• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1047
  • Last Modified:

UNC Path no longer works with 2 servers with the same IP address.

This is on a 2 Windows 2008 (non) R2 servers test environment.  Both servers are SQL servers and also have files shares.  

TEST01   (Master)
TEST01DR   (Replica)

We replicate data between the 2 servers and when we need to failover to the DR server we change all the DNS (A) records in all of our DNS servers so that both IP addressess match.  So it looks like below

Now when users type in TEST01 they are actually accessing TEST01DR through DNS

This works great for all the applications that are writing to the SQL server since they are using DNS to connect. Now the issue we are having is files shares.  The data is replicated but once we make the DNS record change where both servers have the same IP, and try to access \\TEST01\  we get Logon Failure:  The target account name is incorrect.  This is only for the file shares.  I tried DisableStrictNameChecking and rebooting.  That didn't work.  Im sure the server is denying me access because Im using a different host name to try to access it.  If I do \\\ I can access the file shares.  And if I try to access TEST01DR by its actual host name,  \\TEST01DR....that works.  I just cant access it by \\TEST01\ even though DNS points TEST01 to TEST01DR.   Any tips or tricks?  I hope all this makes sense.  Also as a side note, neither servers registers their IP addressess to the DNS server.  The 2 servers are setup static in DNS.  
  • 2
1 Solution

Is it the same server? You cannot have two different server with same IP address, but you can have 1 DNS  address with multiple server.

I do not want to hurt your feeling by saying this, but it is not the right way to do disaster recovery. First let me explain what happen, why you can access TEST01DR but not TEST01. You need some basic understanding how network works.

By default when you access machine within range (layer 2 switch), the computer will hold some information called ARP table, which match IP address and MAC address of the computer. Computer will use this MAC address to discover neigbhour computer instead of IP address. IP address will be use when the switch not found any computer match requested MAC address in their list. A switch also hold ARP table of any computer connected to him. When you change IP of TEST01 to same IP as TEST01DR, the TEST01 broadcast it's IP and MAC address to the switch but it will introduce conflict here as the same IP already taken by TEST01DR. Which makes TEST01 in the "limbow". That my basic understanding. May be other expert can correct me if I'm wrong.

Back to your DR. As I said above, you can have one DNS but multi IP (which also means different servers or differnt NIC). The DR is usually Active - Passive combination instead Active - Active. As preparation for DR, changing access to the server usually control by round robin DNS or Load Balancer or monitoring server.

You should come out with DR plan first, for DR it is advisable to have secondary server on other location. You need to specify all the infrastucture information like IP addresses, network route and also services hold by DR site. For SQL server, I have attach here. Here is some article on MS site, http://msdn.microsoft.com/en-us/library/ms189134.aspx

For file sharing, it will be nice to have SAN - they have build in replication (this applicable if SANS also store database file).  Here is articles to do failed over for Windows File Server, http://technet.microsoft.com/en-us/library/cc731844(WS.10).aspx

I know it need a lot of reading on this, and well planned paperworks.

So to conclude this, and hope fully make your life easier. The easiest way to do is, to have both Server with different IP address.

Create 2 DNS name mapped to each server, let say test01.yourcompany.com mapped to as primary server, and test01dr.yourcompany.com mapped to as DR server - both are different server.

Then replicate SQL server from test01 to -> test01dr and file server from test01 to -> test01dr. In case of disaster, just change the DNS so that test01 is now mapped to - you can do this by changing A record or CNAME  (but do not delete the entry of test01dr from DNS).

Hope, it is ok for you then.

Good luck.
PilotAdminAuthor Commented:
It's 2 different servers.  Each server has a different IP address.  The only change is in DNS.  The static DNS (A) records are changed so both points to the same IP address.  


Name              TYPE         DATA
TEST01         HOST(A)


Name              TYPE         DATA
TEST01         HOST(A)

In DNS both static (A) records are changed to point to the DR.  Thats as clear as I can make it.  Lets not worry about ARP.  That's not an issue for us in either Windows or the switches.  And I appreciate the tangent on how to cluster servers.  We can talk Clustering, NLB, and best practices another time.  What I want to concentrate on is the UNC path issue.  

When I type in \\TEST01\ to go to the file shares Windows tries to access the files shares on \\TEST01DR.  That "is" what I want to happen.  But I get Logon Failure:  The target account name is incorrect.  It seems like the server is denying access to the files share because I am trying to access it using the wrong host name.  I can access it by IP \\\  The question I have is, can I get around this?  

No you can't get around this, nor do you want to. Netbios stopes this by design to prevent a Netbios Denial of Service Attack. So, Netbios binds to a specific MAC address. When two computers have the same IP, Netbios will deny service on both computers. So, this will effect name resolution using Netbios translation. You will be able to access by IP. And you will probably be able to access by Fully.Qualified.Domain.Name... But, by design you will be denied Netbios translation.

Netbios is used for the Netlogon service, UNC paths via Host Name, File and Print Sharing, Fax Service, the RPC locator, etc...

If you wish to create a cluster of servers to share the load, then make sure they have their own IP address... Load balancing software will recognize multiple IP addresses to share the load.

PilotAdminAuthor Commented:
I figured this was the issue.  Thanks for the response.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now