reach the exchange server.
**This is incase the exchange server itself is down.
I am intending to provide provide fault tolerance for both site's internet and email access by installing a router in each site that has load balancing/failover wan links such as the zyxel zywall 35. That way if site 1's internet connection goes down, site 2's is available for all.
As an additional benefit, if the dedicated link goes down, site 2's Outlook users could hopefully still access their exchange mailbox. However I'm not sure on how dns would behave as the internal and external fqdn for the rpc proxy resolve to different ip addresses (192.168.x.x and 195.x.x.x respectively). Should dns caching on the WinXP client PCs be disabled?
I basically need the following answered:
1. Are my intended changes to the mx records sensible?
2. Is the Zywall 35 a good choice for failover applications such as my situation?
3. Is it feasible for site 2's outlook users to be able to access the exchange server in the event of the "site to site" link being down?
If anyone can answer 1 or more questions I will gladly split points- I'd offer more points if I was allowed!
Yours hopefully,
Jon.
3 Comments
The MX records look good to me except you must choose 10 for one 20 for the other and 30 for the last one.
I have used the Zywall for some customers and it works good. Some people that are hardcore cisco freaks say to only use cisco equipment but then you have to buy two routers and do a bunch of programming to get it to work where as the dual wan router is pretty easy to setup. Go for it with the Zywall
The clients should have no issues getting their email because it will use the first mx record and if it cant make it there it will choose the second one and so on until it either times out or makes a connection.
I think you will be ok with the config you have in mind
I have used the Zywall for some customers and it works good. Some people that are hardcore cisco freaks say to only use cisco equipment but then you have to buy two routers and do a bunch of programming to get it to work where as the dual wan router is pretty easy to setup. Go for it with the Zywall
The clients should have no issues getting their email because it will use the first mx record and if it cant make it there it will choose the second one and so on until it either times out or makes a connection.
I think you will be ok with the config you have in mind
Ok, we have two site with different domain names.
What we have done is that we create 3 MX records, just like you did.
Both sites are connected via 1Mbps link.
For site 1:
1st MX record points to Exchange on site 1
2nd MX points to Exchange on site 2
3rd MX points to ISP
For site 2:
1st MX record points to Exchange on site 2
2nd MX points to Exchange on site 1
3rd MX points to ISP
Both exchange are setup to receive email for each other.
Now in our internal DNS we have created few MX records as well.
Site 1:
1st MX record for site 2 domain via internal IP
2nd MX record for site 2 domain via external IP
site 2:
1st MX record for site 1 domain via internal IP
2nd MX record for site 1 domain via external IP
This ensures that we receive mails even if our internet is down in either of the site.(Both sites have different ISP)
Also, it provides load balancing, if for some reason first exchange is busy, second can receive the mail and send it to us via internal link, after sometime.
What we have done is that we create 3 MX records, just like you did.
Both sites are connected via 1Mbps link.
For site 1:
1st MX record points to Exchange on site 1
2nd MX points to Exchange on site 2
3rd MX points to ISP
For site 2:
1st MX record points to Exchange on site 2
2nd MX points to Exchange on site 1
3rd MX points to ISP
Both exchange are setup to receive email for each other.
Now in our internal DNS we have created few MX records as well.
Site 1:
1st MX record for site 2 domain via internal IP
2nd MX record for site 2 domain via external IP
site 2:
1st MX record for site 1 domain via internal IP
2nd MX record for site 1 domain via external IP
This ensures that we receive mails even if our internet is down in either of the site.(Both sites have different ISP)
Also, it provides load balancing, if for some reason first exchange is busy, second can receive the mail and send it to us via internal link, after sometime.
Hi Guys,
sorry for the delay getting back to your comments (I've been away)
I think I'll got the Zyxel route for the "dual wan" function as I want to avoind the learning curve on cisco stuff so thanks for that wrwii12.
Prashsax- It seems like you've got a goos failsafe for your email system. At the moment, because of costs contraints, my client has only the 1 exchange server but I'm interested in how you configure 2 exchange boxes to receive and then deliver mail for each other. could you give me an insight into this?
Thank you both for your help- will split the points between you both!
sorry for the delay getting back to your comments (I've been away)
I think I'll got the Zyxel route for the "dual wan" function as I want to avoind the learning curve on cisco stuff so thanks for that wrwii12.
Prashsax- It seems like you've got a goos failsafe for your email system. At the moment, because of costs contraints, my client has only the 1 exchange server but I'm interested in how you configure 2 exchange boxes to receive and then deliver mail for each other. could you give me an insight into this?
Thank you both for your help- will split the points between you both!
Featured Post
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
This article will help to fix the below errors for MS Exchange Server 2016
I. Certificate error "name on the security certificate is invalid or does not match the name of the site"
II. Out of Office not working
III. Make Internal URLs and Externa…
This article is about building a site to site VPN tunnels in Cisco CSR1000V router with IOS XE.
There are two Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month8 days, 6 hours left to enroll
595 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.