Solved

Two Exchange 2010 servers, no email between them. AD Sites Issue

Posted on 2013-11-09
8
705 Views
Last Modified: 2015-04-02
I have a client with two Exchange 2010 servers in different sites. Since we added a third site (no Exchange) to AD, no email has flowed between the two Exchange servers themselves. External email is being delivered to the first server and being sent out but any email destined for a mailbox on the second server is queued as "Unreachable" with the error "There is currently no route to the mailbox database"

Email on the second server is queued with the same error for internal emails and "A matching connecter cannot be found to route to the external recipient". The connector is there and correctly resolving.

The Application log has MS Exchange Transport errors as follows:

5006: Cannot find route to Mailbox Server CN=<EXCH SRV Name>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<Exch Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<local domain>,DC=local for store CN=<Exch Store Name>,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<Exch Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<localdomain>,DC=local in routing tables with timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to this store.

5015: Microsoft Exchange cannot find a route to the source transport server or home MTA server CN=<EXCH SRV Name>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<EXCH Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<Local Domain>,DC=local for connector CN=Text Messaging Delivery Agent Connector,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<EXCH Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<Local Domain>,DC=local in routing tables with timestamp 9/11/2013 6:39:50 AM. Microsoft Exchange is ignoring the source transport server.

5008: The topology does not contain any route to server <EXCH SRV Name>.<Local Domain>.local in Active Directory site <AD Site> in routing tables with timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to this server.

5007:  The topology doesn't contain a route to Active Directory site <AD Site> in routing tables with the timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to servers in this Active Directory site. Hub Transport server <EXCH SRV Name>.<Local Domain>.local is unreachable.

This has been working fine up until now, specifically until a third site was added to AD and the third site DC had its replication errors fixed. There were DNS issue and TCP Routing issues that needed to be fixed as AD was not able to replicate in two directions. Now AD is replicating without error, Exchange has stopped.

Both Exchange servers can see each other.  Both Exchange Servers are using the same DC for configuration information. Both Exchange servers can bind RPC connections to the other and to all DCs. both Exchange servers are correctly resolving both short and FQ domain names. Both Exchange Servers Management consoles can connect to the other and see and manage all aspects of Exchange.

It is just email is not flowing between them.

The Errors above indicate an error in the routing or AD Sites and Services with the servers not having site information. The commandlet Get-ExchangeServer | ft Name, Site returns the correct server information with the correct site information.

If anyone has anything else I can try, I am all ears. In Australia I cant open a PSS call until after 8am Monday and I would like to have this operational before then.

EXBPA tests all test OK on both servers, no errors. The Exchange Troubleshooting Assistant also shows no errors. The Routing Log Viewer shows the correct servers, sites, connectors and mailbox stores.

Thanks,
Ben
0
Comment
Question by:benchapman
  • 3
  • 2
8 Comments
 
LVL 4

Expert Comment

by:Smighty
ID: 39635555
"Cannot find route to Mailbox Server" tells you, that Exchange is not able to find its partner.
The solution lies in the Send/Receive-Connectors.
For mail to flow correctly you have to have a clean communication between the servers.

From what you describe you cannot communicate between the two servers at all.
(Site 1) Server 1 is sending mails to the internet (relaying) properly, so this send connector is ok.
(Site 2) Server 2 I assume would send its mails for relaying to Server 1 which then send it to the internet.
(Site 3) has no connection to exchange.

I would look into the receive connectors of all exchange servers and establish the following:
1 Mails can be received from other Exchange Servers in the Environment
2 Mails can be received from Clients in all Sites

For the first one, you have to make sure that all Exchange-Server IP Addresses are set up in the Receive connector that allows Exchange Servers to communicate via TLS.

For the second one you have to make sure that Exchange Clients are able to authenticate properly and the Receive Connector accepts messages from the IP-Range of Site 3 (if you set up the receive connector to listen only to certain IP networks, then this would explain why you can't reach the servers from Site 3


Additionally, I would query a few DNS Stings from Site 3 to see if they match up with the same queries on Site 1 and 2 - Look for the Servername but the MX-Entry as well.
If you have one Active Directory Domain the settings should be okay, because of DNS replicating via Active Directory. If you have made a Subdomain, make sure the DNS forwarding works properly.

greetings,
David
0
 
LVL 1

Author Comment

by:benchapman
ID: 39635562
THanks David

I am pretty sure it is an AD issue related to Sites and services, that was where I was stuffing around for a while to get two way replication to site three working when the email delivery stopped. DNS was part of this job which was ensuring all DNS servers and sites were consistent.

The receive connectors appear to be working fine. All tests indicate that the servers can find each other, it is just this email routing issue.

I am still plugging through it, at least with AD replicating properly and DNS all working, I am narrowing it down.

Regards
Ben
0
 
LVL 1

Accepted Solution

by:
benchapman earned 0 total points
ID: 39635568
I just stumbled on the solution. The DEFAULTIPSITELINK in AD Sites and Services may not have been right (there was only one IP transport link configured). I moved the two remote sites out of it, applied and moved them back in on the main DC. Email then started flowing one way (from the main site to the remote site). I forced replication to the other DC's and restarted the remote Exchange AD Topology service and the remote queue delivered back the other way as well as out via the internet send connector (all emails are logged as passing through Mail Marshal successfully)

No idea what happened or how but adding the third site to the DEFAULTIPSITELINK did something strange.

Now I can go to bed!
0
 
LVL 4

Expert Comment

by:Smighty
ID: 39636183
The Site Link. I should have thought of that.
Yes, when you create a third site, you have to setup site link manually. This is because AD wants that you tell it which DCs (Sites) have to replicate with each other.
The second Site can only be linked to the first one, but starting with the third site you have the choice (depending on route costs, firewalling, etc.)

Hope this clarifies your issue. - Welcome to Sites and Services ;)
0
 
LVL 1

Author Comment

by:benchapman
ID: 39637542
The third site was manually added to the site link but something must have gone wrong when it was. It was the original remote site that email stopped flowing to. It was only after removing both remote sites, the email one and the new one, and adding them both back in again that it started to work.

This particular AD has been problematic ever since I first saw it. At least 12-13 years of patches and updates on the same AD including at least one local domain name change across three generations of servers and operating systems (some incorrectly decommissioned). I think we need to start AD from scratch when the hardware is up for renewal in 12 months time, a painful job but it has to be better than the issues we have seen with this client.

Thanks again.
0

Featured Post

Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now