Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Configuring two zimbra mail server within LAN with split DNS

  1. #1
    emnzava's Avatar
    emnzava is offline Active Member
    Join Date
    Sep 2010
    Location
    Tanzania
    Posts
    25
    Rep Power
    4

    Default Configuring two zimbra mail server within LAN with split DNS

    Dear,

    I have configured first mail server and now it's working fine with OpenDKIM, split DNS.

    Thank you all for helping me out with advice mostly Phoenix and others.

    Now i want to configure second mail server behind NAT (same as the first one) but this server will have different name (mail2.mydomain.com).

    How can i configure split DNS so that mail2.mydomain.com can be added to the Bind configuration files?

    Here are three files that i need to change for the second server. Do i have to replace every mail with mail2?

    In my public DNS record mx is mail.mydomain.com.

    Here are my current configuration for the three files that i need to change.

    Code:
    sudo nano /etc/bind/db.mydomain.com
    ;
    ; BIND data file for homedomain.org
    ;
    $TTL      604800
    @          IN      SOA     mail.mydomain.com. admin.mydomain.com. (
                                       070727         ; Serial
                                       604800         ; Refresh
                                       86400          ; Retry
                                       2419200        ; Expire
                                       604800 )       ; Negative Cache TTL
    ;
    @         IN     NS         mail
              IN     MX      10 mail
              IN     A          192.168.0.5
    mail      IN     A          192.168.0.5
    
    
    #sudo nano /etc/bind/db.0.168.192
    $TTL 3D
    @          IN          SOA     mail.mydomain.com. admin.mydomain.com. (
                                           2       ; Serial
                                           8H      ; Refresh
                                           2H      ; Retry
                                           4W      ; Expire
                                           1D)     ; Minimum TTL
                            NS     mail.mydomain.com.
    10                      PTR    mail.mydomain.com.
    
    #sudo nano /etc/bind/db.0.0.127
    $TTL 3D
    @               IN      SOA    mail.mydomain.com. admin.mydomain.com. (
                                   2       ; Serial
                                   8H      ; Refresh
                                   2H      ; Retry
                                   4W      ; Expire
                                   1D)     ; Minimum TTL
                            NS     mail.mydomain.com.
    1                       PTR    localhost.
    Thanx in advance.
    Last edited by emnzava; 09-05-2011 at 01:45 AM.
    The quieter you become,The more you are able to hear,,,,,

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Is this just a second server in the same domain with a different priority? What is the role of this server going to be, a backup perhaps?

    I don't actually like the layout of those DNS records, I prefer to explicitly list the domains and servers like this:

    Code:
    sudo nano /etc/bind/db.mydomain.com
    ;
    ; BIND data file for homedomain.org
    ;
    $TTL      604800
    domain.com.          IN      SOA     mail.mydomain.com. admin.mydomain.com. (
                                       070727         ; Serial
                                       604800         ; Refresh
                                       86400          ; Retry
                                       2419200        ; Expire
                                       604800 )       ; Negative Cache TTL
    ;
    domain.com.               IN     NS         ns1.domain.com
    domain.com.               IN     MX      10 mail1.domain.com.
    domain.com.               IN     MX      20 mail2.domain.com.
    domain.com.               IN     A          192.168.0.5
    mail1.domain.com.         IN     A          192.168.0.5
    mail2.domain.com.         IN     A          192.168.0.10
    ns1.domain.com            IN     A          192.168.0.5
    If this is a new server in a different domain then just create new bind configuration files for that domain and add the records to point to the new server.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    emnzava's Avatar
    emnzava is offline Active Member
    Join Date
    Sep 2010
    Location
    Tanzania
    Posts
    25
    Rep Power
    4

    Default

    Yes, this is a second server in the same domain. My aim is to create a backup server.

    I took the layout of DNS record in this how to for zimbra 7 on ubuntu 10.04 64bit Zimbra 7.0.0 installation on Ubuntu 10.04 Server » Open Source Explorations

    So if i got correctly in both server i have to explicitly list servers like you did on your example for /etc/bind/db.mydomain.com?

    What about /etc/bind/db.0.168.192 file. can it stay the same way i've created.
    The quieter you become,The more you are able to hear,,,,,

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by emnzava View Post
    So if i got correctly in both server i have to explicitly list servers like you did on your example for /etc/bind/db.mydomain.com?
    That's just my preferred method of naming the records but, yes, you need to add them in that format.

