How to Stretch LAN to WAN in Neverfail IT Continuity Engine in a Primary - Secondary Configuration

Follow

Summary

This Knowledgebase article describes how to stretch a Neverfail IT Continuity Engine LAN environment to a WAN by relocating the Secondary server.


More Information

Neverfail Engine provides for a simple transition from a LAN implementation to a WAN implementation allowing the Secondary server to be relocated to a distant location for both operational and data security reasons.


Procedure

Technical Prerequisites

  1. Neverfail Engine must be installed in an Active Directory Integrated DNS environment.
  2. Run SCOPE for 24 hours to measure the actual and required bandwidth across the proposed WAN link.
  3. Verify that at least one Domain Controller at the WAN site is configured as a Global Catalog.
  4. The Neverfail Engine server must be a member of the domain.
  5. Verify that at least one DNS server is configured at the remote Disaster Recovery (DR) site.
  6. Configure hardware routers appropriately, so that principal (public) and channel traffic is routable across your WAN. Ensure that the WAN-link is operational and that there are NO networking issues.

    Note: It is recommended that you configure the channel and principal (public) IP addresses in different subnets. If this is not possible, you will have to implement static routes. You should:
    1. Ping successfully.
    2. Have the IP addressing schema finalized (principal (public)/channel IP address of Secondary server at the Disaster Recovery (DR) location).
    3. Open the required firewall ports (default Neverfail ports are 52267 and 57348 ).

Note: On Windows Server 2008, the Routing and Remote Access service (RRAS) has a dependency on the HTTP service. When the IIS service is installed on a Neverfail Engine pair and Neverfail for IIS is installed, the plug-in will stop the HTTP service on the Secondary server causing the Routing and Remote Access (RRAS) service to stop resulting in the channel dropping. To resolve this issue, use the ROUTE ADD command from the command shell as shown below:

  1. Open a command window by navigating to Start > Run , type CMD and click OK .
  2. From the command prompt type:

    ROUTE ADD [DestinationIPAddress] MASK [netmask] [Gateway] METRIC [metric] IF [Interface] -p

    Example: ROUTE ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2 -p

  3. Close the command window .

LAN to WAN Stretch Process

  1. Add the Domain Admin account to Neverfail Engine.
    1. Login to the Neverfail Advanced Client.
    2. Click Application .
    3. Open the Tasks tab and highlight Neverfail Engine .
    4. Click User Accounts... , click Add , and enter the Domain Admin account details.
    5. Click OK and click Close .
  2. Using the Neverfail Advanced Client, shutdown Neverfail Engine but leave all protected applications running.
  3. On the Secondary server with Neverfail Engine stopped, unplug both the principal (public) network cable and Neverfail Channel network cable(s).
  4. On the Secondary server, change the principal (public) IP address to be the correct principal (public) WAN IP address, default gateway, and subnet mask. The principal (public) IP should be set according to the local site IP schema. The Preferred DNS Server must point to a machine that is local to the Secondary server DR site. In Network Card Properties , uncheck Register this connection’s address in DNS .
  5. On the Secondary server, ensure that the principal (public) NIC is listed first in Network & Dial-up Connections , Advanced Settings .
  6. On the Secondary server, change the channel IP address to be the correct channel WAN IP address. Ensure NetBIOS is disabled. In Network Card Properties , uncheck Register this connection’s address in DNS .
  7. On the Primary server, change the channel IP address to be the correct channel WAN IP address. Ensure NetBIOS is disabled. In Network Card Properties , uncheck Register this connection’s address in DNS .
  8. On both the Primary and Secondary servers, ensure that the principal (public) NIC is listed first in Network & Dial-up Connections, Advanced Settings .
  9. On the Secondary server, from the Neverfail Engine system tray icon, run the Configure Server wizard. Open the Public tab and change the principal (public) WAN IP address. Open the Channel tab and change the IP address of the Primary and Secondary servers’ channel IP addresses to the corresponding channel WAN IP addresses. Click Finish .
  10. On the Primary server, from the Neverfail Engine system tray icon, run the Configure Server wizard. Open the Channel tab and change the Primary and Secondary servers’ channel IP addresses to the corresponding channel WAN IP addresses. Click Finish .
  11. On the Primary server, open the principal (public) network connection properties and uncheck Register this connection’s address in DNS . Click Close.

    Note:
    Step 12 must be performed immediately otherwise the client will not be able to connect to the Primary server.
  12. On all DNS servers, manually add a Host (A) record and reverse pointer record for the Primary server address. Confirm that all clients are able to connect to the Primary server.
  13. On the Secondary server, set the Neverfail R2 Server service to Manual . Power down and relocate the Secondary server to the remote DR site.
  14. On the Secondary server (now at the remote DR site) connect the principal (public) and channel network cables and power up.
  15. On the Primary server, add a persistent route for the Secondary server’s channel connection.

