Preparing passthru servers
Install and set up at least one Domino® server to be used as a passthru server through which the service connects to servers in your on-premises hub domain.
About this task
- To provide failover, install and set up two servers. If the service is unable to connect to one server, it tries the other. After the service is successful in connecting to one server, it continues to use it as long as it remains available. If a server becomes unavailable, the service attempts to connect to the other server, and if successful, then continues to use that server as long as it is available. The service does not use Domino cluster failover.
- Passthru servers handle the transfer of network packets and do not perform mail routing or replication. As such, they do not require significant disk space or processing speed.
- For security reasons, do not set up passthru servers in the on-premises hub domain that holds your directory synchronization servers and mail hub servers. Instead, install and set up the servers in a new unique Domino domain. The servers can be in separate unique domains.
- For optimum security, configure your corporate firewalls so that connections to the passthru servers occur in your corporate demilitarized zone.
- A passthru server must be certified under the same parent organization
certifier as the following servers:
- Directory synchronization servers in the on-premises hub domain
- Mail hub servers in the on-premises hub domain
- Your mail servers in the service
- For the fastest response time for connections from the service, install Domino 8.5.2 or later servers. To optimize passthru server performance, Domino 8.5.2 provides the notes.ini setting passthru_connect_wait=1. This setting is useful for improving the response time when service users request the free time of on-premises users. The Domain Configuration tool enables this setting on the Domino 8.5.2 passthru servers for you.
- Public key checking should not be enforced on the passthru servers. Public key checking, which is controlled through the Compare public keys field in the Security tab of the Server document, is disabled on Domino servers by default.
Procedure
What to do next
Record the Domino hierarchical name, DNS host name (recommended) or IP address, and Domino domain name of each passthru server. You provide this information later when you configure the service.