darrell_chapman
asked on
Windows Routing with Multiple Gateways
Long story short, I have a client who is migrating from one ISP (ISP1) to a new ISP (ISP2). They need to migrate over to the new network (ISP2) without interruption of their on-site hosted e-mail server. They do not have a router on-site and each ISP simply provides them with an Ethernet port for Internet Access. The server has been setup with an additional IP address provided from ISP2 and the server will respond to that IP address however the problem is that I need to specify that traffic coming in through ISP1 should leave via ISP1 and traffic coming in through ISP2, leave via ISP2. I think this can be done with dual gateways in Windows' IP configuration but I also think that static routes need to be added. I don't know how to do this. Can someone help please? The goal is to get it listening on both networks until all DNS changes have propagated.
Here are some sample IP addresses for the two networks:
ISP1:
74.26.144.0/27 - Network Address
74.26.144.1/27 - ISP1 Router (added as default gateway)
74.26.144.2/27 - Old E-mail Server Address
...
74.26.144.31/27 - Broadcast Address
ISP2:
66.172.50.0.0/27 - Network Address
66.172.50.1/27 - ISP2 Router (added as default gateway)
66.172.50.2/27 - New E-mail Server Address
...
66.172.50.31/27 - Broadcast Address
Here are some sample IP addresses for the two networks:
ISP1:
74.26.144.0/27 - Network Address
74.26.144.1/27 - ISP1 Router (added as default gateway)
74.26.144.2/27 - Old E-mail Server Address
...
74.26.144.31/27 - Broadcast Address
ISP2:
66.172.50.0.0/27 - Network Address
66.172.50.1/27 - ISP2 Router (added as default gateway)
66.172.50.2/27 - New E-mail Server Address
...
66.172.50.31/27 - Broadcast Address
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
I do have additional network cards on the servers however I was trying to avoid having to use them for this. That might be the best option so far.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
The normal timeout period for SMTP to make contact with a target SMTP Service is 48 hours (2 days) before sending an NDR. So no email is going to be lost
ASKER
pwindell, thanks for your routing help. That is an area I'm lacking however I am an expert in DNS.
Although the IETF RFC spec tells you how exactly DNS should behave, my years of experience with DNS tell me otherwise. I know for a fact (through testing) that certain ISP's ignore TTL data and cache records for an unspecified amount of time. This is the reason I was hoping to have both Interfaces running concurrently with my current setup.
I understand how SMTP works. Some servers will continue to try to contact the mail server however some will send an "message delayed" e-mail to the original sender. I need to avoid this so that I'm not hounded will calls from their clients asking why they can't send mail to them. Also this particular client cannot afford to have message delays. Although they understand the limitations of e-mail, they are still using their e-mail as a real-time communication platform.
I guess I'll just have to setup additional interfaces on each server.
Again thanks for your help.
Although the IETF RFC spec tells you how exactly DNS should behave, my years of experience with DNS tell me otherwise. I know for a fact (through testing) that certain ISP's ignore TTL data and cache records for an unspecified amount of time. This is the reason I was hoping to have both Interfaces running concurrently with my current setup.
I understand how SMTP works. Some servers will continue to try to contact the mail server however some will send an "message delayed" e-mail to the original sender. I need to avoid this so that I'm not hounded will calls from their clients asking why they can't send mail to them. Also this particular client cannot afford to have message delays. Although they understand the limitations of e-mail, they are still using their e-mail as a real-time communication platform.
I guess I'll just have to setup additional interfaces on each server.
Again thanks for your help.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Why don't you just setup another MX record for your domain.
Configure these settings in DNS.
mail.domain.com 74.26.144.2
mail2.domain.com 66.172.50.2
MX 10 mail.domain.com
MX 15 mail2.domain.com
That way if they can't resolve to the first one they will be able to get to the other one.
Set that up first then wait for about 12 hours so every DNS Server has this in their records then switch the gateway over to the Mail 2 IP and there you go, no lost emails.
You can then remove the MX 10 entry and the mail.domain.com entries or just switch the IP's over.
Regards
Brett Smith
One IT - DNS Specialist
Configure these settings in DNS.
mail.domain.com 74.26.144.2
mail2.domain.com 66.172.50.2
MX 10 mail.domain.com
MX 15 mail2.domain.com
That way if they can't resolve to the first one they will be able to get to the other one.
Set that up first then wait for about 12 hours so every DNS Server has this in their records then switch the gateway over to the Mail 2 IP and there you go, no lost emails.
You can then remove the MX 10 entry and the mail.domain.com entries or just switch the IP's over.
Regards
Brett Smith
One IT - DNS Specialist
Wow, I didn't know this was still running. You can also setup a third party spam solution. One out there that I used and was good for just this purpose was GFIMax. The best part is that they give a 30 day free trial.
Although Brett probably has the simpleiest answer which should work well
Shareef
Although Brett probably has the simpleiest answer which should work well
Shareef
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
ASKER
Sorry everyone. It was not my intention to abandon this question. I do not think I was getting e-mails from Experts-Exchange. I did get the reply that was added today. Thanks for everyone's assistance.
ASKER