    Quote Originally Posted by emnzava View Post
    What about /etc/bind/db.0.168.192 file. can it stay the same way i've created.
    That should continue to work OK but you might want to change the NS records to the same format as the ones I've listed, just for consistency - it's your choice.

    Don't forget to make a copy of the original files before you make any changes just in case you have a problem. You can obviously check the new records using the 'Verify...' section of the Split DNS article.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    emnzava's Avatar
    emnzava is offline Active Member
    Join Date
    Sep 2010
    Location
    Tanzania
    Posts
    25
    Rep Power
    4

    Default

    Thanks,

    Let me try your option and see the output. Will keep you posted.

    Thanx.
    The quieter you become,The more you are able to hear,,,,,

  6. #6
    JuniorTux is offline Member
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    1

    Default

    Dear,

    I am also relative new to Zimbra etc..

    My situation is similar to the above posts except that I have 2 different domains which on their own works 100% with split DNS.
    These two domains are in our DMZ.

    The problem that I have is when I want to send mail from Domain1 to Domain2, the connection is refused by both domains.

    I believe it has to do with DNS and resolving it locally.

    To sum it up: Domain1 send and receive emails to all other domains like google etc, it also receives mail from these domains
    Domain2 send and receive emails to all other domains like google etc, it also receives mail from these domains

    Domain1 sends mail to Domain 2 and connection is refused on the public IP
    Domain2 sends mail to Domain 1 and connection is refused on the public IP

    Where can I start to look and what code of mine do you require to assist me.

    Thanks in advance

    Ben

  7. #7
    JuniorTux is offline Member
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    1

    Default

    Is there anyone that runs more than 1 zimbra server in their DMZ with split dns?

  8. #8
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,322
    Rep Power
    13

    Default

    If you see the public IP... It means SplitDNS is not working (and/or is incomplete).
    Do your SplitDNS zones contain the MX records?

  9. #9
    JuniorTux is offline Member
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    1

    Default

    Hi Klug

    Thanks for the answer.
    Yes my splitDNS zones has MX records and that resolves to the dmz ip if you run a dig on the zimbra server. My forwarders is set to the ISP's dns servers for external client resolution which seems to be working.
    At zimbra its own 127.0.0.1 is its dns server, gateway is our firewall that also has a dns server on (ubuntu 12.04).

    Yes I suspect that I might have missed something and has been hacking at it for two weeks without resolve, after a lot of RT()M it is now time to phone a friend.

    Running dig on first server ourdomain.com

    Code:
    ; <<>> DiG 9.8.1-P1 <<>> ourdomain.com mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59913
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;ourdomain.com.                     IN      MX
    
    ;; ANSWER SECTION:
    ourdomain.com.              604800  IN      MX      10 mail.ourdomain.com.
    
    ;; AUTHORITY SECTION:
    ourdomain.com.              604800  IN      NS      mail.ourdomain.com.
    
    ;; ADDITIONAL SECTION:
    mail.ourdomain.com.         604800  IN      A       192.168.100.2
    
    ;; Query time: 0 msec
    ;; SERVER: 192.168.100.2#53(192.168.100.2)
    ;; WHEN: Tue Jan 14 09:31:24 2014
    ;; MSG SIZE  rcvd: 78
    Running dig on second server
    Code:
    ; <<>> DiG 9.8.1-P1 <<>> mydomain.com mx
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48720
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
    
    ;; QUESTION SECTION:
    ;mydomain.com.             IN      MX
    
    ;; ANSWER SECTION:
    mydomain.com.      604800  IN      MX      10 mail.mydomain.com.
    
    ;; AUTHORITY SECTION:
    mydomain.com.      604800  IN      NS      mydomain.com.
    
    ;; ADDITIONAL SECTION:
    mail.mydomain.com. 604800  IN      A       192.168.100.197
    
    ;; Query time: 0 msec
    ;; SERVER: 192.168.100.197#53(192.168.100.197)
    ;; WHEN: Tue Jan 14 09:27:05 2014
    ;; MSG SIZE  rcvd: 86
    I can supply more info so just shout what you need.

    Thanks in advance

    Ben

  10. #10
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,322
    Rep Power
    13

    Default

    Are you servers delivering the mails "directly" or through a smarthost?

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Upgraded to 5.0 OSS - Sendmail Problem
    By Chewie71 in forum Installation
    Replies: 11
    Last Post: 12-28-2007, 07:07 PM
  2. My Zimbra server down ... please help :)
    By frankb in forum Administrators
    Replies: 2
    Last Post: 12-12-2007, 11:29 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM
  5. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •