Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

UNC Path no longer works with 2 servers with the same IP address.

Posted on 2011-09-30
4
1,024 Views
Last Modified: 2012-05-12
This is on a 2 Windows 2008 (non) R2 servers test environment.  Both servers are SQL servers and also have files shares.  

TEST01       10.0.0.1   (Master)
TEST01DR  10.0.0.2   (Replica)

We replicate data between the 2 servers and when we need to failover to the DR server we change all the DNS (A) records in all of our DNS servers so that both IP addressess match.  So it looks like below

TEST01       10.0.0.2
TEST01DR  10.0.0.2
 
Now when users type in TEST01 they are actually accessing TEST01DR through DNS

This works great for all the applications that are writing to the SQL server since they are using DNS to connect. Now the issue we are having is files shares.  The data is replicated but once we make the DNS record change where both servers have the same IP, and try to access \\TEST01\  we get Logon Failure:  The target account name is incorrect.  This is only for the file shares.  I tried DisableStrictNameChecking and rebooting.  That didn't work.  Im sure the server is denying me access because Im using a different host name to try to access it.  If I do \\10.0.0.2\ I can access the file shares.  And if I try to access TEST01DR by its actual host name,  \\TEST01DR....that works.  I just cant access it by \\TEST01\ even though DNS points TEST01 to TEST01DR.   Any tips or tricks?  I hope all this makes sense.  Also as a side note, neither servers registers their IP addressess to the DNS server.  The 2 servers are setup static in DNS.  
0
Comment
Question by:PilotAdmin
  • 2
4 Comments
 
LVL 13

Expert Comment

by:khairil
ID: 36895683
Hi,

Is it the same server? You cannot have two different server with same IP address, but you can have 1 DNS  address with multiple server.

I do not want to hurt your feeling by saying this, but it is not the right way to do disaster recovery. First let me explain what happen, why you can access TEST01DR but not TEST01. You need some basic understanding how network works.

By default when you access machine within range (layer 2 switch), the computer will hold some information called ARP table, which match IP address and MAC address of the computer. Computer will use this MAC address to discover neigbhour computer instead of IP address. IP address will be use when the switch not found any computer match requested MAC address in their list. A switch also hold ARP table of any computer connected to him. When you change IP of TEST01 to same IP as TEST01DR, the TEST01 broadcast it's IP and MAC address to the switch but it will introduce conflict here as the same IP already taken by TEST01DR. Which makes TEST01 in the "limbow". That my basic understanding. May be other expert can correct me if I'm wrong.

Back to your DR. As I said above, you can have one DNS but multi IP (which also means different servers or differnt NIC). The DR is usually Active - Passive combination instead Active - Active. As preparation for DR, changing access to the server usually control by round robin DNS or Load Balancer or monitoring server.

You should come out with DR plan first, for DR it is advisable to have secondary server on other location. You need to specify all the infrastucture information like IP addresses, network route and also services hold by DR site. For SQL server, I have attach here. Here is some article on MS site, http://msdn.microsoft.com/en-us/library/ms189134.aspx

For file sharing, it will be nice to have SAN - they have build in replication (this applicable if SANS also store database file).  Here is articles to do failed over for Windows File Server, http://technet.microsoft.com/en-us/library/cc731844(WS.10).aspx

I know it need a lot of reading on this, and well planned paperworks.

So to conclude this, and hope fully make your life easier. The easiest way to do is, to have both Server with different IP address.

Create 2 DNS name mapped to each server, let say test01.yourcompany.com mapped to 10.0.0.2 as primary server, and test01dr.yourcompany.com mapped to 10.0.0.3 as DR server - both are different server.

Then replicate SQL server from test01 to -> test01dr and file server from test01 to -> test01dr. In case of disaster, just change the DNS so that test01 is now mapped to 10.0.0.3 - you can do this by changing A record or CNAME  (but do not delete the entry of test01dr from DNS).

Hope, it is ok for you then.

Good luck.
0
 

Author Comment

by:PilotAdmin
ID: 36895947
It's 2 different servers.  Each server has a different IP address.  The only change is in DNS.  The static DNS (A) records are changed so both points to the same IP address.  

Before

Name              TYPE         DATA
TEST01         HOST(A)    10.0.0.1
TEST01DR    HOST(A)    10.0.0.2  


After

Name              TYPE         DATA
TEST01         HOST(A)    10.0.0.2
TEST01DR    HOST(A)    10.0.0.2

In DNS both static (A) records are changed to point to the DR.  Thats as clear as I can make it.  Lets not worry about ARP.  That's not an issue for us in either Windows or the switches.  And I appreciate the tangent on how to cluster servers.  We can talk Clustering, NLB, and best practices another time.  What I want to concentrate on is the UNC path issue.  

When I type in \\TEST01\ to go to the file shares Windows tries to access the files shares on \\TEST01DR.  That "is" what I want to happen.  But I get Logon Failure:  The target account name is incorrect.  It seems like the server is denying access to the files share because I am trying to access it using the wrong host name.  I can access it by IP \\10.0.0.2\  The question I have is, can I get around this?  

0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 500 total points
ID: 36896086
No you can't get around this, nor do you want to. Netbios stopes this by design to prevent a Netbios Denial of Service Attack. So, Netbios binds to a specific MAC address. When two computers have the same IP, Netbios will deny service on both computers. So, this will effect name resolution using Netbios translation. You will be able to access by IP. And you will probably be able to access by Fully.Qualified.Domain.Name... But, by design you will be denied Netbios translation.

Netbios is used for the Netlogon service, UNC paths via Host Name, File and Print Sharing, Fax Service, the RPC locator, etc...

If you wish to create a cluster of servers to share the load, then make sure they have their own IP address... Load balancing software will recognize multiple IP addresses to share the load.

Explanation:
http://support.microsoft.com/kb/269239
0
 

Author Closing Comment

by:PilotAdmin
ID: 36898135
I figured this was the issue.  Thanks for the response.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question