Two server plus witness server in exchange 2013. The two servers named EX01 and EX02. When EX01 has the network cable disconnected the database fails over and mail continues to flow. When the network cable is disconnected from EX02, the database fails over but mail flow stops. I used the following article to set it up. http://exchangeserverpro.com/exchange-2013-client-access-server-high-availability/ I then set up DNS entries but I wonder if I made some mistakes. Here is the DNS settings starting with Go Daddy:

Zone file at Registar (go daddy)

A records
mail Public IP (cable ISP)
mail Public IP (secondary ISP)

MX
Prioity 5
Points to mail.domain.com
TTL 1 hour

TXT
Host @
TXT Value v=spf1 mx a ip4:(cable Public IP)/32 ip4:(secondary ISP Public IP)/32 ~all 1

SVR
Service _smtp
Protocal _tcp
Name @
Priority 20
Weight 20
Port 80
Target mail.domain.com
TTL 1 hour

-------------------------------------------------

DNS Records on In house DNS Servers which are 10.99.1.4 and 10.99.1.7
Forward Lookup Zones
Internal domain.com

(same as parent folder) Host (A) 10.99.1.4
(same as parent folder) Host (A) 10.99.1.7
(same as parent folder) Name Server (NS) DC4.internaldomainname.com
(same as parent folder) Name Server (NS) DC7.internaldomainname.com
DAG1 Host (A) 10.99.1.10
DC4  Host (A) 10.99.1.4
DC7  Host (A) 10.99.1.7
EX01 Host (A) 10.99.1.8 (Mail server 1)
EX02 Host (A) 10.99.1.6 (mail server 2)
mail Host (A) 10.99.1.6
mail Host (A) 10.99.1.8

External Domain.com
(same as parent folder) Mail Exchanger (MX) EX02.internaldomainname.com
(same as parent folder) Mail Exchanger (MX) EX01.internaldomainname.com
mail Host (A) 10.99.1.6
mail.Host (A) 10.99.1.8
name servers and TXT files are the same as internaldomainname.com

------------------------------------------------------

Firewall pfSense
NAT
Cable ISP Public IP translated to both EX01 and EX02
Secondary ISP Pubic IP translated to both EX01 and EX01

Thanks for any help you can provide.

If one server fails, SMTP and your users must be able to connect to the new server.  What DNS entries you change depends on how you've configured it.

In general don't user server names for services.  Use something like webmail.company.com or owa.company.com, and don't forget Autodiscover.

True high availability requires load balancing, preferably a hardware load balancer.  If your servers are separated geographically, you'll want a load balancer solution that supports that.

Hi.

DNS RR, Split DNS

1. Check name space internal and external. Config Split DNS.

2. Check CAS name connections for external and internal users. Use to test Exchange commandlet and https://testconnectivity.microsoft.com/

Example DNS

Internal.

EX02.internaldomainname.com = mail.domain.com A = 10.99.1.6

EX01.internaldomainname.com = mail.domain.com A - 10.99.1.8

EX02.internaldomainname.com = autodiscover.domain.com A  = 10.99.1.6

EX01.internaldomainname.com = autodiscover.domain.com A  = 10.99.1.8

External.

MX = mail.domain.com 10

mail.domain.com A - x.x.x.01

mail.domain.com A - x.x.x.02

autodiscover.domain.com A  = x.x.x.01

autodiscover.domain.com A  = x.x.x.02

Not all FW support ISP for SMTP, maybe only HTTP. :)

3. Witness not domain controller. 

4. Use to commandlet for test DAG and Windows Cl

Hi Ron,

According to your post, I understand mail flow stops after EX02  failed, however everything works properly when EX01 fail down.
If I misunderstand your concern, please do not hesitate to let me know.

Please run Get-DatabaseAvailabilityGroup DAG -Status | FL to check the status of DAG, meanwhile run Test-ReplicationHealth to check all aspects of the replication and replay status, providing you with a complete overview of a Mailbox server in a DAG.
If theres any error message, please resolve it first.

We need to ensure the cluster resources has been moved to the other surviving node or not and also please check the databases has been mounted on the that node.

Thanks