Makin the jump!

[NoDoze]

The scenario...

Our hosting, internet, intranet and email have been with a hosting company.
We've recently upgraded to a new building with a T1..Yay!
And are in the process fo moving all systems internal...
I've moved the internet and intranet in house already, works great.

Our domain is registered and pointing to our host provider.
Our active name servers are at our hosting provider.
I also have our http and sub domains pointed to our in house web server.
Our email and mx is still pointed to the host provider.

What I want to do....

Is move our email server and everything else in house.

How do I do it....

How do I setup the OSE so that all I have to do is change the location of the name servers and MX to get it working with minimal downtime?

Do I enter the actual (to-be active) domain mx names?...just as if it was going to be. Or do I enter a temporary domain mx name, then change it to make it live?

If I use a temporary or the actual domain mx names, will I be able to test it before it becomes live? Or will I have to hold my breath till propagation completes to know/what/how successful my setup was?

I'm nervous about this move, it's about 30 email addresses, any input/support is good!

Thanks!

[webman]

Hi NoDoze, pleased to hear you've made the decision to make the jump to Zimbra

First of all, do you need to migrate messages from the current platform onto the new Zimbra server? If so - what sort of system is this and how do your users connect to it - web interface, Outlook, Thunderbird? Are messages stored on the server or on local computers? There's a large article in the wiki about migrating from various platforms - User Migration.

As for testing; it might be a good idea to set up a temporary domain (use a subdomain of your existing one or use FreeDNS for example) so it won't affect your current setup. Once you have confirmed mail delivery works fine through your inhouse setup inbound and outbound, then you can plan it "for real".

As for DNS - Zimbra will need to be able to resolve itself to its local IP on the internal network and not the externally-visible internet IP. Read this Split DNS wiki article for more information. If you have an internal DNS server though that you can configure the Zimbra server to use, you can probably get away with utilising that instead of configuring Split DNS on the Zimbra server.

As for actual switchover over mail delivery - there are a couple of ways I can see doing this.

Option 1 - Do a straight change of the MX records (when it's ready) to an appropriate A record pointing to your internet IP.

To provide a seamless transition for incoming email, it may be wise to decrease the TTL (if possible) for the MX/A records in advance. This will mean that when you eventually change them, the period between record updates will be less so the changes will 'appear' sooner. Have a read of the In theory/In practice section of this - Wikipedia - Domain Name System. It explains it better than what I can

Option 2 - Have your current email server forward all messages to the new server (again, to an appropriate A record pointing to your internet IP) and optionally change the MX records after the forwarding is confirmed to be working.

The possibility of this will largely depend on what control and access you have to the current email server. I think Exim calls this Smarthosts and I believe Postfix does it using transport maps.

---

Don't forget you will need to reconfigure your users' email clients if you use new DNS settings. When I migrated I found it a lot easier to schedule in some downtime well in advance so users are aware of what's going on. This allows for plenty of time to get things sorted and you can bring everything back up for your users when convenient to you and all tested etc. Your mileage may vary depending on what you actually need to do with regards to DNS changes.

Hope that helps and gives you a bit of food for thought.

[NoDoze]

Thanks for the info....

Yes, we are using Outlook... The main reason we want to move to Zimbra is to eliminate 2GB+ .pst files! Our current host only offers 25MB total (sent, inbox, deleted) size email boxes...so yes, Outlook is DLing everything. Yea, I already looked at the Outlook migration tools... I'm not too worried about this.

I'm more woried about the change over of DNS. I have no root, shell, just a silly webadmin to manage the hosting account...it's not even cpanel...some webadmin they created. But I do have the ability for custom DNS records.

I've been playing with zimbra for the past 2 months trying different setups and performance scenarios. To try to figure out the ins and outs. So the DNS thing is what only really worries me.

In looking at the two options... I think option 2 is the easiest, but with our small mail boz size, I'm worried about bounce backs. Bounce backs from either the inability to forward the email to the zimbra server, or some sort of delay on our hosting providers end, where the mail box will fill up too quick from large emails.

So...option 1 seams to be the only way. I've already set the TTLs to 600 on all records a month ago. I'm thinking to simply change the MX record, then the downtime will only be the propagation.

Then some time after that, maybe a week after, change the ns IPs to the new inhouse DNS server. Which I'm not sure will or will not create another downtime period. I think this downtime should be even shorter if any.

With reguards to your last comment about downtime when changing end user clients, I plan on using the same mail.domain.com server names so nothing should have to be changed, right? To boot, we plan on eliminating Outlook all together and just use the Zimbra browser interface....or Zimbra desktop.

Does that sound all correct? Do I have a grasp on things?

Thanks!

