Solved

Redundancy/Failover question...

Posted on 2004-10-04
10
185 Views
Last Modified: 2010-04-10
I have a mail server running Windows 2003 Server Standard.
It has two network interface cards.

One I call the public interface (although it has a non-public IP assigned our FW does NAT/port forwarding to port 110 and 25)
192.168.2.2   INTEL PRO SERVER 10/100/1000 Adapter


The other interface I call the internal interface (also a non-public IP with Client for MS Networks/File Printer Sharing etc enabled.
192.168.1.61  NETGEAR FA311 adapter


There seems to be a problem with the NETGEAR interface.  For one it seems to pass the MOST traffic (over a gig after days of being up).  The problem is the interface will crap out intermittently.  One day I'll come into the office and no one can get mail (since it's synced with AD for authentication).  The interface never goes into status DISABLED or anything, but if I disable the interface then enable it again all works fine.

My question is this:

A.  Can someone give me a script that will test the interface then disable and re-enable if the test fails to communicate over the adapter.

Second option

B.  Help me determine why the interface goes down period.

or

C. My more liked option....
  I want to assign another internal IP to my (external interface) so if interface one goes down we can still acess mail VIA interface 2.  

I've already assigned another internal IP to interface (external).  I've created another HOST in AD DNS to point to the mail server.  Doing an NSLOOKUP provides 2 IP addresses for mail.  So far so good.

The problem is....if I try to test by DISABLING the internal interface (192.168.1.61) I was under the impression that DNS should tell my mail clients that since the FIRST IP ADDRESS assigned to the mail server isn't responding, try the SECOND ONE.  But that's not happening....how can I make that happen?
0
Comment
Question by:TheBrothaULuv2H8
10 Comments
 
LVL 3

Expert Comment

by:jacauc
ID: 12219160
Well... first of all, this might actually be a hardware problem...
Try swopping out the NIC and see if it still happens.

Next, Check the event logs on the PC for any suspicious behaviour.... and maybe a reason why the interface is disabled automatically.


I will be able to provide you with a WSH script that can do that for you yes...


Later
;)
J
0
 
LVL 2

Author Comment

by:TheBrothaULuv2H8
ID: 12219212
I believe I've swapped the adapter and got similar results, I never checked the logs (stupid me) the day it happened and therefore I can't remember which day or time (to check the logs) without looking forever.  

I should probably update the drivers just to be safe...but in the meantime I'd still like a script to check for connectivity on the interface in question, if the "script" is unable to communicate across the interface is should disable the interface, then enable the interface (which resolves the issue), it should check every 1 minute.  

But I'd really like OPTION "C" which will provide for a little redundancy by doing a round robin and/or driving traffic to up interface when the other interface goes down.

0
 
LVL 3

Expert Comment

by:jacauc
ID: 12219308
Let me see what i can do in terms of the script....
would take some reading... but i'd possibly be able to help you out tomorrow...

In the meantime check the event log for Red/Yellow events and update the drivers for the card.

I'll also think of a solution for option C in the meantime...

Cheers
;)
J
0
 
LVL 2

Author Comment

by:TheBrothaULuv2H8
ID: 12219321
Your assistance is appreciated I will update the drivers in the meantime as well as search through the logs.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 11

Expert Comment

by:PennGwyn
ID: 12219464
> The problem is....if I try to test by DISABLING the internal interface (192.168.1.61) I was under the impression that DNS
> should tell my mail clients that since the FIRST IP ADDRESS assigned to the mail server isn't responding, try the SECOND
> ONE.  But that's not happening....how can I make that happen?

DNS knows nothing about the status of addresses it returns -- whether they're up, whether they respond to pings, whether they host the specific service the client is interested in.  All it does is look up a name-to-address translation, in cache, in its own zone files, or by forwarding the query to someone else.  It's not magically omniscient.

The addresses you supplied for the two interfaces *imply* that they're on separate subnets, but you've never actually stated that for sure, or even provided subnet masks.  Can you confirm that?


0
 
LVL 2

Author Comment

by:TheBrothaULuv2H8
ID: 12219653
INTERNAL INTERACE     192.168.1.61     /24
Netgear FA311     (this is the interface that intermittently fails, disabling then re-enabling interface corrects problem)

EXTERNAL INTERFACE  192.168.2.2  /24
Intel Pro 10/100/1000  (interface remains up at all times).

I've assigned a secondary IP address 192.168.1.101  /24   to the aforementioned interface (external int) as the BACKUP for 192.168.1.61.  That way if netgear interface (internal) goes down the external interface will be able to answer (they're all technically internal).

Does that answer your question?
0
 
LVL 2

Author Comment

by:TheBrothaULuv2H8
ID: 12219954
INCREASING POINTS
0
 
LVL 2

Author Comment

by:TheBrothaULuv2H8
ID: 12307433
It was determined that the NIC had an option selected to go into a power saving/standby mode.  I've disabled that feature and the server has not lost it's connectivity since.  


Reqesting that this question be closed.
0
 

Accepted Solution

by:
RomMod earned 0 total points
ID: 12339529
Closed, points refunded.
RomMod
Community Support Moderator
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
SSH commands for Nas4free 21 300
Security Alert 2 42
Domain join remote sites or not 3 26
Cisco VSS or VCP on GNS3 or IOU 3 29
Let’s list some of the technologies that enable smooth teleworking. 
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now