Consultants Corner: Opening the Doors to GWIA High Availability
Novell Cool Solutions: Feature
By Gregg Hinchman
Digg This -
Posted: 20 Feb 2007
Consultants Corner: Opening the Doors to GWIA High Availability
"Keep your eyes on the road, your hand upon the wheel." That's good advice, whether driving or administering a GroupWise system. I remember my 7th birthday and opening my gifts - a cassette tape recorder and The Doors first album, on tape. Definitely not the kind of music 7-year-olds listen to these days. But hey, I am open to most any kind of music. And just as the Doors opened up my mind, I hope this article can open yours to building a more highly available GWIA for your GroupWise system.
Did you know that with GroupWise 7 a couple new features were added to GWIA that expand its functionality and increase its potential for availability? Yes, it's true! The first of these is the 'Bind Exclusively' box. Now to be fair, this box exists on all GroupWise 7 agents - but for GWIA it has special meaning.
Bind Me Up, Scotty
The 'Bind Exclusively' check box found in the Agents Properties > GroupWise tab > Network Settings window contains the agent to one IP address. In short, it forces the Agent to ONLY listen for its ports on its specifically assigned IP address. In previous versions, if you did not use the /ip switch in the agent configuration file, the GroupWise agent would just load up and look for all ports assigned to it on all IP addresses on the server it was running upon. Ouch! That can and did cause issues. But even with the /ip switch, the GWIA would still listen for port 25 (SMTP) on all IP addresses on the server it was running upon. That's an even bigger problem when in failover mode in a clustered environment. Luckily for us, this issue was resolved as the 'Bind Exclusively' box was added to GroupWise 7 service pack 1. (GWIA did not do so well with GroupWise 7.0, so I do not discuss it here.)
Figure 1: Properties of GWIA -Enable Message Transfer Port, HTTP port and "Bind Exclusive"
I "Auto Fail Over" and See You Sometime ...
The second feature is what makes GroupWise 7 GWIA highly available. It's the "auto failover of e-mail" feature (not its real name, but that's what I call it). It's called 'Alternate Internet Agent for Outbound'. And like its name, it allows you to set up a secondary (or alternate) GWIA for outbound e-mail. Why do you need this? Well, let's say you have just one GWIA, and for whatever reason its not working. No one in your organization can successfully send outbound e-mail til you get it working. Wouldn't it be nice to not have such pressure in your day? Or, wouldn't it be nice to upgrade a GWIA in the middle of the day without affecting outbound traffic?
Here's how it works.
The TCP port in GroupWise 7 GWIA allows for failover of outbound SMTP traffic. Once the port is enabled, all post office domains will have the ability to choose an "Alternate Internet Agent for Outbound SMTP/MIME messages". This allows an organization to have two GWIA's active and running to service outbound messages. Best practice is to have each GWIA within its own domain. So if you have two GWIA's, each will have its own domain. Once the TCP port is enabled, the parent domain of one GWIA will now know about the second GWIA. The primary GWIA for outbound messages (set in ConsoleOne Tools > GroupWise System Operations > Internet Addressing) will always be checked first. However, if the primary GWIA is down, then the primary parent domain MTA will redirect all outbound messages to the secondary GWIA. This will continue until the first GWIA is back up and running, in which case it will take over, and the secondary will stop processing outbound messages. This is definitely a desired and well-received feature enhancement!
Here is how to configure it:
1. In the GWIA object under the GroupWise > Network tab, enable the TCP port and the HTTP port. Both ports add value to GWIA.
2. Make sure to check the "Bind Exclusively to TCP/IP Address" box.
As I stated earlier, this little check box ensures the GWIA will only listen on the 'assigned' IP address for all ports. This is important in clustering if you have multiple GWIA's that may fail over to the same cluster node. And if you have a stand-alone environment and want to run two GWIA's on the same box, you can do so without each trying to use the other's SMTP port 25. This assumes you have two separate IP addresses bound to the stand-alone server, of course.
The second part to configuring redundant GWIA's is to configure all the post office domains.
1. In ConsoleOne, open the Properties of the post office domain.
2. Click the GroupWise > Internet Addressing tab.
3. Use the slider bar on the right side to go all the way down to the bottom of the tab where you will notice the "Alternate Internet Agent for Outbound SMTP/MIME messages" feature. If you have two GWIA's and you have enabled the TCP port on both you will see both displayed in the drop down pick list.
4. Choose the GWIA that is not listed in the "Internet Agent for Outbound SMTP/MIME messages" box just above the "Alternate" pick list. See Figure 2 below.
Figure 2: Post Office Domain Properties -Internet Addressing Tab "Alternate Internet Agent for Outbound SMTP/MIME messages"
Now let's go a bit further.
Since we already have two GWIA's fully configured, let's look at the other items that require a bit of "love" for a fully redundant design. Where does your GWIA send/receive messages to/from? Directly to the Internet? Or is there an anti-spam/virus device between the GWIA(s) and the Internet? For your sake, I hope the second option is the one you have in place.
Anyway, configure your GWIA(s) to point to your anti-spam/virus devices or to the Internet as you usually would. Verify that each can send outbound. This is done by simply taking down each GWIA individually, sending an email and watching to see it deliver. (Or, you can turn off the SMTP threads on each GWIA as you test.) So, both GWIA's can send outbound. Good. But how do you get both to receive inbound?
Easy. Set up separate MX records, one for each GWIA. Like so:
Then use MX weighting to direct DNS to send inbound email. You might give GWIA1 a weight of 10 and GWIA2 a weight of 20. If the ISP (or anti-spam/virus device) cannot send to GWIA1 because it's down, it will auto-magically fail over to GWIA2 for inbound. See TID 10084245 for a bit more on this.
And for fun, you might consider GWIA1 as the primary for inbound and GWIA2 the primary for outbound - or vice versa. This prevents all in/out bound email from flowing through one GWIA. Take a look at Figure 3 for an example of an advanced GWIA design.
Figure 3: Advanced GWIA Design - TCP set up for "Alternate" GWIA failover, and external IMAP configured on both GWIA's
As you can see, GroupWise 7 GWIA is "not your father's Oldsmobile." There are two great new features that truly do expand the availability of GWIA and ultimately ease the administering of it. So with a highly available implementation of GWIA, you will say "Yeah, we're going to the roadhouse, we're going to have a real good time" this weekend.
As always, I can be reached at Gregg@HinchmanConsulting.com, if you have any comments or article ideas, or just want to help a quirky consultant support his GroupWise habit.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com