Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Exchange 2010 OWA External DNS Record

Posted on 2011-09-24
9
Medium Priority
?
377 Views
Last Modified: 2012-05-12
How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
0
Comment
Question by:wmccann09
  • 5
  • 2
  • 2
9 Comments
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594311
It wont more than 3 minutes if everything is working fine..
0
 

Author Comment

by:wmccann09
ID: 36594316
Is that how long it will take for the dns record to replicate so that everyone can access my owa again?
0
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594321
Yes..
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
LVL 21

Accepted Solution

by:
Papertrip earned 2000 total points
ID: 36594421
Not sure where this 3 minutes came from...

The TTL value of a DNS record dictates the maximum time that the query result can be kept in cache.  After that a "fresh" query will be issued which will have a response of your updated IP.

Example:
[root@broken ~]# dig mx google.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> mx google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28212
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 9

;; QUESTION SECTION:
;google.com.                    IN      MX

;; ANSWER SECTION:
google.com.             597     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             597     IN      MX      10 aspmx.l.google.com.
google.com.             597     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             597     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             597     IN      MX      40 alt3.aspmx.l.google.com.

Open in new window


The 2nd field in that output is the TTL value.  In the above output, the TTL is 597, which means if I send that query again after 597 seconds, that a fresh non-cached result will be given.

So.

If the TTL of your old MX record was 3600 (1 hour), then the maximum time that any DNS cache will have that record is 1 hour.  After 1 hour from making the DNS change, all queries will get your new IP instead of the old cached result.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 2000 total points
ID: 36594431
If this is a new DNS entry however, the change will be nearly immediate -- all depends on how fast the slave servers get the updates, which is generally a matter of seconds if the master/slave configs are setup properly.  Even then, if a query comes in immediately after adding the record, and DNS round robin sends you to the master server, it will be visible as soon as you reload the zone.

My first answer was based on the verbiage of your question, which was how long does it take for a record to update, rather than how long does it take for a new record to be visible.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594443
Oh one more thing to add if this is a new record.

Let's say the new record is newrecord.domain.com.  If, before adding the new record, a DNS resolver queries newrecord.domain.com, they will get a response of NXDOMAIN which means the record does not exist.  A resolver will cache an NXDOMAIN result for a maximum amount of time which is defined by the negative cache TTL value in the SOA record.
[root@broken ~]# dig soa google.com +short
ns1.google.com. dns-admin.google.com. 1463256 7200 1800 1209600 300

Open in new window

The last field in an SOA record is the negative cache TTL, which in this case is 5 minutes.
0
 

Author Comment

by:wmccann09
ID: 36594471
The Expire TTL is set for 86400.  So does that mean it will take 24 hours for the new record to be visible, so I can access my mail from my smartphone and owa.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594474
I gave you a lot of info so I want to make sure you are looking at the correct TTL -- is that 86400 the TTL for the A record or the neg cache TTL in the SOA?

If it's the record for the actual A record in question, then:

If this is an updated record and not a new one, then 1 day is the maximum time you can expect for the downtime.  It all depends on how long ago the DNS server you are querying did the last lookup for that record.  If the DNS server cached a result 1 second before you made that change, then they will see the old record for 86399 seconds.  If the server cached a result 23 hours before your change, then they will see the new record in an hour.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594478
I just realized I mixed up A record and MX record in my replies, I think this was some confusion from your question.

How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
A "mail record" is a record type of MX, while users accessing owa will be using the A record for owa.domain.com.  If this change was only for users accessing owa, and not for mail coming in for your domain, then the A record for owa.domain.com is the TTL you need to check.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As much as Microsoft wants to kill off PST file support, just as they tried to do with public folders, there are still times when it is useful or downright necessary to export Exchange mailboxes to PST files. Thankfully, it is still possible to e…
Steps to fix error: “Couldn’t mount the database that you specified. Specified database: HU-DB; Error code: An Active Manager operation fail”
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Suggested Courses

963 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question