Symantec - How to Stretch LAN to WAN with Symantec Continuous Availability Installed

Follow

Summary

This Knowledge Base article provides the procedure stretch a Continuous Availability LAN environment to a WAN by relocating the Secondary server.


More Information

Symantec Continuous Availability provides for a simple transition from a LAN implementation to a WAN implementation allowing the Secondary server to be relocated to a distant location for both operational and data security reasons.


Procedure

Technical Prerequisites

  1. Continuous Availability must be installed in an Active Directory Integrated DNS environment.
  2. Run Continuous Availability Data Collector for 24 hours to measure the actual and required bandwidth across the proposed WAN link.
  3. Verify that at least one Domain Controller at the WAN site is configured as a Global Catalog.
  4. The Continuous Availability server must be a member of the domain.
  5. Verify that at least one DNS server is configured at the remote Disaster Recovery (DR) site.
  6. Configure hardware routers appropriately, so that Principal (Public) and Symantec Channel traffic is routable across your WAN. Ensure that the WAN-link is operational and that there are NO networking issues.

    Note: Symantec recommends configuring channel and Principal (Public) IP addresses in different subnets. If this is not possible, you must implement static routes. You should:
    1. Ping successfully.
    2. Have the IP addressing schema finalized (Principal (Public)/channel IP address of Secondary server at the Disaster Recovery (DR) location).
    3. Open the required firewall ports (default Continuous Availability ports are 52267 and 57348 ).

Note: On Windows Server 2008, the Routing and Remote Access service (RRAS) has a dependency on the HTTP service. When the IIS service is installed on a Continuous Availability pair and the IIS plug-in is installed, the plug-in will stop the HTTP service on the Secondary server causing the Routing and Remote Access (RRAS) service to stop resulting in the Symantec Channel dropping. To resolve this issue, use the ROUTE ADD command from the command shell as shown below:

  1. Open a command window by navigating to Start > Run , type CMD and click OK .
  2. From the command prompt type:

    ROUTE ADD [DestinationIPAddress] MASK [netmask] [Gateway] METRIC [metric] IF [Interface] -p

    EXAMPLE: ROUTE ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2 -p
  3. Close the command window .

LAN to WAN Stretch Process

  1. Add the Domain Admin account to Continuous Availability.
    1. Login to the Continuous Availability 2011 Management Client.
    2. Select the Applications: Tasks tab.
    3. Select Continuous Availability .
    4. Click User Accounts , click Add , and enter the Domain Admin account details.
    5. Click OK and click Close .
  2. Using the Continuous Availability 2011 Management Client, shutdown Continuous Availability  but leave all protected applications running.
  3. On the Secondary server with Continuous Availability stopped, unplug both the Principal (Public) network cable and Symantec Channel network cables.
  4. On the Secondary server, change the Principal (Public) IP address to be the correct Principal (Public) WAN IP address, default gateway, and subnet mask. The Principal (Public) IP should be set according to the local site IP schema. The Preferred DNS Server must point to a machine that is local to the Secondary server Disaster Recovery (DR) site. In Network Card Properties , clear the Register this connection’s address in DNS check box.
  5. On the Secondary server, ensure that the Principal (Public) NIC is listed first in Network & Dial-up Connections > Advanced Settings dialog.
  6. On the Secondary server, change the Symantec Channel IP address to be the correct Symantec Channel WAN IP address. Ensure NetBIOS is disabled. In Network Card Properties , clear the Register this connection’s address in DNS check box.
  7. On the Primary server, change the Symantec Channel IP address to be the correct Symantec Channel WAN IP address. Ensure NetBIOS is disabled. In Network Card Properties , clear the Register this connection’s address in DNS check box.
  8. On both the Primary and Secondary servers, ensure that the Principal (Public) NIC is listed first in Network & Dial-up Connections > Advanced Settings dialog.
  9. On the Secondary server, from the Symantec Continuous Availability system tray icon, run the Configure Server wizard. Open the Public tab and change the Principal (Public) WAN IP address. Open the Channel tab and change the IP address of the Primary and Secondary servers’ Symantec Channel IP addresses to the corresponding Symantec Channel WAN IP addresses, and then click Finish .
  10. On the Primary server, from the Symantec Continuous Availability system tray icon, run the Configure Server wizard. Open the Channel tab and change the Primary and Secondary servers’ Symantec Channel IP addresses to the corresponding Symantec Channel WAN IP addresses, and then click Finish .
  11. On the Primary server, open the Principal (Public) network connection properties and clear the Register this connection’s address in DNS check box, and then click Close.

    Note:
    Step 12 must be performed immediately otherwise the client will not be able to connect to the Primary server.
  12. On all DNS servers, manually add a Host (A) record and reverse pointer record for the Primary server address. Confirm that all clients are able to connect to the Primary server.
  13. On the Secondary server, set the Continuous Availability Server service to Manual . Power down and relocate the Secondary server to the remote DR site.
  14. On the Secondary server (now at the remote DR site) connect the Principal (Public) and Symantec Channel network cables and power up.
  15. On the Primary server, add a persistent route for the Secondary server’s Symantec Channel connection.

