Mirror Setup

Mirroring the server - What is mirroring.

The SurgeMail 'Mirror' system allows you to link two systems together and read or deliver Email to either system and both systems will continually 'match' each other.

Features:

  • A live backup of your system ready to use in the case of failure.
  • Geographic backup (the mirror can be in a different location)
  • Also perfect for 'moving' the server to another system with zero down time.

Mirroring will work over a LAN or WAN connection and can be encrypted. Unlike using shared NFS drives there is no single point of failure in a SurgeMail Mirrored system so you have genuine fail over capability.

Do not run a load balancer in front of your mirror, it's better that users actually connect consistently to one system or the other.

How to enable it.

Install surgemail on the mirror system.

Turn on the mirror settings on both servers, set mode to "primary" ('master' prior to version 7.7) on the main system, and 'secondary" on the second system. Make the mirror passwords match, and set each mirror_host to point to the other system.

Issue these commands on the Primary:

  • tellmail reload
  • tellmail resync_config
  • tellmail resync_nwauth
  • tellmail resync
  • tellmail resync_mkdir
  • tellmail resync_folder train
  • tellmail resync_folder lets
  • tellmail resync_folder dlist

Optional things to sync:

  • tellmail resync_archive (legal archive feature)
  • tellmail resync_att (detached attachments feature)

How to check mirroring is complete

  • tellmail mirror_analyze (this works with recent versions only)
  • Alternatively,
    • check user counts match (tellmail find "*") or search for users in the admin tool
    • check resync status by doing a second tellmail resync and checking it doesn't resend a huge amount of messages, examine tellmail mirror_status
    • try logging into a couple of test accounts, and compare the number of messages in a mailbox.

Example settings you need to add

Server 1: ip 10.0.0.1 (primary)

g_mirror_nossl "TRUE"
g_mirror_mode "primary" ("master" prior to 7.6u)
g_mirror_host "10.0.0.2"
g_mirror_secret "testing"
g_mirror_config "true" 
g_mirror_live "true" 
g_mirror_repair "true" (auto repair once a month)

Server 2: ip 10.0.0.2 (secondary)

g_mirror_nossl "TRUE"
g_mirror_mode "secondary" (previously "slave")
g_mirror_host "10.0.0.1"
g_mirror_secret "testing"
g_mirror_config "true"
g_mirror_live "true"

Recovery procedure:

  • After brief failure 24 hours - just reconnect and run tellmail resync from the 'good' system (that wasn't down)
  • After several days - Set the working system to 'primary' and the other system to 'secondary', then reconnect, and run the command tellmail resync_prune on the master.
  • From a clean/wiped disk. Set the working system to 'primary' and the wiped system to 'secondary' and run a resync_config and resync on the master.

Remove the settings 'g_mirror_repair "true"' from both systems before reconnecting them, as it could wipe live data if it's on the broken/repaired system!!!

How does the mirror takeover automatically?

Simply put, it doesn't, unless you set it up that way. It's a live running backup. If the mirror system is configured correctly you can just use it while the master is down, here are the key points:

For 'incoming' email it requires that port 25 is open on the slave, and that you have it listed as a secondary mx host for your domain. e.g.

xxxx.com MX preference = 10, mail exchanger = mail.xxxx.com
xxxx.com MX preference = 20, mail exchanger = mail2.xxxx.com

For 'user access' the users can either connect using the mail servers ip or name, e.g.

https://mail2.xxxx.com/surgeweb

Or the users email client can be pointed at 'mail2.xxxx.com'

Or you can update your DNS entries such that 'mail.xxxx.com' now points to the ip address of the 'SLAVE' while the master is down.

Or you can change the ip address of the SLAVE so it is the same as the MASTER, this is only possible if both servers are on the same subnet!

Or you can use a fancy router to connect the ip address to the new backend system. (the mirror)

How to swap master/slave

Make a backup of nwauth.txt and nwauth.add and surgemail.ini from the master.

On the master: (before swapping)

  • tellmail resync_config
  • tellmail resync_nwauth
  • tellmail resync_prune
  • tellmail mirror_status (wait until resync finishes. a few hours)

Then on both systems.

  • stop both
  • swap master/slave settings and restart.

On the 'new' master: (after swapping)

  • tellmail resync_config
  • tellmail resync_nwauth
  • (this is required to tell the new master that it really is the master)...

Notes FAQ

  • When moving a server, mirror from the PRIMARY to the new server, not from the current mirror if possible. If you are going from the current mirror first run the checks on it to be sure it's complete as above.
  • If you are running an OLD version of surgemail you MUST use the words 'Master/slave' rather than the new 'primary/secondary' settings!
  • Mirroring uses port 110 to communicate, make sure that is open in your firewall between primary/secondary in both directions.
Was this article helpful?

Related Articles