Solved

Exchange 2010 OWA External DNS Record

Posted on 2011-09-24
9
368 Views
Last Modified: 2012-05-12
How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
0
Comment
Question by:wmccann09
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
9 Comments
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594311
It wont more than 3 minutes if everything is working fine..
0
 

Author Comment

by:wmccann09
ID: 36594316
Is that how long it will take for the dns record to replicate so that everyone can access my owa again?
0
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594321
Yes..
0
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 36594421
Not sure where this 3 minutes came from...

The TTL value of a DNS record dictates the maximum time that the query result can be kept in cache.  After that a "fresh" query will be issued which will have a response of your updated IP.

Example:
[root@broken ~]# dig mx google.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> mx google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28212
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 9

;; QUESTION SECTION:
;google.com.                    IN      MX

;; ANSWER SECTION:
google.com.             597     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             597     IN      MX      10 aspmx.l.google.com.
google.com.             597     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             597     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             597     IN      MX      40 alt3.aspmx.l.google.com.

Open in new window


The 2nd field in that output is the TTL value.  In the above output, the TTL is 597, which means if I send that query again after 597 seconds, that a fresh non-cached result will be given.

So.

If the TTL of your old MX record was 3600 (1 hour), then the maximum time that any DNS cache will have that record is 1 hour.  After 1 hour from making the DNS change, all queries will get your new IP instead of the old cached result.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 500 total points
ID: 36594431
If this is a new DNS entry however, the change will be nearly immediate -- all depends on how fast the slave servers get the updates, which is generally a matter of seconds if the master/slave configs are setup properly.  Even then, if a query comes in immediately after adding the record, and DNS round robin sends you to the master server, it will be visible as soon as you reload the zone.

My first answer was based on the verbiage of your question, which was how long does it take for a record to update, rather than how long does it take for a new record to be visible.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594443
Oh one more thing to add if this is a new record.

Let's say the new record is newrecord.domain.com.  If, before adding the new record, a DNS resolver queries newrecord.domain.com, they will get a response of NXDOMAIN which means the record does not exist.  A resolver will cache an NXDOMAIN result for a maximum amount of time which is defined by the negative cache TTL value in the SOA record.
[root@broken ~]# dig soa google.com +short
ns1.google.com. dns-admin.google.com. 1463256 7200 1800 1209600 300

Open in new window

The last field in an SOA record is the negative cache TTL, which in this case is 5 minutes.
0
 

Author Comment

by:wmccann09
ID: 36594471
The Expire TTL is set for 86400.  So does that mean it will take 24 hours for the new record to be visible, so I can access my mail from my smartphone and owa.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594474
I gave you a lot of info so I want to make sure you are looking at the correct TTL -- is that 86400 the TTL for the A record or the neg cache TTL in the SOA?

If it's the record for the actual A record in question, then:

If this is an updated record and not a new one, then 1 day is the maximum time you can expect for the downtime.  It all depends on how long ago the DNS server you are querying did the last lookup for that record.  If the DNS server cached a result 1 second before you made that change, then they will see the old record for 86399 seconds.  If the server cached a result 23 hours before your change, then they will see the new record in an hour.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594478
I just realized I mixed up A record and MX record in my replies, I think this was some confusion from your question.

How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
A "mail record" is a record type of MX, while users accessing owa will be using the A record for owa.domain.com.  If this change was only for users accessing owa, and not for mail coming in for your domain, then the A record for owa.domain.com is the TTL you need to check.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
After hours on line I found a solution which pointed to the inherited Active Directory permissions . You have to give/allow permissions to the "Exchange trusted subsystem" for the user in the Active Directory...
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question