[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Configuring 2 Exchange 2003 front-end servers for redundancy and load balance.

Posted on 2007-10-18
15
Medium Priority
?
487 Views
Last Modified: 2013-11-30
I have 2 front-end Exchange 2003 servers and 6 back-end Exchange 2003 servers.  I have one routing group with one smtp connector to the Internet.

I would like for the 2 FE servers to handle both inbound and outbound email.  How do I configure them to have redundancy and load balance between the two servers?

For inbound email, my mx records (mail1.company.com and mail2.company.com) are being answered by Postini for filtering spam.  They forward the email to us.  For outbound email, I would like to send email directly out from the 2 FE servers.
0
Comment
Question by:atm1989
  • 8
  • 6
14 Comments
 
LVL 6

Accepted Solution

by:
msghaleb earned 2000 total points
ID: 20107283
you need first to configure Network Load Balancing between your 2 Front End Servers so at the end they will both have 1 IP.

You will recive mails on the above NLB IP (you need to give that to your ISP)

And then you can configure an SMTP connector to the internet and allow only the Frond End Servers to use it so all mails will go then throw them as well.

If you need step by step or some articles I can post.

Thank you.

MG
0
 

Author Comment

by:atm1989
ID: 20109360
Here is what I have done:

2 FE servers --> DNS A record for them are:
smtp2.company.com - NIC #1 - 10.10.0.12, NIC #2 - 10.10.10.12
smtp3.company.com - NIC #1 - 10.10.0.13, NIC #2 - 10.10.10.13

The NLB DNS A record is smtp1.company.com with an ip address of 10.10.10.11

You are recommending that I put smtp2.company.com and smtp3.company.com as bridgehead servers within the Internet Email connector.

Assign an external ip address to smtp1.company.com, let's say 198.212.146.26.  Configure the firewall to translate smtp1.company.com (10.10.10.11) = mail1.company.com (198.212.146.26).  Give the ISP the MX record = mail1.company.com (198.212.146.26).

Did I miss anything?

Are you recommending NLB over DNS round-robin (2 MX records with equal weights)?  This means I would only need to create one mx record?

Let's say smtp2.winstead.com goes down, all email would still be flowing in and out because smtp3.winstead.com is up, correct?
0
Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

 
LVL 6

Expert Comment

by:msghaleb
ID: 20109813
You didn't miss anything that's exactly it.

about round robin, you don't need it as the mails will come on the NLB IP which is load balanced already, the out going mails will try the other server if the 1st is down, to make it real I would say do it without Round Robin and put off one server, it's always good to see what a disaster will look like before it happen.

MG
0
 

Author Comment

by:atm1989
ID: 20109963
We will put this into production this Saturday night.  I will let you know how it goes.  Thanks.
0
 
LVL 6

Expert Comment

by:msghaleb
ID: 20110673
ok thank you.
0
 

Author Comment

by:atm1989
ID: 20116411
Do I need to restart any services in order for the back-end servers to know how to route outbound mail to the new front-end bridgehead servers?
0
 
LVL 6

Expert Comment

by:msghaleb
ID: 20117112
usually not, but in case of any problems review your configurations and reboot just to be sure.

MG
0
 

Author Comment

by:atm1989
ID: 20117959
The PIX could not route mail from external through the NLB cluster name.  We ended up specifying the 2 SMTP servers in the PIX.  We will only use NLB for OWA.
0
 
LVL 6

Expert Comment

by:msghaleb
ID: 20118412
that is strange, to make sure that the problem is in the PIX side not the Exchange try to telnet to the NLB IP on port 25 and send mail.

Telnet NLBIP 25
helo
mail from: xyz@gmail.com
rcpt to: anyuser@yourdomain.com
data
blah blah.
.
quit

and check if u got the mail if yes then PIX is the problem cause.

If zou can let the PIX make the load balance that's ok.

http://support.microsoft.com/kb/153119

Thank you

MG
0
 

Author Comment

by:atm1989
ID: 20122849
From the behind the PIX, I cannot telnet to the NLB IP (10.10.10.11) via port 25.  I just get a blank screen.  I get the same result when I telnet to the physical nodes IP addresses, 10.10.10.12 and 10.10.10.13.

I can telnet to port 25 via these ip addresses, 10.10.0.12 and 10.10.0.13.  So I ended up configuring the PIX with these ip addresses to get Internet mail to flow in.

I will need to get NLB to work for OWA though.  In theory, I should be able to have one DNS record for OWA, like owa.company.com pointing to the NLB Clustered Name.  It should be able to direct HTTPS traffic to any of the 2 nodes that are associated to it.

Any input would be appreciated.
0
 
LVL 6

Expert Comment

by:msghaleb
ID: 20122885
well, can you telnet to the NLB IP address from inside ur LAN? if yes then NLB is fine it's just a PIX issue.

If not then its NLB issue.

You can also configure the OWA DNS to be round Robin in case u have 2 IPs.

MG
0
 

Author Comment

by:atm1989
ID: 20123330
That's what I meant by behind the PIX.  I cannot telnet via port 25 to the NLB IP from my pc.  I can ping the IP address.

I can connect to this NLB cluster via the NLB Manager.  I am not getting any errors, so I have to guess that it is configured correctly.
0
 
LVL 6

Expert Comment

by:msghaleb
ID: 20123428
Then its the PIX, to be honest I don't know PIX, but may be someone else here can help or in the networking zone.

MG
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
Eseutil Hard Recovery is part of exchange tool and ensures Exchange mailbox data recovery when mailbox gets corrupt due to some problem on Exchange server.
how to add IIS SMTP to handle application/Scanner relays into office 365.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question