Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

UNC Path no longer works with 2 servers with the same IP address.

Posted on 2011-09-30
4
Medium Priority
?
1,044 Views
Last Modified: 2012-05-12
This is on a 2 Windows 2008 (non) R2 servers test environment.  Both servers are SQL servers and also have files shares.  

TEST01       10.0.0.1   (Master)
TEST01DR  10.0.0.2   (Replica)

We replicate data between the 2 servers and when we need to failover to the DR server we change all the DNS (A) records in all of our DNS servers so that both IP addressess match.  So it looks like below

TEST01       10.0.0.2
TEST01DR  10.0.0.2
 
Now when users type in TEST01 they are actually accessing TEST01DR through DNS

This works great for all the applications that are writing to the SQL server since they are using DNS to connect. Now the issue we are having is files shares.  The data is replicated but once we make the DNS record change where both servers have the same IP, and try to access \\TEST01\  we get Logon Failure:  The target account name is incorrect.  This is only for the file shares.  I tried DisableStrictNameChecking and rebooting.  That didn't work.  Im sure the server is denying me access because Im using a different host name to try to access it.  If I do \\10.0.0.2\ I can access the file shares.  And if I try to access TEST01DR by its actual host name,  \\TEST01DR....that works.  I just cant access it by \\TEST01\ even though DNS points TEST01 to TEST01DR.   Any tips or tricks?  I hope all this makes sense.  Also as a side note, neither servers registers their IP addressess to the DNS server.  The 2 servers are setup static in DNS.  
0
Comment
Question by:PilotAdmin
  • 2
4 Comments
 
LVL 13

Expert Comment

by:khairil
ID: 36895683
Hi,

Is it the same server? You cannot have two different server with same IP address, but you can have 1 DNS  address with multiple server.

I do not want to hurt your feeling by saying this, but it is not the right way to do disaster recovery. First let me explain what happen, why you can access TEST01DR but not TEST01. You need some basic understanding how network works.

By default when you access machine within range (layer 2 switch), the computer will hold some information called ARP table, which match IP address and MAC address of the computer. Computer will use this MAC address to discover neigbhour computer instead of IP address. IP address will be use when the switch not found any computer match requested MAC address in their list. A switch also hold ARP table of any computer connected to him. When you change IP of TEST01 to same IP as TEST01DR, the TEST01 broadcast it's IP and MAC address to the switch but it will introduce conflict here as the same IP already taken by TEST01DR. Which makes TEST01 in the "limbow". That my basic understanding. May be other expert can correct me if I'm wrong.

Back to your DR. As I said above, you can have one DNS but multi IP (which also means different servers or differnt NIC). The DR is usually Active - Passive combination instead Active - Active. As preparation for DR, changing access to the server usually control by round robin DNS or Load Balancer or monitoring server.

You should come out with DR plan first, for DR it is advisable to have secondary server on other location. You need to specify all the infrastucture information like IP addresses, network route and also services hold by DR site. For SQL server, I have attach here. Here is some article on MS site, http://msdn.microsoft.com/en-us/library/ms189134.aspx

For file sharing, it will be nice to have SAN - they have build in replication (this applicable if SANS also store database file).  Here is articles to do failed over for Windows File Server, http://technet.microsoft.com/en-us/library/cc731844(WS.10).aspx

I know it need a lot of reading on this, and well planned paperworks.

So to conclude this, and hope fully make your life easier. The easiest way to do is, to have both Server with different IP address.

Create 2 DNS name mapped to each server, let say test01.yourcompany.com mapped to 10.0.0.2 as primary server, and test01dr.yourcompany.com mapped to 10.0.0.3 as DR server - both are different server.

Then replicate SQL server from test01 to -> test01dr and file server from test01 to -> test01dr. In case of disaster, just change the DNS so that test01 is now mapped to 10.0.0.3 - you can do this by changing A record or CNAME  (but do not delete the entry of test01dr from DNS).

Hope, it is ok for you then.

Good luck.
0
 

Author Comment

by:PilotAdmin
ID: 36895947
It's 2 different servers.  Each server has a different IP address.  The only change is in DNS.  The static DNS (A) records are changed so both points to the same IP address.  

Before

Name              TYPE         DATA
TEST01         HOST(A)    10.0.0.1
TEST01DR    HOST(A)    10.0.0.2  


After

Name              TYPE         DATA
TEST01         HOST(A)    10.0.0.2
TEST01DR    HOST(A)    10.0.0.2

In DNS both static (A) records are changed to point to the DR.  Thats as clear as I can make it.  Lets not worry about ARP.  That's not an issue for us in either Windows or the switches.  And I appreciate the tangent on how to cluster servers.  We can talk Clustering, NLB, and best practices another time.  What I want to concentrate on is the UNC path issue.  

When I type in \\TEST01\ to go to the file shares Windows tries to access the files shares on \\TEST01DR.  That "is" what I want to happen.  But I get Logon Failure:  The target account name is incorrect.  It seems like the server is denying access to the files share because I am trying to access it using the wrong host name.  I can access it by IP \\10.0.0.2\  The question I have is, can I get around this?  

0
 
LVL 39

Accepted Solution

by:
ChiefIT earned 2000 total points
ID: 36896086
No you can't get around this, nor do you want to. Netbios stopes this by design to prevent a Netbios Denial of Service Attack. So, Netbios binds to a specific MAC address. When two computers have the same IP, Netbios will deny service on both computers. So, this will effect name resolution using Netbios translation. You will be able to access by IP. And you will probably be able to access by Fully.Qualified.Domain.Name... But, by design you will be denied Netbios translation.

Netbios is used for the Netlogon service, UNC paths via Host Name, File and Print Sharing, Fax Service, the RPC locator, etc...

If you wish to create a cluster of servers to share the load, then make sure they have their own IP address... Load balancing software will recognize multiple IP addresses to share the load.

Explanation:
http://support.microsoft.com/kb/269239
0
 

Author Closing Comment

by:PilotAdmin
ID: 36898135
I figured this was the issue.  Thanks for the response.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question