LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-03-2004, 06:59 AM   #1
SolidSnake
Member
 
Registered: Jul 2003
Location: UK,London
Distribution: White Box Enterprise Linux 3
Posts: 83

Rep: Reputation: 15
backup postfix server on same LAN?


Hello
I ave got postfix up and running but i want to make a backup server which automatically takes its place if the main one goes down.
I have found that with diffrent priorities on the MX recordes i can it but for that i need 2 diffrent IP address.
Is there any way i can set it so both servers can use the same Ip address and be on the same LAN?
 
Old 06-03-2004, 07:45 AM   #2
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Rep: Reputation: 30
You mean like a redondant server ??

set up looks like this:

MX record is 66.66.66.66

virtual adress id 66.66.66.66

PC1 adress is
eth0: 66.66.66.67
eth0:1: 66.66.66.66

PC2 adree is
eth0: 66.66.66.68

There is a monitoring sogtware on PC2 that makes eth0:1 66.66.66.66 if eth0:1 of PC1 does not answer anymore...

That imply no changes to MX record and is NOT a backup solution.

Otherwhyse, I dont see any other way you could have 2 PCs on the same LAN having the same IP getting different things

Keep me posted on that one!
 
Old 06-03-2004, 08:32 AM   #3
SolidSnake
Member
 
Registered: Jul 2003
Location: UK,London
Distribution: White Box Enterprise Linux 3
Posts: 83

Original Poster
Rep: Reputation: 15
i want it so that if server 1 goes down, server 2 accepts the mail insted.

Server 1 has ip 192.168.1.2 and server 2 has ip 192.168.1.2.
in my MX records i have setup so that all mail goes to my internet ip and my firewall/router is setup so everything on port 25 goes to server 1 (192.168.1.2).

I want to make it so that if server 1 goes down, all my mail goes to server 2 until server 1 is backup.

is this possible?
 
Old 06-03-2004, 10:02 AM   #4
carlmarshall
Member
 
Registered: Jan 2004
Location: North Yorkshire, UK
Distribution: Centos 5
Posts: 133

Rep: Reputation: 16
Short answer, no!

You need more than one IP address for this to work otherwise you're trying to have 2 systems with the same IP on the same network. With several IP addresses we perform the same thing here, but use MX records with the same priority for load balancing. If one server is down, all the mail gets delivered to the other one. It does need 2 IPs though.

Carl.
 
Old 06-03-2004, 10:10 AM   #5
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Rep: Reputation: 30
Quote:
Originally posted by SolidSnake
i want it so that if server 1 goes down, server 2 accepts the mail insted.

Server 1 has ip 192.168.1.2 and server 2 has ip 192.168.1.2.
in my MX records i have setup so that all mail goes to my internet ip and my firewall/router is setup so everything on port 25 goes to server 1 (192.168.1.2).

I want to make it so that if server 1 goes down, all my mail goes to server 2 until server 1 is backup.

is this possible?
Ok, that is feasable. It is exactely the scenario I descibribed. So in order to make it reflect you network set up here's the scenario updated:


Server 1 has ip 192.168.1.1 and server 2 has ip 192.168.1.3
MX record is set to 192.168.1.2

You will need to change your server's ips to deflect the scenario I just mentionned.

Create an interface eth0:1 on Server 1 and give it the ip 192.168.1.2

develop a script that will validate connection acceptance from 192.168.1.2:25. if the script fails create an interface eth0:1 with ip 192.168.1.2

Now the problem with this strategy is to get back after Server one has come back on it's feet... I would suggest not to create the interface eth0:1 at startup and create it manualy after it comes back..
 
Old 06-03-2004, 10:17 AM   #6
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Rep: Reputation: 30
Quote:
Originally posted by carlmarshall
Short answer, no!

You need more than one IP address for this to work otherwise you're trying to have 2 systems with the same IP on the same network. With several IP addresses we perform the same thing here, but use MX records with the same priority for load balancing. If one server is down, all the mail gets delivered to the other one. It does need 2 IPs though.

Carl.
This is possible only with more than one public ip and I think SolidSnake doesn't have this...

But you where right about ip confict though...
 
Old 06-03-2004, 10:33 AM   #7
carlmarshall
Member
 
Registered: Jan 2004
Location: North Yorkshire, UK
Distribution: Centos 5
Posts: 133

Rep: Reputation: 16
Luggerhouse,

Yes I did assume that Solidsnake only has one public IP and hence the solution I use would not be of any use.

