Migrating from 2007 to 2013 - legacy.domain.com question

Hi !

Can someone explain me in simple words the importance of creating legacy.domain.com for the old 2007 server ?
While I can understand why it's required for internal DNS, I don't understand the external one...

After redirecting the mail traffic to a new server on my firewall, while still having mailboxes on 2007, I thought it will work like this:

Client connects to mail.domain.com (new 2013 server) -> 2013 is looking for legacy.domain.com 2007 internally and gets the data from there.

Why do I need external legacy dns entry, especially that it will point at exactly the same IP ?
LVL 1
tp-it-teamAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MASEE Solution Guide - Technical Dept HeadCommented:
When an Exchange2007 user connects to mail.domain.com(common name) or autodiscover.domain.com Exchange 2013 will redirect the traffic to Exchange2007 server  by the name legacy.domain.com.
You need and additional external IP  to connect to Exchange2007 from outside network

Explained in this article about co-existence.
http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx
tp-it-teamAuthor Commented:
Exactly, so why will I need external legacy.domain.com DNS ?
My clients will connect to 2013 and it will resolve the old 2007 INTERNALLY by using legacy.domain.com
MASEE Solution Guide - Technical Dept HeadCommented:
-->Exactly, so why will I need external legacy.domain.com DNS ?
Your Exchange2007 users will connect to Exchange2013 and it will redirect to Exchange2007 server both internally and externally using name legacy.domain.com
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

tp-it-teamAuthor Commented:
Why would I need external redirection if my both servers are behind one external IP ?

Sorry to be stubborn, but I cant digest the fact that I need additional EXTERNAL IP to migrate from 2007 to 2013...
MASEE Solution Guide - Technical Dept HeadCommented:
When your external clients redirected to legacy.domain.com it should be resolved to an IP
both internally and externally
it_saigeDeveloperCommented:
@tp-it-team - Seems like there is a mix-up here in your understanding.  The external legacy host name (and the use of an additional ip address) are only required if you have users who need to access Exchange 2007 (during the migration) externally.  Bear in mind though, that the migration from Exchange 2007 to Exchange 2013 is not an online migration; Meaning while you are migrating a users mailbox, they cannot access their mailbox.

If you do not have this requirement then you do not need to worry about the external record and associated ip address.

If you do have this requirement, then you may consider trying to migrate all of the external users first to avoid the need (or better yet, if you can complete the migration all at once that would be better).

But no two migrations are the same; You may have so many users that trying to move them all at once (as opposed to using a staged migration) is a daunting task.

So if you do need to use the external legacy record, allow me to explain the reasoning for the need of an additional ip address.  Quite simply there are two reasons:

1.  SSL.
2.  Loopback.

These two are problematic for their own varying reasons.  And while you can argue that you don't need to use a different ip with SSL, which you are absolutely right, you do have to:
A.  Use a different port.
B.  Configure Exchange 2007 to answer the service requests on the chosen port.
C.  Fabricate a method with which to forward the requests from Exchange 2013 to Exchange 2007 on the given port.

So the showstopper is not SSL, no your show stopper is loopback.  Your internal network cannot forward requests from the primary external wan ip to another wan ip that is in the same block of addresses.  This means that legacy must be reachable from outside your network by the internal request from your Exchange 2013 server.

This blog post from technet summarises all of this very nicely: http://blogs.technet.com/b/exchange/archive/2014/03/12/client-connectivity-in-an-exchange-2013-coexistence-environment.aspx

-saige-

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.