• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2044
  • Last Modified:

One mail server, two MX records (different ISPs)?

We have two lines from two different ISPs coming into our office.  We only have one Exchange server.  Is it possible to have two MX records for the one server so we can utilize failover on between the lines?  I would definitely have a primarly line and backup line configuration (so the MX records could have priority).  

The email server would be setup as a NAT behind the two firewalls.  Both external IPs pointed to the same internal IP...unless there has to be two different internal IPs for some reason.

Thanks

Brian
0
itneonatal
Asked:
itneonatal
  • 4
  • 3
  • 2
  • +1
1 Solution
 
jkarnes12Commented:
Yes, just weight the MX records appropriately.  (i.e. weght the primary line with a value of 10, and the secondary line with a value of 100)
0
 
tigermattCommented:

There's no need for two internal IPs on the Exchange Server. Just give it a single IP, and have all the firewall rules in both firewalls point to that internal IP for the SMTP rule (port 25).

You can either choose to have both lines act equally, or have one take precedence over the other. If the two Internet connections are the same speed and so on, I'd definitely do a little 'load balancing' by going for the former option. However, you could dedicate one line to predominantly receiving email by setting the Costs on your MX records correctly.

Remember, however, you'd need to ensure you had correct PTR (Reverse DNS) records created at BOTH ISP's for the static IP you have leased through that ISP. Ensure the PTR records map across to the MX record name which is associated with that ISP's line.

-Matt
0
 
MesthaCommented:
From an Exchange point of view, there is no problem.
However you are going to have routing issues.
You can only have one default gateway on a server without major headaches, so unless you put both connections in to the same router and use a dual WAN router you will need two servers.

-M
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
itneonatalAuthor Commented:
Thanks for the comments.  It sounds like we can do it, but here is a bit more information for everyone.  I was so worried about getting email in I never thought about getting email out.  After reading Mestha's comments, I'm concerned how I could get that to work as well.  Any ideas?

Exchange 2003 (10.1.0.x)
     |
Cisco 1800 (10.1.0.1) ----- (10.1.0.2) Cisco PIX ---- ISP A
     |
     |
{WAN to datacenter}
     |
     |
Cisco 1800 (10.2.0.1) ----- (10.2.0.2) Cisco PIX ---- ISP B
0
 
MesthaCommented:
As long as Exchange sees the traffic coming from a single gateway, then the routers will sort out the rest.

-M
0
 
itneonatalAuthor Commented:
But, I'm unclear how the emails will go outbound?  I understand the inbound because I can just enter the NAT translation on the data center PIX (10.2.0.2).  I don't understand how emails can get out, though.  What modification do I need to make so it will happen when ISP A is down?
0
 
itneonatalAuthor Commented:
I tested it setup with the NAT added to the ISP B PIX.  I can ping the mail server (10.1.0.x) from te datacenter PIX (10.2.0.x)  However, no email is coming though.
0
 
MesthaCommented:
Exchange will send email out through the default gateway, so that will be the router closest to the server. What happens to the traffic then will depend on how you have your router configured.

I don't think double natting will work. Something needs to accept the traffic in the second site on port 25 and then pass it to Exchange. Routers alone are not going to be enough unless you have a dual WAN port configuration so the router can sort out the traffic from two destinations.

If there are no other SMTP servers involved then I misunderstood your diagram.

-M
0
 
itneonatalAuthor Commented:
But, I'm unclear how the emails will go outbound?  I understand the inbound because I can just enter the NAT translation on the data center PIX (10.2.0.2).  I don't understand how emails can get out, though.  What modification do I need to make so it will happen when ISP A is down?
0
 
tigermattCommented:

The easiest route to use is a dual WAN router, and have both WAN connections going into that single router. This gives you a single gateway to point the Exchange Server to. The router is then responsible for handling the balancing of traffic between the two lines.

In this configuration the Exchange Server doesn't know there are two ISP lines installed. It would just send all outbound traffic to the router, which then does its work and will use one ISP line if the other is down.

-Matt
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now