Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect Multi-Server » Clarification of connectivity
  •  
Bud Durland

Messages: 371
Karma: 39
Send a private message to this user
I just read through the knowledge base article (KB 1667)outlining Multi-Server. I have a couple points I'd like to clarify:

1) MX records get pointed to the Front End (proxy) server, correct?.
2) We have an outgoing SMTP relay. Do I point the back end server directly to it, or to the Front End Server?
3) Most of my users are Outlook w/ KOFF, with a handful of IMAP. If the Front End server is down, or if the link from their site to the main site is down, will they be unable to connect to their local mail server?
4) if I migrate a user between servers, is their mailbox available during the migration?
  •  
Stepan Potys (Kerio)

Messages: 86
Karma: 2
Send a private message to this user
Hi Bud,

1) yes, MX records get pointed to the front-end
2) your outgoing SMTP relay will be configured exactly the same as it is now. The front-end doesn't get involved.
3) you can setup two different front-ends. One for internet users and one for local users. So the internet link instability will not affect local users.
4) User mailboxes which are being migrated are unavailable at the moment.

Stepan Potys
Connect Core team leader
Kerio Technologies
  •  
Bud Durland

Messages: 371
Karma: 39
Send a private message to this user
Thanks for the info. for item (3) -- my real question is "what functionality do end users have if the front end server goes down or is otherwise unavailable?"
  •  
Stepan Potys (Kerio)

Messages: 86
Karma: 2
Send a private message to this user
If the front-end goes down you will loose an access to all services unless:
1) you've established a backup front-end including secondary MX pointing to it, or
2) you've got access to your internal network (either directly from LAN or over VPN) in which case you can access your backend servers directly (you must know their internal names or addresses then).

If 1) or 2) holds your users can access their mailboxes even during the critical period of time. Users with desktop clients like KOFF will most probably need to use Kerio Connect client instead as their profiles are configured against the primary front-end.

Stepan Potys
Connect Core team leader
Kerio Technologies
  •  
Bud Durland

Messages: 371
Karma: 39
Send a private message to this user
Stepan -- thanks again for the information. It's very helpful.
  •  
oehTie

Messages: 4
Karma: 0
Send a private message to this user
Hello Stepan,

Sorry if I hijack this thread, a lot of my questions have been answerred with this thread but I have some additional things... I am currently looking into using a multi server setup.

Being able to give clients a backup front end server sounds perfect. The problem I have is that I cannot use the backend servers themselves to send e-mail out to the world. Is it even possible to use the primary frontend, or an additional back-end server at the front-end's location as a mail relay?

And secondly, can I put a directory server at every site so if internet is down, clients can still access the local directory server and active directory? (which is hosted at every site in my case)

Thank you for your answers


Theo

InterOps Storage Services - www.interops.nl
  •  
Stepan Potys (Kerio)

Messages: 86
Karma: 2
Send a private message to this user
Hi Theo,

you can not use the front end as a SMTP relay for outgoing messages but you can use one of your backends. You can even dedicate a special backend with no mailboxes on it for this purpose. Note that you will have to configure the relay on the other backends separately.

I'm not sure about your second question - what do you mean with "every site"? All servers in multi-server environment are expected to run inside a local network thus internet connection outages cannot make your directory service unavailable to your backends.

Stepan Potys
Connect Core team leader
Kerio Technologies
  •  
Bud Durland

Messages: 371
Karma: 39
Send a private message to this user
Stepan Potys (Kerio) wrote on Mon, 01 June 2015 09:33
I'm not sure about your second question - what do you mean with "every site"? All servers in multi-server environment are expected to run inside a local network thus internet connection outages cannot make your directory service unavailable to your backends.


For me, multi-site implies sites in different locations. Each has a local network, interconnected by VPNs. The VPN's use the same connectivity as my internet. What I would want to avoid is having loss of site connectivity mean loss of access to e-mail because the directory server or front -end server is inaccessible.
  •  
oehTie

Messages: 4
Karma: 0
Send a private message to this user
Hi Stepan,

Thank you for your answers. Bud has exactly the same setup I think. I have a windows domain controller at every customers office, connected to the main site in my datacentre by VPN connections. At every customer, I can put a directory server, connecting Kerio to Active Directory. If Internet fails, clients can still access their local Active Directory and mail. As soon as internet is restored, mail flow from the sites to the datacentre will resume and incomming mail will be forwarded to the sites.


A secondary or tertiary MX is no problem. A dedicated backend for this purpose is no problem.

InterOps Storage Services - www.interops.nl
  •  
Stepan Potys (Kerio)

Messages: 86
Karma: 2
Send a private message to this user
Thanks for clarification. It makes a good sense.
In case that you plan to setup a multi-server environment on more than one site using the same domain for two or more sites you will want to first configure whole multi-server against a single AD instance (for simplicity reasons) and when done, you can reconfigure backends to point at the local AD on each site. Any additional backends deployed after that will inherit the original AD settings and you will need to reconfigure them for the local AD access too.

[Updated on: Tue, 02 June 2015 19:18]


Stepan Potys
Connect Core team leader
Kerio Technologies
  •  
oehTie

Messages: 4
Karma: 0
Send a private message to this user
Thank you Stepan, this clarifies the setup.

InterOps Storage Services - www.interops.nl
  •  
Bud Durland

Messages: 371
Karma: 39
Send a private message to this user
oehTie wrote on Mon, 01 June 2015 13:43
Bud has exactly the same setup I think.


Almost; each of my sites has their own AD domain, so it looks like I will need to either put a BDC for the primary site's domain at each of the other sites, or consolidate all the AD domains into a single directory.
  •  
markus.k1985

Messages: 11
Karma: 0
Send a private message to this user
Stepan Potys (Kerio) wrote on Wed, 11 February 2015 11:19
2) your outgoing SMTP relay will be configured exactly the same as it is now. The front-end doesn't get involved."


Is there an option to use the Front-End as ougoing SMTP Relay?

I tried it. But if I set the FE Node as Relay, we produce a loop...

[Updated on: Wed, 30 September 2015 15:34]

  •  
oehTie

Messages: 4
Karma: 0
Send a private message to this user
Using a seperate outgoing smtp server, this should be solved. Right?

InterOps Storage Services - www.interops.nl
  •  
markus.k1985

Messages: 11
Karma: 0
Send a private message to this user
Sure.

But it would be nice if the Frontened Node(s) could be that server...
Previous Topic: Multi-Server Error When Provisioning First Backend
Next Topic: mysql error during deployment
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Apr 26 15:42:35 CEST 2017

Total time taken to generate the page: 0.01166 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.