Solved

Dual Static IP addresses for one E-mail server

Posted on 2009-07-14
8
539 Views
Last Modified: 2013-12-25
Hello all:

    I'm hosting an E-mail server (and web server) for a client of mine.  It has about four different domains on currently.  I want to have redundant Internet connections, so I now have a static IP address from the cable company (primary connection) and a static IP from a DSL line from the phone company.  My question is, how is the best way to set up the DNS, MX records, routers, etc. to have the quickest cut-over should my primary Internet connection go down?  Server is running RedHat Enterprise 5.
0
Comment
Question by:jhuntii
  • 4
  • 4
8 Comments
 
LVL 2

Expert Comment

by:onethreefour
ID: 24856197
One easy method you could utilize is manually performing the switch of the MX record in dns when one connection fails. To accomidate this you would first want to make a change to the TTL for your MX and/or A record in your name server, like this:
mail                             300     IN      A       11.22.33.44
domain.com.                             300     IN      MX      mail.domain.com.

By specifying the '300' before 'IN' you are setting a TTL of 300 seconds or 5 minutes...  What this does is tells all the other name servers out on the internet to update their records which associate your NAME to the specified IP address... This will make it so if  you do have a failure and you manually change the IP address in your DNS record, then the change should propagate across the net within 5 minutes or so...

Of course the real way to accomplish redundancy for mail servers is by specifying multiple prioritized MX records.  But this will not work ideally for you since one of your IP addresses is dynamic.

domain.com.     IN     MX     10  mail.domain.com.
                         IN     MX     100  mail2.domain.com.

In the above case if the '10' mail.domain.com can not be reached, it will 'failover' to mail2.domain.com...

Hope this helps!  Good luck!
0
 

Author Comment

by:jhuntii
ID: 24866441
Yes, that helps a lot.  Actually, both addresses are static.  In your second example, if we fail over to the second address, would all the users have to change their Outlook settings to mail2.domain.com for POP3 access??  If so, this may be a problem.
0
 
LVL 2

Expert Comment

by:onethreefour
ID: 24881606
You are correct, if you 'failover' to mail2, then your customers will not be able to reach mail.domain.com for pop3 access....   The main purpose of multiple prioritized MX records is simply to keep the mail server up and running, so that it can continue to receive emails from other mail servers... It does not help customers with pop3 access to continue to receive their emails, even though all of their emails ARE being received by the mail server while it is in 'failover mode' and being held for them until they can reach the mail server...

There are a couple of things you could do manually to overcome this problem.   One thing would be to utilize that 300 TTL method.  Then when you 'failedover' you could change the DNS IP address for mail.domain.com so that your users could still hit the mail server with pop3...  This process could also be automated using perl scripts that run on the cron... Have a perl script on your mail server try and ping the gateway for each of your 2 circuits.  Then if it finds one circuit un-reachable, it could alter your DNS zone file and reload your dns... Maybe easier, when it finds an un-reachable gateway it could simply send you an email or sms or something to notify you so that you could manually change your DNS.......

There are also utilities out there that can accomplish the above described tasks... You are not the first person to run into this problem, especially in the earlier years of the internet, 10 years ago and before, people ran into the issues that you described much more often...  I will hunt around a bit and see if I can find any utilities that may help you out and be an easier method for you to implement...
0
 

Author Comment

by:jhuntii
ID: 24883505
Yes, that would be great if there were an easier way.  I think the control panel we're using also allows some DNS functionality.  Maybe we could run a DNS server and have DNS1 and DNS2 point to both of our static IP address.  Internally, we would route to the mail server.  Then, if either one goes down, it shouldn't make any difference - if I'm thinking correctly... :)
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 2

Accepted Solution

by:
onethreefour earned 500 total points
ID: 24887397
Well any way you look at it, you real solution here is in lowering your DNS timeouts (by using the previously explained methods), which will force changes to your DNS records to be propagated across the net within 5 minutes or so...  This will allow you to switch the DNS record for your pop3 server to whichever static IP address is currently live online...  

In the easiest deployment, once accomplishing the above, you would then just need to simply adjust the settings for your DNS in your name server manually whenever necessary.

Beyond that it sounds like you may be limited due to your access to the server.  You could employ perl scripts to notify you or change your dns settings for you if thats a possibility.  You may be able to find other scripts or utilities that could do the DNS adjustment for you, but in the end somehow adjusting your DNS is your only real solution without throwing money at the problem...
0
 
LVL 2

Expert Comment

by:onethreefour
ID: 25126626
Any luck?
0
 

Author Comment

by:jhuntii
ID: 25143389
Sorry, I've been called out on other tasks, but should be getting back to this one in the next few days. :)
0
 

Author Closing Comment

by:jhuntii
ID: 31603489
Thanks very much for your advise.  I've been away on other projects and will adjust the TTL like you recommended.  Thanks.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now