[K12OSN] Moving our email server

Jim Kronebusch jim at winonacotter.org
Fri Jan 5 14:29:04 UTC 2007


On Fri, 5 Jan 2007 08:37:10 -0500 (EST), mrok12osn wrote
> In the near future, I am going to need to move our email server from 
> one ISP (Cox Cable) to another (CEN - Connecticut Education Network) 
> and I have never done this before.  Our email server is FC5 (postfix)
>  built from the K12LTSP CD's.
> 
> I'm wondering whether I can just put a second ethernet card in the email
> server so both ISP's IP addresses (old and new) are active, update
> iptables, and then notify the ISP that maintains our DNS pointers to
> repoint to the new IP address.  Then after a couple of days, I can just
> shutdown the old IP address.
> 
> Will this work?  Are there any issue with postfix?  Any help or
> suggestions are appreciated.

Judging by the other responses I may be reading this question wrong.  The way
I read it is that your server will basically be stationary and you'll simply
be bringing a new internet connection into your server room at the same time
as your old one, then phase the old one out once your sure your new connection
is completely operational.

I have found in the past that 2 network cards on different internet
connections can make things get a little stupid.  Instead, every time I make a
move like this I simply lower my DNS TTL to 1 hour.  That way the maximum time
your DNS will take to renew after the change is an hour.  Then I look through
all of my configuration files to be sure that either they reference eth0 or
localhost or 127.0.0.1 and then quickly note which ones reference my actual
external IP.  Don't forget to look through your webmail conf, your php conf,
sql conf, or any other confs that Postfix may be calling on.  They will all
need to be updated.  Once you have a list of which confs need the IP change
you can make the switch in a matter of minutes.

I basically go off the fact that any mail server trying to send to my server
has a retry queue.  I figure if my server is down for 30 minutes or so, I
still won't miss any messages because the sending server will continue to
retry, and if for some reason I am not back up in time, at least the sender
will get a failure notice (though they never seem to understand them :-).

So once I have both connections, I shut down postfix, make my DNS changes, run
through all noted configs and change the IP, switch the Internet connections,
change the servers IP, then reboot.  If I really want to speed up local
activity (since that is where most of our customers reside) I call our local
IP and ask them to refresh their DNS (we have a home grown ISP here so they
are easy to talk into things).

With that sequence everyone should be back on the server within an hour max
with no messages lost.  If you really want to try and shorten things up.  Make
your TTL change a week ahead of time.  Then you know the whole world is on a 1
hour max TTL when you make the change.  Then make your DNS changes about 30
minutes before the shutdown and switch.  That will almost ensure you a maximum
downtime of 30 minutes.  And if a couple sending servers get your new IP 15
minutes early or something, since there is no server present yet it should
just go in a retry queue and come through once you get things running.  Couple
all of that and make your changes at 2am or something and about the only email
you may loose is some SPAM.

I am sure this is not the "PROPER" way to make the changes, but it works for me.

-- 
This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.




More information about the K12OSN mailing list