[NTLUG:Discuss] Multiple DNS records for POP3 and SMTP server?

Rick Renshaw bofh69 at yahoo.com
Thu Oct 23 09:36:52 CDT 2008 

----- Original Message ----
From: Neil Aggarwal <neil at JAMMConsulting.com>
To: NTLUG Discussion List <discuss at ntlug.org>
Sent: Thursday, October 23, 2008 8:40:55 AM
Subject: [NTLUG:Discuss] Multiple DNS records for POP3 and SMTP server?

>Hello:
>
>This document:
>
><http://www.barracudanetworks.com/ns/downloads/Barracuda_WP_MX_Load_Balancin
>g.pdf>
>http://www.barracudanetworks.com/ns/downloads/Barracuda_WP_MX_Load_Balancing
>.pdf
>gives a strategy for having multiple MX records to
>have redundancy for incoming email to get to my servers.
>
>I don't see anything that talks about doing the same
>thing for pop3 and smtp connections.  
>
>If I have multiple A records for these:
>
>        pop3.JAMMConsulting.com A 1.2.3.4
>        pop3.JAMMConsulting.com A 5.6.7.8
>
>        smtp.JAMMConsulting.com A 1.2.3.4
>        smtp.JAMMConsulting.com A 5.6.7.8
>
>and then set Outlook (I use version 2003) to
>use pop3.JAMMConsulting.com and smtp.JAMMConsulting.com
>as its incoming and outgoing server, will Outlook
>whichever IP address is available if one of them
>is down?
>
>Thanks,
>    Neil


With multiple A records, the DNS server will rotate (usually randomly) between the two addresses when it is requested.  This means that if one of the servers goes down, Outlook will fail 50% of the time, but a retry will usually work (because it should get the other, working server).  However, if there are any caching name servers between you and the authoritative name server, the first response will get cached and the rest of the requests won't reach the authoritative server.  In this case, if the server you are using goes down, you will not be automatically redirected to the working server, you will just keep trying the crashed server.

The reason this works for mail exchangers is because support for multiple MX records in DNS and the fact that if the first server is down, SMTP allows for retries on the other MX records.  The Barracuda Networks document shows this as the first method.  The second method, with multiple A records has the same issue I listed above, if the DNS record gets cached and that server fails, there is no way for the sending end to find out about the other A records, since the request does not make it back to the authoritative server.  It does provide load balancing, which is the focus of the document, but no failover capabilities.

You and the document are really talking about two different things.  The document talks about load balancing.  This is distributing the load over multiple servers to reduce the load on any one server.  You are talking about automatic failover, which is a bit more complicated that simple load balancing.  Failover usually involves shuffling IP addresses around servers, or some sort of intelligent load balancer that can monitor the servers and stop sending requests to a failed server, or some sort of clustering.  There are many different ways to achieve failover, but simply using multiple A records is not one of them.

Rick

More information about the Discuss mailing list