Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 351
  • Last Modified:

Query on clustering and IP addresses

Hi Forum,

I have installed a Windows 2008 2-node cluster for SMTP purposes.

Node1: 192.168.1.1
Node2: 192.168.1.2
Cluster1: 192.168.1.3

Cluster1 is the clustered address/hostname. All three are registered in DNS.

Applications on our network will be configured to use an SMTP server of: Cluster1 (or 192.168.1.3 if we need to specify an IP).

We have some ports of the network that are not accessible due a firewall being placed between that subnet and the rest. So, for example, Server1 in a restricted subnet needs to send SMTP mail. We'll need to open port 25, but to what destination, 192.168.1.1 and 192.168.1.2, or those AND 192.168.1.3, or just 192.168.1.3 only?

Thanks in advance.
0
kam_uk
Asked:
kam_uk
  • 4
  • 2
1 Solution
 
page1985Commented:
You should be able to open the firewall to point to the cluster address only being as the nodes in the cluster will listen on the cluster IP for all clustered traffic.
0
 
dolomitiCommented:
hi,
I believe you need another name/address: the application one

node1, points to node1
node2, points to node3
cluster is just to manage it from you
Application1   192.168.1.4

Now you have to use cluster: build a resource group as Fileserver, SMTP, SQL server,...
and depending of type, give networkname,ipadress,resourcedisk,...
and inform users, firewall, dns, ecc about Application1 and/or  192.168.1.4

Then will be a problem of MSCS to run Applicatio01 on node1 or 2.

bye
vic
0
 
page1985Commented:
This is true.  I was assuming you had already clustered the application and the IP was the application's cluster IP.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
kam_ukAuthor Commented:
Sorry guys - I should have mentioned, this is Windows 2008 NLB clustering I am using, not the hardware type clustering where you have resource groups, networkname etc
0
 
page1985Commented:
The cluster address should still receive the traffic because if you send traffic to the node addresses one of two (or both) things will happen:
1) Only the node will receive the traffic
2) Neither node will receive the traffic because it's a Unicast cluster and the node addresses are management only.
0
 
kam_ukAuthor Commented:
Yep it's set up as a Unicast cluster.

So the only IP I need to open up on my firewall is the cluster address? Just to confirm :)
0
 
page1985Commented:
Correct.  Only open the cluster address.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now