On Thu, Jan 02, 2003 at 12:18:30PM -0800, Kenneth Maupin wrote:
> Hi,
>
> We're designing a new mail system which sits behind a load balancer.
> One component of this system is a set of hosts dedicated to queuing
> mail for domains to which we offer secondary MX. Our intent is to use
> the load balancer to present a single routable IP address to the
> outside world regardless of how many hosts reside behind it. The
> queuing hosts are configured with non-routable IP addresses visible to
> the load balancer only. Domains for which we offer secondary MX will
> refer to the routable address in their MX records. When the primary
> MX host is down, mail will wait on our queuing hosts until the primary
> comes back up.
...
> We're trying to determine the correct Postfix configuration for this
> network design. In our experiments, mail sent to domain.com arrives
> on one of the MX queuing hosts as expected if smtp.domain.com is down,
> but Postfix immediately tries to redeliver it to
> mxqueue.easystreet.com because it doesn't realize that it is acting as
> mxqueue.easystreet.com. The result is a mail loop.
 
This was my predicted behavior, then confirmed by experiments. You are
on the right track in your thinking and testing.

> Our question is this: can Postfix be configured into thinking it
> should queue mail as if it is mxqueue.easystreet.com despite the host
> having no network interfaces configured with this name? Adding
> mxqueue.easystreet.com to $mydestination has no apparent effect.

SOLUTION:

Having just been down that *exact* road, for nearly identical reasons,
you have two options:

* Upgrade to Postfix 2.0 and use the proxy_interfaces feature.

* Under Postfix 1.1.x, bind the routable (virtual) IP address as a
  non-arped interface to the loopback on each of the real servers, and
  use the "inet_interfaces = all" setting in Postfix main.cf. This
  causes Postfix to recognize that the address belongs to it, and not
  try to forward mail there.

  This may be a kludge, but it works great and will solve your problems
until you are ready to upgrade. We were in the process of
transitioning some of our Postfix servers to a more complex virtual
domains configuration, and chose not to confuse things with an upgrade
at this time; we will upgrade once our new configuration is running
stably.

  -- Clifton

-- 
     Clifton Royston  --  LavaNet Systems Architect --  cliftonrlava.net
  "If you ride fast enough, the Specialist can't catch you."
  "What's the Specialist?" Samantha says. 
  "The Specialist wears a hat," says the babysitter. "The hat makes noises."
  She doesn't say anything else.  
                      Kelly Link, _The Specialist's Hat_

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]