• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1124
  • Last Modified:

Implementing DPM backup network retrospectively

We currently have a datacentre network and the backup traffic is contending with regular data.

I have created a seperate network interface on the DPM server and test server and allocated both servers with IP's on the regular and backup network.

As I still have all the other servers connecting to the DPM server on its hostname 'DPM-01' I created a new hostname for the same DPM server named 'DPM-01-BN' i.e. BackupNetwork within DNS.

When I try to reconfigure the backup agent on the test server to use the DPM-01-NB name I am given an error. I suspect it is due to the DPM server stating that the host name does not match.

If I add a host record to the test server which overrides the IP address for DPM-01 to the backup network then all is OK. I would prefer not to use host files

Any ideas?
0
aideb
Asked:
aideb
3 Solutions
 
btanExec ConsultantCommented:
Thinking if dns service can be used to differentiate or even some intermediate switch or router for routing
0
 
PeteJThomasCommented:
I could be way, way off here, but can you try running:

setspn -L DPM-01

to see what sPNs are listed for that machine?

I'm wondering (assuming you're using a static A or CNAME record for DPM-01-NB) if the sPN:

HOST\DPM-01-NB (and it's fully qualified equivalent) need to be registered against the DPM-01 comp account?

I'm not clear on the negotiation of kerberos over NTLM in this situation, but it's possible that when the host file is used, NTLM is negotiated and all works - However when using the FQDN of the CNAME or static A record, kerberos could be being negotiated?

Just a though, worth checking!

Many thanks,

Pete
0
 
PeteJThomasCommented:
Oh and I know when accessing file servers using an alias different to the actual host name of the server, you're meant to disable 'Strict Name Checking' (a registry change).

I have a feeling that was only relevant in older OS's, and even then may have no effect whatsoever on DPM operation, but it's worth taking a quick look at if you're still struggling!

HTH

Pete
0
 
ArneLoviusCommented:
if the DPM server is on both subnets, you have an issue, if however the DPM server is only on the backup network...

You could use network ordering in DNS, however if you have multiple networks, you have to be careful that the backup network is not seen as "closer" by the DNS server to any of the other subnets compared to the primary network.

Using a non AD integrated DNS server for the backup network doesn't work as then you would be missing the rest of the DNS for the domain.

Using the hosts file on the DPM server is the "cleanest" IPv4 method.

Again using network ordering on the DNS server, you could use a non routable IPv6 network for the backup network.
0
 
aidebAuthor Commented:
Thanks for the feedback. I had to stick with using a host file after I tried a couple of the suggestions!
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now