    Note: In a WAN implementation, persistent routes for channel communications must be added to both Primary and Secondary servers. The persistent routes ensure that any communication with the channel network is in fact established via the physical channel NICs.

    To add persistent routes:
    1. Open Routing and Remote Access from Administrative Tools .
    2. Select the server name, then from the Action menu select Configure and Enable Routing and Remote Access to launch the configuration wizard.
    3. Select Custom Configuration > LAN routing and verify that the RRAS service is started.
    4. Select the server again, navigate to IP Routing and select Static Routes .
    5. From the Action menu select New Static Route .
    6. From the dropdown, select the channel interface and enter the destination channel IP followed by the mask 255.255.255.255 and the source machine gateway.
    7. Test the channel routing using the following command to ensure that all the packets will be sent using the channel IP and not the principal (public) IP.

      pathping -n Channel_IP

      Note: For a trouble free WAN implementation, it is recommended that you use RRAS for implementing static routes. Avoid using the interface ID when creating static routes using the “route” command because the interface ID is dynamic and increments each time a server is restarted or a NIC is disabled/enabled, and this change will make the route invalid.
  16. On the Secondary server, add a persistent route for the Primary server’s channel connection using the instructions above.
  17. On the Primary server, confirm that the server can route the packets correctly to the Secondary server channel address using the pathping command.
  18. On the Secondary server, confirm that the server can route the packets correctly to the Primary Server Channel address using the pathping command.
  19. On the Primary server, enable the Compression Manager:
    1. In a command prompt window, browse to the Neverfail Engine installation directory, under Neverfail\R2\bin .
    2. Type the following command (case-sensitive):

      nfconfigtool SetIsLowBandwidth PRIMARY SECONDARY tru e
    3. Close the command prompt window.
  20. On the Secondary server, enable the Compression Manager:
    1. In a command prompt window, browse to the Neverfail Engine installation directory, under Neverfail\R2\bin .
    2. Type the following command (case-sensitive):

      nfconfigtool SetIsLowBandwidth PRIMARY SECONDARY true
    3. Close the command prompt window
  21. On the Primary server, using the Neverfail Engine System Tray Icon, select Start Neverfail Engine.
  22. On the Primary server, update the Server Monitoring ping routing configuration:
    1. In the Neverfail Advanced Client, select Server Monitoring.
    2. On the Server Monitoring screen, in the Configure Pings section, click Configure…
    3. Browse to the Ping Routing tab of the new window.
    4. Update the Primary and Secondary IP addresses to match the new IP scheme implemented in the steps above. Update both the Ping From and Ping To fields.
  23. On the Primary Server, add two Network Configuration tasks that execute the example below, as follows:

    Note: By default, DNSUpdate requires DNS to be integrated into Active Directory. If this is not the case, please see Knowledgebase Article #2870 How to Configure DNS With Neverfail IT Continuity Engine in a WAN Environment .
    1. For the Primary server, select Primary radio button.

      DNSUpdate -auto

    2. Click Run As and select from the menu the Domain Account previously configured in the User Accounts dialog .

    3. For the Secondary server, select Secondary radio button .

      DNSUpdate -auto

    4. Click on Run As and select the Domain Account previously configured in the User Accounts dialog.

  24. On the Server tab, click Monitoring , click Configure Pings , select the Ping Routing tab, edit Primary to Secondary and Secondary to Primary sections to update these with the new Channel IPs. Click OK .

  25. In the Server Monitoring: Failover Configuration screen, click Configure Failover , deselect the first two items in the list, then click OK .

  26. Open the Network tab, click Configure Pings , select the Ping Routing tab, and in the Ping targets from Primary server section, update Target 3 . (By default, Neverfail Engine uses the first DNS server configured in the TCP/IP Properties of the Secondary for Target 3.)

  27. Update the Ping targets from Secondary server section with site appropriate targets. (By default Neverfail Engine uses the Gateway IP used in RRAS when the static route for this server was configured for Target 1, the first DNS server configured in TCP/IP Properties of the Secondary for Target 2, and the first DNS server configured in the TCP/IP Properties of the Primary for Target 3.)

  28. On the Secondary server, set the Neverfail Server R2 service back to Automatic . Click the Neverfail Engine system tray icon, select Start Neverfail Engine .

  29. Allow the initial synchronization process to complete.

  30. Follow the Mandatory Tests section of the latest Neverfail IT Continuity Engine Acceptance Verification document located in the document downloads section of the Neverfail Extranet.


Applies To

Neverfail IT Continuity Engine


Related Information

None

KBID-2871

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.