[webman]

Yes, we are using Outlook... The main reason we want to move to Zimbra is to eliminate 2GB+ .pst files! Our current host only offers 25MB total (sent, inbox, deleted) size email boxes...so yes, Outlook is DLing everything. Yea, I already looked at the Outlook migration tools... I'm not too worried about this.

Ahh, yes. I feel your fustration! That was one of the reasons we migrated too - the volatile nature of Outlook and huge PST files was a nightmare in our roaming profiles environment.

There are a couple of things you might like to know about the import wizard. Messages containing attachments larger than 10MB will fail to import - there is a registry setting to increase this - it's in here somewhere. Some extremely bloated PSTs might fail for reasons unknown. My solution was to split it into separate PSTs - one folder per new PST file. Run Scanpst.exe (available from Microsoft) on the original one to decrease its size. Then import these one at a time using the wizard I wrote about my experience in this thread.

I would strongly recommend doing a test import using a hand-selected user PST file and a test account on the Zimbra server.

Yes, I think in your situation then that the MX change will be the best way to move forward.

As for your inhouse DNS server and pointing the domain's NS records to it - just remember to make sure it responds to requests from the Internet with the external IP address. You probably already know this but thought it was worth mentioning - and at the same time, the Zimbra server itself will still need to resolve the domain to its own internal IP.

With reguards to your last comment about downtime when changing end user clients, I plan on using the same mail.domain.com server names so nothing should have to be changed, right?

If you create a host record on your internal DNS server that points to the local Zimbra server IP, then in theory - that should all work

To boot, we plan on eliminating Outlook all together and just use the Zimbra browser interface....or Zimbra desktop.

Good idea. We did a sort of half-way implementation of this at the school. To give users a more integrated feel, I created a client application to act as the default mail program on workstations. It served two purposes. Firstly to handle pre-authentication, and secondly to launch Prism (the bare-bones Mozilla browser used in Zimbra Desktop) directed at the Zimbra web client.

[NoDoze]

Ok... I'm about to start setup of the zimbra server... but want to make sure the DNS stuff is all good...

- I have the public IP assigned to the mail server, it's accessable from outside.
- and I added the mx mail.domain.com to our local DNS server, pointing to the public IP of the mail server.

I think that's all I have to do, correct?

My question though is.... because the mx mail.domain.com is already in use by our hosting provider... and when I setup the zimbra with the same mail.domain.com addess, will this..."the Zimbra server itself will still need to resolve the domain to its own internal IP." I don't think so, right? Or is the resolve within the local DNS suffecient to get things setup? Which would mean during setup I'd be accessing it via http://public.ip.x.x ...not the domain name, correct?

Then once everything is good to go, change the mx on the host's to point to our mx on our DNS server, correct?

Thanks... so exciting!

[webman]

On your internal configuration, is the Zimbra server behind NAT or in a DMZ? Is your internal DNS server eventually going to respond to DNS requests from the internet?

Essentially your Zimbra server needs to resolve itself as set out in the first paragraph of Split DNS - Zimbra :: Wiki.

If the local DNS server returns the public IP address, this may or may not work depending on your configuration - some NAT routers will not allow this sort of looping-back. If you're in a DMZ and the local DNS server returns the actual IP address of the server then it should be fine.

[NoDoze]

On your internal configuration, is the Zimbra server behind NAT or in a DMZ?

yes, NAT right now...

Is your internal DNS server eventually going to respond to DNS requests from the internet?

Yes, it already does for our internet and intranet websites and FTP.

The network setup right now is...
firewall manages NAT, static IPs
DNS host ftp and http
Email server = zimbra
The public IPs are port forwarded to the appropriate servers.

Right now, if I enable the httpd on the email server, I can access it via the public IP.

Yup, the split DNS sounds like what I'd have to do... But now my question is, do I have to remove this eventually when the MX is updated? Or can this stay even after the MX change over?

Thanks!

[webman]

Yes, I believe the Split DNS is meant to be a permanent arrangement. I can't see any reason to remove that once your MX is updated.

Your setup seems ready to go ahead with..

[NoDoze]

okie dokie....I've started the setup....

I have a question...

This line is confusing me, I'm not sure exactly how or if this would apply to me...?

4. Change /etc/resolv.conf to use the Zimbra server as the primary DNS address. Also remember to change the search path to be the name of the Zimbra server.

From this page:
Split DNS - Zimbra :: Wiki

Currently the resolv.conf has my local IP of my DNS server in it only.
So would I put the local IP on the zimbra server before it? ...then the second in line being my DNS server?

And this line "Also remember to change the search path to be the name of the Zimbra server." is what really confuses me... what search path are they talking about...?

Thank for all the help!

[NoDoze]

One more...in retrospect...

IN NS <internal address of server>
IN A <internal address of server>
IN MX 10 server.example.com.

The NS and A would be my DNS server, correct? I got the MX correct.

This has got me second guessing...heh...