Re: Postfix on different ports instead of different ip-addresses
- Wietse Venema:
> Willy Janssen:To clarify, MTAs can share IP addresses provided that they never
> > Let me explain my current setup.
> > Our current Postfix setup for outgoing e-mail uses three different
> > entries for different type of e-mail from our university. This is
> > accomplished by three different names, e.g. smtp1.example.com,
> > smtp2.example.com and smtp3.example.com, pointing to three different
> > ip-addresses. Every ip-adresses is load-balanced to two different
> > servers. Per server there are three different ip-adresses, all listening
> > on port 25. Obviously every instance has it's own Postfix configuration.
> > No rocket science so far; this works for years, and very well.
> > In the new setup, our networking department wants to get rid of the
> > three different ip-adresses per server. Instead they want to 'stack' all
> > the traffic comming from the load-balancer on one ip-address, but on
> > different ports, say 1025, 2025 and 3025. (Needless to say the three
> > different ip-adresses on the front-side of the load-balancer are being
> > continued.)
> > Most likely this setup will work, but I'm not very happy with it. It's
> > more difficult to split logging and set-up of the host-based firewall
> > (if applicable) is more difficult. The configuration of Postfix will be
> > different from the current setup so it takes more time to adjust.
> > However, all these items seem kind of 'cosmetic'. Therefor I would like
> > to know if there are more consequences of this setup. Is there a
> > technical reason which would prohibit this setup?
> The game breaker is that Postfix configuration assumes that MTA
> instances do not share IP addresses. For example, MX host lookup
> (MX loop elimination) and relay access control are based on IP
> addresses, not on TCP ports.
try to send mail to each other. This is where HTTP servers fundamentally
differ from mail servers: mail is store-and-forward, and therefore
requires loop elimination.
> Apart from that, you can run many Postfix instances on one box, and
> use syslog_name and syslog_facility to distinguish the logging of
> different Postfix instances.