One ip address for two separate servers

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Kamel
Posts: 2
Joined: Wed Dec 20, 2017 9:02 am

One ip address for two separate servers

Postby Kamel » Wed Dec 20, 2017 9:37 am

Hi Admins,

I was wondering if you could advise me how to install and maintain two separate mail servers (to have the config like this: one domain per server) under one public ip address. I mean (desired config), to have two zimbra servers behind nat to hosting 2 independent domains.

Does it something that the reverse proxy like nginx support, any ideas? If not, is it possible to achieve this by implementing any other service (relay agent)?

Thank you in advance.


Kamel
Posts: 2
Joined: Wed Dec 20, 2017 9:02 am

Re: One ip address for two separate servers

Postby Kamel » Mon Jan 08, 2018 7:26 pm

hey admins,

unfortunately, no one so far has decided to answer my question, perhaps after providing more details some of you is going to help me to figure out how this be accomplished.
Starting from the beginning, what i would like to achieve is to get two separate / independent zimbra mail servers (with its own mail, ldap, mta) serving two separate domains respectively:

server1
IP: 192.168.0.10
hosname: mail.domain.net
zimbra domain: domain.net

server1
IP: 192.168.0.11
hosname: mail.domain.com
zimbra domain: domain.com

i am going to hide them behind nat and make them available under one IP / domain name:

proxy server:
ip: internet adress
hostname: mail.proxy.net

now, depending upon which domain i am connecting to (authorization) i want to be redirected to the proper server - the same should be done for incoming emails.

Is it possible to achieve this using the biuld-in nginx or any other proxy server / servive?
I have also reviewed nginx documentation (especially about ngx_mail_core_module) but still i do have nothing.

I was able to make just one case with two mailbox servers (to manage users separately) under one server hosting ldap and proxy services respectively (like here: https://wiki.zimbra.com/wiki/Enabling_Z ... _memcached). Unfortunately the configuration is somehow dependent on mailbox server 1 because each time when i stopped the first mailbox server it was impacting the proxy making the second server unavailable (access through the proxy server). I thought that having two mailbox servers defined as upstream collection will be redirecting requests to a working server. The weird thing is when the mailbox server 1 is up and mailbox 2 is down everything works fine for accounts that i created on the mailbox server 1. Can you help me understand how does it should work and what did i make wrong?
User avatar
L. Mark Stone
Elite member
Elite member
Posts: 1590
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine
ZCS/ZD Version: 8.6.0 Patch 8
Contact:

Re: One ip address for two separate servers

Postby L. Mark Stone » Mon Jan 08, 2018 9:15 pm

Zimbra includes nginx proxy and supports virtual hosts, multiple domains and multiple servers out of the box.

So yes, what you want to accomplish is no problem, but not exactly the way you describe (because you will leverage the proxy to use the one IP address for multiple domains and virtual hosts).

The Zimbra Proxy relies on a random mailbox server to paint the login page, so if a mailbox server is down (and you have four mailbox servers), 25% of the time a new user going to log in will get a proxy error. Once the user enters his/her credentials on the login page, the proxy redirects traffic to the user's proper mailbox server.

Hope that helps,
Mark
________________________________________________
L. Mark Stone, General Manager
reliable networks, a Division of OTT Communications
HIPAA-Compliant Zimbra Hosting Provider since 2006 http://www.reliablenetworks.com
Zeta Alliancehttp://www.zetalliance.org/
User avatar
msquadrat
Advanced member
Advanced member
Posts: 116
Joined: Mon Oct 14, 2013 10:09 am

Re: One ip address for two separate servers

Postby msquadrat » Tue Jan 09, 2018 8:27 am

L. Mark Stone wrote:Zimbra includes nginx proxy and supports virtual hosts, multiple domains and multiple servers out of the box.

So yes, what you want to accomplish is no problem, but not exactly the way you describe (because you will leverage the proxy to use the one IP address for multiple domains and virtual hosts).

The Zimbra Proxy relies on a random mailbox server to paint the login page, so if a mailbox server is down (and you have four mailbox servers), 25% of the time a new user going to log in will get a proxy error. Once the user enters his/her credentials on the login page, the proxy redirects traffic to the user's proper mailbox server.


There is a way to fix this issue, at least for the login page: Set zimbraReverseProxyUpstreamServers on each server to the name of the server itself:

Code: Select all

zmprov ms $(zmhostname) zimbraReverseProxyUpstreamServers $(zmhostname)
zmproxyctl restart


Now the login page will be rendered only by the server where the nginx reverse proxy is running on. There is another attribute I can't remmeber right now to make it use the memcached on the listed servers only which should be set as well (and memcached installed on all nodes).

There is one case where you still might run into issues though: This only affects the login page but not-yet-authenticated requests against eq. the /service/ endpoint will still use the old round-robin approach. I've got some half-finished patches for nginx to make it use the zimbraReverseProxyUpstreamServers, maybe the behaviour will change in the future if I find time to finish them.

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 10 guests