Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: Configuring two zimbra mail server within LAN with split DNS

  1. #21
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by JuniorTux View Post
    If I use this combination, then my forwarders must point to my firewall and the firewall dns to the ISP, if my understanding is correct?
    Yes, that's correct.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  2. #22
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    2

    Default

    Thanks will test and reply so that all can learn from it.

    Thanks ...hold thumbs

    Ben

  3. #23
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    2

    Default

    Hi All

    Sorry for delay, you know how it goes.

    The final result of the testing and configuring is as follow:

    If you want to run two Zimbra servers in the same DMZ then do the following:

    1.First read the Split DNS as per the WIKI

    2. What is split DNS? It is the Zimbra mail server that has got Bind installed and act as its own DNS server and only using the forwarders for sending mail out.

    3. Setup both domains/mail servers with it's own Zimbra server and split DNS.

    4. Setup your firewall with DNS/Bind installed. (Your firewall will act as your DNS server)

    5. Configure your DNS/Firewall server with the two zones of the two domains you want to use.(If you struggle with command line then use Webmin to assist you; please see on the Webmin website howto install it on your distribution of Linux etc.)

    6. Setup your forwarders on both mail servers to point to your Firewall/DNS server.

    7. You should now be able to run a dig command on both mail servers and the result should point to each others DMZ IP address as a resolve.

    8. At this stage you should be able to send mail between each other and to any other email address on the internet.

    9. To get mail to your mail servers you have to have your DNS settings correct at your ISP side and they have to point to your static IP address on your Firewall side.

    10. In your Firewall you have to NAT/MAP your external IP to your internal DMZ IP

    This worked for me and thus far we do not seem to have any problems.
    Should there be any mistakes above, then please feel free to correct me, after all we are all still human or so they say

    Ben

  4. #24
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Thanks for posting the update.

    One point about something you mentioned earlier:

    Quote Originally Posted by JuniorTux View Post
    If I use this combination, then my forwarders must point to my firewall and the firewall dns to the ISP, if my understanding is correct?
    What you really should do is not forward DNS requests to your ISPs DNS servers, you should forward requests to the root DNS servers. This reduces the load on your ISPs DNS servers and will probably get you a quicker DNS response plus you're not subject to any outage of your ISPs servers.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #25
    Join Date
    Oct 2013
    Posts
    12
    Rep Power
    2

    Default

    Hi Bill & Other

    So when you say to the root DNS servers, you mean the firewall DNS root DNS as cashing server?

    If that is the case, the current mail servers does query the firewall/dns combination first as their root DNS server.

    Am I understanding it correctly?

    Ben

  6. #26
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by JuniorTux View Post
    So when you say to the root DNS servers, you mean the firewall DNS root DNS as cashing server?
    Sorry my last reply wasn't quite clear.

    What I'm saying is that your firewall DNS server should not forward DNS requests (I'm assuming this is BIND?) to your ISPs DNS server, what you should do is forward DNS requests to the root DNS servers for anything that it isn't authoritative.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. [SOLVED] Upgraded to 5.0 OSS - Sendmail Problem
    By Chewie71 in forum Installation
    Replies: 11
    Last Post: 12-28-2007, 07:07 PM
  2. My Zimbra server down ... please help :)
    By frankb in forum Administrators
    Replies: 2
    Last Post: 12-12-2007, 11:29 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 09:09 AM
  4. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 12:34 PM
  5. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •