Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Exchange 2010 OWA External DNS Record

Posted on 2011-09-24
9
Medium Priority
?
370 Views
Last Modified: 2012-05-12
How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
0
Comment
Question by:wmccann09
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
9 Comments
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594311
It wont more than 3 minutes if everything is working fine..
0
 

Author Comment

by:wmccann09
ID: 36594316
Is that how long it will take for the dns record to replicate so that everyone can access my owa again?
0
 
LVL 12

Expert Comment

by:Deepu Chowdary
ID: 36594321
Yes..
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 21

Accepted Solution

by:
Papertrip earned 2000 total points
ID: 36594421
Not sure where this 3 minutes came from...

The TTL value of a DNS record dictates the maximum time that the query result can be kept in cache.  After that a "fresh" query will be issued which will have a response of your updated IP.

Example:
[root@broken ~]# dig mx google.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6_0.1 <<>> mx google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28212
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 9

;; QUESTION SECTION:
;google.com.                    IN      MX

;; ANSWER SECTION:
google.com.             597     IN      MX      50 alt4.aspmx.l.google.com.
google.com.             597     IN      MX      10 aspmx.l.google.com.
google.com.             597     IN      MX      20 alt1.aspmx.l.google.com.
google.com.             597     IN      MX      30 alt2.aspmx.l.google.com.
google.com.             597     IN      MX      40 alt3.aspmx.l.google.com.

Open in new window


The 2nd field in that output is the TTL value.  In the above output, the TTL is 597, which means if I send that query again after 597 seconds, that a fresh non-cached result will be given.

So.

If the TTL of your old MX record was 3600 (1 hour), then the maximum time that any DNS cache will have that record is 1 hour.  After 1 hour from making the DNS change, all queries will get your new IP instead of the old cached result.
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 2000 total points
ID: 36594431
If this is a new DNS entry however, the change will be nearly immediate -- all depends on how fast the slave servers get the updates, which is generally a matter of seconds if the master/slave configs are setup properly.  Even then, if a query comes in immediately after adding the record, and DNS round robin sends you to the master server, it will be visible as soon as you reload the zone.

My first answer was based on the verbiage of your question, which was how long does it take for a record to update, rather than how long does it take for a new record to be visible.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594443
Oh one more thing to add if this is a new record.

Let's say the new record is newrecord.domain.com.  If, before adding the new record, a DNS resolver queries newrecord.domain.com, they will get a response of NXDOMAIN which means the record does not exist.  A resolver will cache an NXDOMAIN result for a maximum amount of time which is defined by the negative cache TTL value in the SOA record.
[root@broken ~]# dig soa google.com +short
ns1.google.com. dns-admin.google.com. 1463256 7200 1800 1209600 300

Open in new window

The last field in an SOA record is the negative cache TTL, which in this case is 5 minutes.
0
 

Author Comment

by:wmccann09
ID: 36594471
The Expire TTL is set for 86400.  So does that mean it will take 24 hours for the new record to be visible, so I can access my mail from my smartphone and owa.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594474
I gave you a lot of info so I want to make sure you are looking at the correct TTL -- is that 86400 the TTL for the A record or the neg cache TTL in the SOA?

If it's the record for the actual A record in question, then:

If this is an updated record and not a new one, then 1 day is the maximum time you can expect for the downtime.  It all depends on how long ago the DNS server you are querying did the last lookup for that record.  If the DNS server cached a result 1 second before you made that change, then they will see the old record for 86399 seconds.  If the server cached a result 23 hours before your change, then they will see the new record in an hour.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36594478
I just realized I mixed up A record and MX record in my replies, I think this was some confusion from your question.

How long does it take for the external dns mail record to update, so that our Exchange 2010 owa will work from outside the network?
A "mail record" is a record type of MX, while users accessing owa will be using the A record for owa.domain.com.  If this change was only for users accessing owa, and not for mail coming in for your domain, then the A record for owa.domain.com is the TTL you need to check.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Are you an Exchange administrator employed with an organization? And, have you encountered a corrupt Exchange database due to which you are not able to open its EDB file. This article will explain all the steps to repair corrupt Exchange database.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question