Exchange 2013 2-Node DAG

I am testing an Exchange 2013 2-Node DAG. Everything is setup and working properly. My question is what IP address do I point our firewall to for mail delivery? The IP address of the DAG?
ctsuhakoAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

StuartTechnical Architect - CloudCommented:
No the IP of the DAG is used for the DAG cluster only, you need to point this either a layer 4 or 7 load balancer (recommended) OR a DNS Round Robin record (not recommended) that points to both Exchange servers (presuming both have Client Access installed)
0
AmitIT ArchitectCommented:
@Stuart,

I assume ctsuhako is asking IP required for sending and reciving emails.

@ctsuhako

If that's what you are looking. You need to add your server IP's. Example:
For Inbound.
Internet>If any spam Server>On Spam server add your Server IP>Email to Server

For Outbound
Server>Spam Server>Internet.

Let me know, that clears your doubt.
0
StuartTechnical Architect - CloudCommented:
I presumed ctsuhako was asking where to route SMTP to from his internal firewall for inbound emails from the Internet. Apologies if I misunderstood
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

AmitIT ArchitectCommented:
@Stuart

NP, until @ctsuhako more details, we both are on same boat.
0
Budhi WitonoCommented:
Best option with load balancer but you can point to your dag ip than only to 1 node, ;)
0
ctsuhakoAuthor Commented:
Sorry for the lack of detail, but here is what I am trying to do:

We are planning to move from Exchange 2010 running on a single server to Exchange 2013 with a 2-node DAG. We only have around 35-40 mailboxes. Currently, all email is routed thru our Sonicwall firewall to the internal IP address of the Exchange 2010 server at 10.0.0.4. The servers in the Exchange 2013 DAG each have internal IPs of 10.0.0.77 and 10.0.0.78. I was wondering how to route the emails so that if one of the Exchange 2013 servers is down the email is automatically sent to the other Exchange 2013 server. From what I gather a load balancer would be the way to go, but from reading the following article, I am not sure if that is the case:
Exchange Server 2013 Client Access Server High Availability
Any input would be helpful and thank you all very much.
0
Budhi WitonoCommented:
hi ctsuhako, you can add A record mx1.yourdomain.com   to your public IP 1 (Exchange 2010), public IP 2 (Exchnange 2013)and Public IP2 (Exchange 2013).
create/edit mx record : 10 mx1.yourdomain.com

Create sonicwall port forwarding smtp /imap /pop /pop3/imaps policy :
Source WAN (Public 1 ) to 10.0.0.4
Source WAN (Public 2 ) to 10.0.0.77
Source WAN (Public 3 ) to 10.0.0.78
0
StuartTechnical Architect - CloudCommented:
The article you linked  highlights how CAS arrays are now redundant in 2013 because of the stateless client access methods used. This does not give you resilience load balancing Internet mail into the organisation.

I recommend you install a pair of L7 software or hardware load balancers, and point the NAT on your sonic wall for both public IP's to the load balancers VIP. The load balancers can then balance SMTP (and external client access eg OWA) traffic to both your Exchange 2013 servers, the issue with the above suggestion is it would not detect if a critical exchange service was down on one of the servers and it would still route traffic that way..

I presume you can route internally between the 2013 servers and the 2010 server, if so all traffic as I suggested above can terminate at the new resilient pair of servers
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ctsuhakoAuthor Commented:
Thank you very much! Answered my questions completely.

Clay
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.