Solved

Two Exchange 2010 servers, no email between them. AD Sites Issue

Posted on 2013-11-09
8
756 Views
Last Modified: 2015-04-02
I have a client with two Exchange 2010 servers in different sites. Since we added a third site (no Exchange) to AD, no email has flowed between the two Exchange servers themselves. External email is being delivered to the first server and being sent out but any email destined for a mailbox on the second server is queued as "Unreachable" with the error "There is currently no route to the mailbox database"

Email on the second server is queued with the same error for internal emails and "A matching connecter cannot be found to route to the external recipient". The connector is there and correctly resolving.

The Application log has MS Exchange Transport errors as follows:

5006: Cannot find route to Mailbox Server CN=<EXCH SRV Name>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<Exch Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<local domain>,DC=local for store CN=<Exch Store Name>,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<Exch Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<localdomain>,DC=local in routing tables with timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to this store.

5015: Microsoft Exchange cannot find a route to the source transport server or home MTA server CN=<EXCH SRV Name>,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<EXCH Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<Local Domain>,DC=local for connector CN=Text Messaging Delivery Agent Connector,CN=Connections,CN=Exchange Routing Group (DWBGZMFD01QNBJR),CN=Routing Groups,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=<EXCH Org>,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=<Local Domain>,DC=local in routing tables with timestamp 9/11/2013 6:39:50 AM. Microsoft Exchange is ignoring the source transport server.

5008: The topology does not contain any route to server <EXCH SRV Name>.<Local Domain>.local in Active Directory site <AD Site> in routing tables with timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to this server.

5007:  The topology doesn't contain a route to Active Directory site <AD Site> in routing tables with the timestamp 9/11/2013 6:39:50 AM. Recipients will not be routed to servers in this Active Directory site. Hub Transport server <EXCH SRV Name>.<Local Domain>.local is unreachable.

This has been working fine up until now, specifically until a third site was added to AD and the third site DC had its replication errors fixed. There were DNS issue and TCP Routing issues that needed to be fixed as AD was not able to replicate in two directions. Now AD is replicating without error, Exchange has stopped.

Both Exchange servers can see each other.  Both Exchange Servers are using the same DC for configuration information. Both Exchange servers can bind RPC connections to the other and to all DCs. both Exchange servers are correctly resolving both short and FQ domain names. Both Exchange Servers Management consoles can connect to the other and see and manage all aspects of Exchange.

It is just email is not flowing between them.

The Errors above indicate an error in the routing or AD Sites and Services with the servers not having site information. The commandlet Get-ExchangeServer | ft Name, Site returns the correct server information with the correct site information.

If anyone has anything else I can try, I am all ears. In Australia I cant open a PSS call until after 8am Monday and I would like to have this operational before then.

EXBPA tests all test OK on both servers, no errors. The Exchange Troubleshooting Assistant also shows no errors. The Routing Log Viewer shows the correct servers, sites, connectors and mailbox stores.

Thanks,
Ben
0
Comment
Question by:benchapman
  • 3
  • 2
8 Comments
 
LVL 4

Expert Comment

by:Smighty
ID: 39635555
"Cannot find route to Mailbox Server" tells you, that Exchange is not able to find its partner.
The solution lies in the Send/Receive-Connectors.
For mail to flow correctly you have to have a clean communication between the servers.

From what you describe you cannot communicate between the two servers at all.
(Site 1) Server 1 is sending mails to the internet (relaying) properly, so this send connector is ok.
(Site 2) Server 2 I assume would send its mails for relaying to Server 1 which then send it to the internet.
(Site 3) has no connection to exchange.

I would look into the receive connectors of all exchange servers and establish the following:
1 Mails can be received from other Exchange Servers in the Environment
2 Mails can be received from Clients in all Sites

For the first one, you have to make sure that all Exchange-Server IP Addresses are set up in the Receive connector that allows Exchange Servers to communicate via TLS.

For the second one you have to make sure that Exchange Clients are able to authenticate properly and the Receive Connector accepts messages from the IP-Range of Site 3 (if you set up the receive connector to listen only to certain IP networks, then this would explain why you can't reach the servers from Site 3


Additionally, I would query a few DNS Stings from Site 3 to see if they match up with the same queries on Site 1 and 2 - Look for the Servername but the MX-Entry as well.
If you have one Active Directory Domain the settings should be okay, because of DNS replicating via Active Directory. If you have made a Subdomain, make sure the DNS forwarding works properly.

greetings,
David
0
 
LVL 1

Author Comment

by:benchapman
ID: 39635562
THanks David

I am pretty sure it is an AD issue related to Sites and services, that was where I was stuffing around for a while to get two way replication to site three working when the email delivery stopped. DNS was part of this job which was ensuring all DNS servers and sites were consistent.

The receive connectors appear to be working fine. All tests indicate that the servers can find each other, it is just this email routing issue.

I am still plugging through it, at least with AD replicating properly and DNS all working, I am narrowing it down.

Regards
Ben
0
 
LVL 1

Accepted Solution

by:
benchapman earned 0 total points
ID: 39635568
I just stumbled on the solution. The DEFAULTIPSITELINK in AD Sites and Services may not have been right (there was only one IP transport link configured). I moved the two remote sites out of it, applied and moved them back in on the main DC. Email then started flowing one way (from the main site to the remote site). I forced replication to the other DC's and restarted the remote Exchange AD Topology service and the remote queue delivered back the other way as well as out via the internet send connector (all emails are logged as passing through Mail Marshal successfully)

No idea what happened or how but adding the third site to the DEFAULTIPSITELINK did something strange.

Now I can go to bed!
0
 
LVL 4

Expert Comment

by:Smighty
ID: 39636183
The Site Link. I should have thought of that.
Yes, when you create a third site, you have to setup site link manually. This is because AD wants that you tell it which DCs (Sites) have to replicate with each other.
The second Site can only be linked to the first one, but starting with the third site you have the choice (depending on route costs, firewalling, etc.)

Hope this clarifies your issue. - Welcome to Sites and Services ;)
0
 
LVL 1

Author Comment

by:benchapman
ID: 39637542
The third site was manually added to the site link but something must have gone wrong when it was. It was the original remote site that email stopped flowing to. It was only after removing both remote sites, the email one and the new one, and adding them both back in again that it started to work.

This particular AD has been problematic ever since I first saw it. At least 12-13 years of patches and updates on the same AD including at least one local domain name change across three generations of servers and operating systems (some incorrectly decommissioned). I think we need to start AD from scratch when the hardware is up for renewal in 12 months time, a painful job but it has to be better than the issues we have seen with this client.

Thanks again.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now