    Note: In a WAN implementation, persistent routes for Symantec Channel communications must be added to both Primary and Secondary servers. The persistent routes ensure that any communication with the Symantec Channel network is in fact established via the physical Symantec Channel NICs.

    To add persistent routes:
    1. Open Routing and Remote Access from Administrative Tools .
    2. Select the server name, then from the Action menu select Configure and Enable Routing and Remote Access to launch the configuration wizard.
    3. Select Custom Configuration > LAN routing and verify that the RRAS service is started.
    4. Select the server again, navigate to IP Routing and select Static Routes .
    5. From the Action menu select New Static Route .
    6. From the dropdown, select the channel interface and enter the destination Symantec Channel IP followed by the mask 255.255.255.255 and the source machine gateway.
    7. Test the channel routing using the following command to ensure that all the packets will be sent using the Symantec Channel IP and not the Principal (Public) IP.

      pathping -n Channel_IP

      Note: For a trouble free WAN implementation, Symantec recommends using RRAS for implementing static routes. Avoid using the interface ID when creating static routes using the route command because the interface ID is dynamic and increments each time a server is restarted or a NIC is disabled/enabled, and this change will make the route invalid.
  16. On the Secondary server, add a persistent route for the Primary server’s Symantec Channel connection using the instructions above.
  17. On the Primary server, confirm that the server can route the packets correctly to the Secondary server Symantec Channel address using the pathping command.
  18. On the Secondary server, confirm that the server can route the packets correctly to the Primary server Symantec Channel address using the pathping command.
  19. On the Primary server, enable the Compression Manager:
    1. In a command prompt window, browse to the Symantec Continuous Availability installation directory, under C:\Program Files\Symantec\Continuous Availability\R2\bin .
    2. Type the following command (case-sensitive):

      nfconfigtool SetIsLowBandwidth PRIMARY SECONDARY true
    3. Close the command prompt window.
  20. On the Secondary server, enable the Compression Manager:
    1. In a command prompt window, browse to the Symantec Continuous Availability installation directory, under C:\Program Files\Symantec\Continuous Availability\R2\bin .
    2. Type the following command (case-sensitive):

      nfconfigtool SetIsLowBandwidth PRIMARY SECONDARY true
    3. Close the command prompt window
  21. On the Primary server, using the Symantec Continuous Availability system tray icon, select Start Symantec Continuous Availability.
  22. On the Primary server, update the Server Monitoring ping routing configuration:
    1. In the Continuous Availability 2011 Management Client, select Server: Monitoring .
    2. Click Configure Pings .
    3. Select the Ping Routing tab.
    4. Update the Primary and Secondary IP addresses to match the new IP scheme implemented in the steps above. Update both the Ping From and Ping To fields.
  23. On the Primary Server, add two Network Configuration tasks that execute the example below, as follows:

    Note: By default, DNSUpdate requires DNS to be integrated into Active Directory. If this is not the case, please see Continuous Availability REFID - 2179 How to Configure DNS With Symantec Continuous Availability in a WAN Environment .
    1. For the Primary server, select Primary radio button.

      DNSUpdate -auto
    2. Click Run As and select from the menu the Domain Account previously configured in the User Accounts dialog.
    3. For the Secondary server, select Secondary radio button.

      DNSUpdate -auto
    4. Click on Run As and select the Domain Account previously configured in the User Accounts dialog.
  24. On the Server: Monitoring tab, click Configure Pings , select the Ping Routing tab, edit Primary to Secondary and Secondary to Primary sections to update these with the new Symantec Channel IPs, and then click OK .
  25. Select the Server: Monitoring page, click Configure Failover and clear the first two items in the list, and then click OK .
  26. Select the Network tab and click Configure Pings.
  27. Select the Ping Routing tab, and in the Ping targets from Primary server section, update Target 3 . (By default, Continuous Availability uses the first DNS server configured in the TCP/IP Properties of the Secondary for Target 3.)
  28. Update the Ping targets from Secondary server section with site appropriate targets. (By default Continuous Availability uses the Gateway IP used in RRAS when the static route for this server was configured for Target 1, the first DNS server configured in TCP/IP Properties of the Secondary for Target 2, and the first DNS server configured in the TCP/IP Properties of the Primary for Target 3.)
  29. On the Secondary server, set the Continuous Availability Server service back to Automatic . Right-click the Symantec Continuous Availability system tray icon, select Start Symantec Continuous Availability .
  30. Allow the initial synchronization process to complete.
  31. Follow the Acceptance Verification section of the Symantec Continuous Availability 2011 Quick Start Guide .

Applies To

Symantec Continuous Availability 2011


Related Information

Continuous Availability REFID-2164

KBID-2164

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.