If I've got this right, the solution you have come up with is for each server to start with an IP address (192.168.1.1 and 192.168.1.3) neither of which is the forwarded IP for mail, then the 1st server establishes the mail address (192.168.1.2) via a script so that mail is now delivered to it.

Meanwhile, server 2 monitors server 1 to check acceptance on port 25. If this fails, then it runs a script which establishes its own interface as the mail address (192.168.1.2).

That's quite a clever idea, well done!

The only issue I can see is if it's only the mail port (25) which is down, then there would be a problem with conflicting addresses. It would really be neccessary to test for a complete absence of the mail IP.

In addition, the 1st server would need to check that 192.168.1.2 is not already present before enabling this address. I'm thinking of a situation where the fallover has taken place and server 2 is now handling the mail. I suppose that both servers could be configured to check for each other in this manner, but then if both were started at the same time each would find no mail IP and both would initiate the network with the mail IP. I'm thinking of such an event as a power failure and recovery. Perhaps a delay on one system may solve it?

Carl.

p.s. Only one MX record would be required!
 
Old 06-03-2004, 10:52 AM   #8
LuggerHouse
Member
 
Registered: May 2004
Location: Montreal,QC,Canada
Distribution: Fedora Core 7
Posts: 208

Rep: Reputation: 30
You are all right about the whole solution... It is not a terrible one but it was intended to give an idea of the manner it could be executed...

From my Point of view, the idea of having both server to check for each other is great. You are also right about the Server 1 not accepting connection but ip being up anyway. We would then need some extra checks and a mechanism to make Server 1 to down it's virtual interface in that case (maybe some CGI request on a http server on server1 or something like this...).

Also, in the case where server1 goes down and server 2 gets the IP, and than server1 is getting up again, I would not re-enable the virtual interface (this could be done in a script witch would detect the ip:25 validation) and I would make server1 to send a mail to say it's back and fallback should be done manualy.

Any other suggestions from anyone are still welcome... If there is other approaches I would be interested to hear them We made that kind on set-up in a e-payement environement requiring redonancy and almost 0$ to make it

Thanks!
 
Old 06-03-2004, 12:10 PM   #9
SolidSnake
Member
 
Registered: Jul 2003
Location: UK,London
Distribution: White Box Enterprise Linux 3
Posts: 83

Original Poster
Rep: Reputation: 15
Koool thanks every 1.
hmmmm i dont really know much about making scripts but i'll look for in on google.
wouldent it be easier to take that idea but make the script on the firewall that checks if the email on server 1 is working and if it isn't, forward the port to server 2 insted?
 
Old 06-04-2004, 03:31 AM   #10
carlmarshall
Member
 
Registered: Jan 2004
Location: North Yorkshire, UK
Distribution: Centos 5
Posts: 133

Rep: Reputation: 16
Solidsnake,

I think you're right. The advantage of doing this on the firewall / router is that there's no danger of conflicting IPs on the internal network, for example if the mail server alone stops responding but the interface is up.

I don't know what type of firewall / router you're using, but there must be some out there which allow for this kind of programming. Most of the cheaper ones I've come across have a very minimal menu driven programming interface and wouldn't allow for checking port availability.

Good luck with it, and if you come across a router (& script) which lets you do this, let us know. I'm sure that many of us would be interested.

Carl.
 
Old 06-04-2004, 11:39 AM   #11
SolidSnake
Member
 
Registered: Jul 2003
Location: UK,London
Distribution: White Box Enterprise Linux 3
Posts: 83

Original Poster
Rep: Reputation: 15
kool im using shorewall as my firewall.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
taking backup and restoring postfix mail files cbekannan Linux - Software 0 11-04-2005 02:49 AM
Configure Postfix as MX Backup dune Linux - Newbie 2 06-01-2004 07:28 AM
squid issues or what? - LAN backup server setup problem htm Linux - Networking 2 03-18-2004 09:10 AM
postfix as a backup MX-what is needed? bruce1271 Linux - General 0 03-16-2004 09:59 PM
move postfix mails from server to another postfix server onetwo Linux - Software 2 03-18-2003 02:22 PM


All times are GMT -5. The time now is 08:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration