Configuring 2 Exchange 2003 front-end servers for redundancy and load balance.

I have 2 front-end Exchange 2003 servers and 6 back-end Exchange 2003 servers.  I have one routing group with one smtp connector to the Internet.

I would like for the 2 FE servers to handle both inbound and outbound email.  How do I configure them to have redundancy and load balance between the two servers?

For inbound email, my mx records (mail1.company.com and mail2.company.com) are being answered by Postini for filtering spam.  They forward the email to us.  For outbound email, I would like to send email directly out from the 2 FE servers.
atm1989Asked:
Who is Participating?
 
msghalebCommented:
you need first to configure Network Load Balancing between your 2 Front End Servers so at the end they will both have 1 IP.

You will recive mails on the above NLB IP (you need to give that to your ISP)

And then you can configure an SMTP connector to the internet and allow only the Frond End Servers to use it so all mails will go then throw them as well.

If you need step by step or some articles I can post.

Thank you.

MG
0
 
atm1989Author Commented:
Here is what I have done:

2 FE servers --> DNS A record for them are:
smtp2.company.com - NIC #1 - 10.10.0.12, NIC #2 - 10.10.10.12
smtp3.company.com - NIC #1 - 10.10.0.13, NIC #2 - 10.10.10.13

The NLB DNS A record is smtp1.company.com with an ip address of 10.10.10.11

You are recommending that I put smtp2.company.com and smtp3.company.com as bridgehead servers within the Internet Email connector.

Assign an external ip address to smtp1.company.com, let's say 198.212.146.26.  Configure the firewall to translate smtp1.company.com (10.10.10.11) = mail1.company.com (198.212.146.26).  Give the ISP the MX record = mail1.company.com (198.212.146.26).

Did I miss anything?

Are you recommending NLB over DNS round-robin (2 MX records with equal weights)?  This means I would only need to create one mx record?

Let's say smtp2.winstead.com goes down, all email would still be flowing in and out because smtp3.winstead.com is up, correct?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
msghalebCommented:
You didn't miss anything that's exactly it.

about round robin, you don't need it as the mails will come on the NLB IP which is load balanced already, the out going mails will try the other server if the 1st is down, to make it real I would say do it without Round Robin and put off one server, it's always good to see what a disaster will look like before it happen.

MG
0
 
atm1989Author Commented:
We will put this into production this Saturday night.  I will let you know how it goes.  Thanks.
0
 
msghalebCommented:
ok thank you.
0
 
atm1989Author Commented:
Do I need to restart any services in order for the back-end servers to know how to route outbound mail to the new front-end bridgehead servers?
0
 
msghalebCommented:
usually not, but in case of any problems review your configurations and reboot just to be sure.

MG
0
 
atm1989Author Commented:
The PIX could not route mail from external through the NLB cluster name.  We ended up specifying the 2 SMTP servers in the PIX.  We will only use NLB for OWA.
0
 
msghalebCommented:
that is strange, to make sure that the problem is in the PIX side not the Exchange try to telnet to the NLB IP on port 25 and send mail.

Telnet NLBIP 25
helo
mail from: xyz@gmail.com
rcpt to: anyuser@yourdomain.com
data
blah blah.
.
quit

and check if u got the mail if yes then PIX is the problem cause.

If zou can let the PIX make the load balance that's ok.

http://support.microsoft.com/kb/153119

Thank you

MG
0
 
atm1989Author Commented:
From the behind the PIX, I cannot telnet to the NLB IP (10.10.10.11) via port 25.  I just get a blank screen.  I get the same result when I telnet to the physical nodes IP addresses, 10.10.10.12 and 10.10.10.13.

I can telnet to port 25 via these ip addresses, 10.10.0.12 and 10.10.0.13.  So I ended up configuring the PIX with these ip addresses to get Internet mail to flow in.

I will need to get NLB to work for OWA though.  In theory, I should be able to have one DNS record for OWA, like owa.company.com pointing to the NLB Clustered Name.  It should be able to direct HTTPS traffic to any of the 2 nodes that are associated to it.

Any input would be appreciated.
0
 
msghalebCommented:
well, can you telnet to the NLB IP address from inside ur LAN? if yes then NLB is fine it's just a PIX issue.

If not then its NLB issue.

You can also configure the OWA DNS to be round Robin in case u have 2 IPs.

MG
0
 
atm1989Author Commented:
That's what I meant by behind the PIX.  I cannot telnet via port 25 to the NLB IP from my pc.  I can ping the IP address.

I can connect to this NLB cluster via the NLB Manager.  I am not getting any errors, so I have to guess that it is configured correctly.
0
 
msghalebCommented:
Then its the PIX, to be honest I don't know PIX, but may be someone else here can help or in the networking zone.

MG
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.