exchange - Failover two ip address and one dns record
2014-04
Tobia
My mail server has two WAN interface and I need to set up one "A" dns record for my exchange clients. In case of connection failure of one interface I wish to use the other interface, but how to set up a dns record to let the client choose the working one? (something like happends with MX10/MX20 record for smtp connections)
Thanks
hroptatyr
Not quite sure what your setup actually is, but
two WANs, your own AS: Assign both WAN interfaces the same IP, then ask your routing providers to add a neighbor fall-over or a fast-external fall-over to your edge routers, then have your one A record resolve to the one IP address.
Now the edge routers will monitor the route to your WAN interfaces and communicate any failures to each other
- two WANs, not your own AS or two assigned IP addresses: technically you could also add some BGP fall-overs but since this is not your own AS you would have to ask the AS owner(s) to do the setup in 1 for you (which can be difficult if it's two owners)
- two WANs, two IP addresses, no failovers at the BGP level: You can always assign two A-records to one and the same hostname, then clients would resolve to one of the two addresses and (after a possibly long timeout) might try the other
The_aLiEn
- Create an A record with public IP address over WAN interface 1 to, say, mail.something.com
- Create an A record with public IP address over WAN interface 2 to same name, mail.something.com
- Create an MX record to mail.something.com
You have to have two A records which can hold both public IPs over a single FQDN, and then a Mail Exchanger (MX) record to point that FQDN. This way you're actually doing an IP load balancing, not a fail-over. Don't forget to create PTR records for those two public IP addresses, both should point back to mail.something.com, in order to some mail servers deny to communicate with mail server which don't have PTR records.
MortisO
I know that MX records are good for mail flow (port 25 traffic) but not made for client connections (Outlook).
For client conections, you would need to have a network load balancer (usually sold as an appliance) or use Windows Load Balancing (http://technet.microsoft.com/en-us/library/ff625247(v=exchg.141).aspx). This will allow either High Availability (HA) or Failover client connections fro your Client Access Server (CAS).
Another option would be to "team" your NICs on the Exchange server for hardware redundency. Here is a MS reference overview on how to team your NICs: http://technet.microsoft.com/en-us/library/hh831648.aspx. By teaming your nics, you can have one A record but will be able to have multiple IP addresses on that team-NIC setup.
CallMeLaNN
In this common case:
ns1.domain.com: IP1
ns2.domain.com: IP2
What I know the two IP addresses used like if one unreachable, the other will use as a secondary choice and user still can access the same server.
(1) I am not really understood how two IP addresses (can be more than two) is useful and making sure network up time 99% because both IPs pointed to the same server (I think both may have same physical network path or am I wrong?) Anyone can explain?
(2) Now I have I am using Rackspace Cloud Server and I maintain a cPanel. Because of limited IP v4 availability, I cannot buy an IP except for HTTPS and load balancing. So currently, I only have one IP assigned to my cPanel server.
Case 1: cPanel has built-in DNS. cPanel user with the domain pointed to this server directly are able to manage the DNS records in the cPanel UI, it will autogenerate CNAME for cpanel., webmail., ftp. subdomain access, but remember since I only have one IP address, my 1st and 2nd nameserver defined in the cPanel WHM pointed to the same IP:
ns1.mycpanelserver.com: IP1
ns2.mycpanelserver.com: IP1
Case 2: However Rackspace has DNS server virtually located just outside from the cloud. If a domain pointed to this DNS, I can manage the records from Rackspace client area and A record can be set to my cPanel server IP address to serve the hosted web site. By this way, I have two IP addresses for their respective nameservers provided which is like the common case, but I don't have the ability to edit the DNS records in cPanel UI and CNAME records must be defined manually each time new domain registered.
I am trying to use the case 2 which is common, but not sure what is the strong reasons why common two IP addresses for two nameservers in one server?
Majenko
I am not quite following your English here, but what I think you are asking is how you should best go about having 2 name servers when you only have 1 IP address and 1 server.
Well, the best thing I can recommend is that you run your primary DNS server om your cPanel server and assign that to ns1.yorudomain.com, and then use a third party to act as a secondary name server and assign them as ns2.yourdomain.com (or ns0 and ns1 whatever numbering scheme you like).
Changes to your primary DNS in cPanel will be passed out to your secondary DNS servers through dns-axfr zone transfers, so you will have full control from within cPanel.
There are a number of sites that provide free secondary DNS hosting, such as:
Or your network provider may be able to act as a secondary DNS for you.
squillman
The idea is that the two IP addresses for the nameservers are in completely different subnets. That way if a router goes down somewhere or for some other reason a subnet becomes unreachable your server still has a way to perform DNS resolution.
TuxRug
Multiple servers can share a single IP address through clustering. That way, multiple servers can be treated as one. If one goes down, the others take the job of the failed server. Also, servers sharing an IP address (through network address translation or clustering) can sometimes see what name was used to connect, so requests to name1 at IP1 can go to serverA, and requests to name2 also at IP2 can go to serverB. This is usually done when a company doesn't have or doesn't want to use enough external IP addresses to give each server an IP.
Also, individual servers can be given different IP addresses for different reasons. Different IP addresses can map to different services the server offers, or to provide load balancing on their network to make sure one part of the network isn't too stressed. This is useful if they need more bandwidth (sometimes incorrectly referred to as speed) than they can get from one internet connection, because they can send some data through different internet connections.
The most common reason for a server to have multiple external IP addresses is in case the internet connection goes down. If the Internet Service Provider the server is connected to goes down or gets unusably slow, the server can switch over to a different connection. This can also help if a cable gets cut or unplugged.
Walter
I use the same IP for both nameservers without any problem. The fact that the VPS (and sites) are on the same IP address anyway really defeats the purpose of having a backup DNS. When NS1 is offline or unreachable, the sites will be down too. It's absolutely pointless to have a second nameserver kick in to point users to a dead or unreachable server.