Solved

Exchange 2010 OWA External DNS Record

Posted on 2011-09-24
9
365 Views
Last Modified: 2012-05-12
How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
0
Comment
Question by:wmccann09
  • 5
  • 2
  • 2
9 Comments
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594311
It wont more than 3 minutes if everything is working fine..
0
 

Author Comment

by:wmccann09
ID: 36594316
Is that how long it will take for the dns record to replicate so that everyone can access my owa again?
0
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594321
Yes..
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 36594421
Not sure where this 3 minutes came from...

The TTL value of a DNS record dictates the maximum time that the query result can be kept in cache.  After that a "fresh" query will be issued which will have a response of your updated IP.

Example:
[root@broken ~]# dig mx google.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> mx google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28212
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 9

;; QUESTION SECTION:
;google.com.                    IN      MX

;; ANSWER SECTION:
google.com.             597     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             597     IN      MX      10 aspmx.l.google.com.
google.com.             597     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             597     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             597     IN      MX      40 alt3.aspmx.l.google.com.

Open in new window


The 2nd field in that output is the TTL value.  In the above output, the TTL is 597, which means if I send that query again after 597 seconds, that a fresh non-cached result will be given.

So.

If the TTL of your old MX record was 3600 (1 hour), then the maximum time that any DNS cache will have that record is 1 hour.  After 1 hour from making the DNS change, all queries will get your new IP instead of the old cached result.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 500 total points
ID: 36594431
If this is a new DNS entry however, the change will be nearly immediate -- all depends on how fast the slave servers get the updates, which is generally a matter of seconds if the master/slave configs are setup properly.  Even then, if a query comes in immediately after adding the record, and DNS round robin sends you to the master server, it will be visible as soon as you reload the zone.

My first answer was based on the verbiage of your question, which was how long does it take for a record to update, rather than how long does it take for a new record to be visible.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594443
Oh one more thing to add if this is a new record.

Let's say the new record is newrecord.domain.com.  If, before adding the new record, a DNS resolver queries newrecord.domain.com, they will get a response of NXDOMAIN which means the record does not exist.  A resolver will cache an NXDOMAIN result for a maximum amount of time which is defined by the negative cache TTL value in the SOA record.
[root@broken ~]# dig soa google.com +short
ns1.google.com. dns-admin.google.com. 1463256 7200 1800 1209600 300

Open in new window

The last field in an SOA record is the negative cache TTL, which in this case is 5 minutes.
0
 

Author Comment

by:wmccann09
ID: 36594471
The Expire TTL is set for 86400.  So does that mean it will take 24 hours for the new record to be visible, so I can access my mail from my smartphone and owa.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594474
I gave you a lot of info so I want to make sure you are looking at the correct TTL -- is that 86400 the TTL for the A record or the neg cache TTL in the SOA?

If it's the record for the actual A record in question, then:

If this is an updated record and not a new one, then 1 day is the maximum time you can expect for the downtime.  It all depends on how long ago the DNS server you are querying did the last lookup for that record.  If the DNS server cached a result 1 second before you made that change, then they will see the old record for 86399 seconds.  If the server cached a result 23 hours before your change, then they will see the new record in an hour.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594478
I just realized I mixed up A record and MX record in my replies, I think this was some confusion from your question.

How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
A "mail record" is a record type of MX, while users accessing owa will be using the A record for owa.domain.com.  If this change was only for users accessing owa, and not for mail coming in for your domain, then the A record for owa.domain.com is the TTL you need to check.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now