cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1827
Views
0
Helpful
8
Replies

IronPort Clustering questions

Hello all,

I have some questions about clustering in Ironport:

Actually I have one IronPort C150 in "Standalone mode" with an ip adress who takes the mail flow (192.168.1.34)

We received a second Ironport for setup a cluster configuration between them.

My question are :

1) What happen for the mail flow if the first IronPort ( 192.168.1.34) move to a cluster configuration ?
I have to configure a virtual address to be same of the original ip adress mail flow (192.168.1.34) or the cluster takes the original configuration of the first IronPort ?

2) If one Ironport Fail, the second IronPort automatically takes the mail? or i have to reconfigure manually the ip address ?

Thanks for your help.


PS: Sorry for my english

8 Replies 8

pvdberg00
Level 1
Level 1

Nothing happens with the mailflow. Clustering is only for the configuration (without network specific settings)

pvdberg00
Level 1
Level 1

You can use the second Ironport as backup MX record. If the first one is down all the mail is routed to the second.

thanks for the answer :D

Alternatively, by having multiple MX records (each points to different IronPort X-series box) with the same weightage, it would become sort of load balanced.

japan_ironport
Level 1
Level 1

You can also have one appliance for the outgoing and the other one for the incoming mail, so that one machine doesn't consume power without doing anything but waiting for the other one to fail. :wink:

We have 2 C350 boxes and first has lover mx and second higher mx for incoming traffic and for outgoing traffic the mx -s are in opposite way, second has lower and first has higher.

So both boxes work quite equal and I can shut down or reboot one box anytime, without loosing any messages.

Virtual IP would be better, but I'm just too lazy to them behind the load balancer:)

steven_geerts
Level 1
Level 1

I have serious doubts about using a load balancer for SMTP.

Let’s assume that you have 4 machines behind one load balancer, thus sharing one IP address.
If one of our four machines gets overloaded for some reason and starts backing off the traffic, all hosts that receive the "try again later" status notification receive that from your single IP address. This means that they do not switch over to another host like they would do if all four machines had their own IP and just share the MX record.
For mail from the internet this situation might be acceptable, but imagine what happens if your internal mail servers start queuing mail for 15 minutes because they received "try again later".

Maybe I'm overlooking something that makes a load balancer a better (and not only more expensive) solution that MX records... please convince me! :wink:

Steven

joe_ironport
Level 1
Level 1

I agree with your thoughts on MX records. The biggest benefit to using a load balancer is with the management. Once you start getting a large number of hosts in an MX record you start running into problems with senders correctly resolving your MX records due to inproper DNS configuration on the internet (UDP vs TCP). Standing up a large number of hosts behind some load balancers is one potential solution. This of course comes with its own set of challenges.
I'm still using MX records, but at some point will need to look at having multiple machines behind each host in my MX records to cut down on the size of the returned record.
I just wish I could get all of my application developers to write their apps to understand MX records. Load balancers have worked well for my outbound environment where most applications are pointing at a host name instead of an MX record.

Joe