Re: issue with DC replication
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Fri, 19 Jun 2009 01:32:14 +0100
Inline
arp -d
nbtstat -R
by running this cmd on both the m/c what am I going to establish?
To clear the cache + ipconfig /flushdns.
Same as doing a repair in Windows 2008 or vista.
We are runnign IP Monitor8.0 when ever the FTP Service goes down it gives us
an alert?I am still learning how to use the S/W?As I said to you on my
earlier mails clients doesn't notice the issue as the DC1 re-boot in couple
of minutes time.But my main worry is what happen if DC1 actually fails how do
I establish clients can still can connect to the other DC/DNS?
Ok, but with a couple of seconds with the DC down, you can run the sniffer to check what is going at network level.
Yes the D.C has 2 NIC's.
But we are only using one NIC for the name resolution on each.
Are the NICs in different address? Are the addresses in the same network ID as the FTP servers? What do you mean with name resolution for each?
what's the interface tab actually means do you really have to set it up 2
NIC's for adding two IP Addresses at the interface tab or can you put 2
different AD-I DNS server ip address which will provide the DNS services.
You don't need to have multiple NICs to have multiple address, you can configure all in the same NIC, but this type of configuration only makes sense in a DEV/TEST environment, in PROD you generally have specific VLans configured to the switch port where the Nic is connected (unless you have the NIC in Trunk VLAN).
Is not recommended to have multiple NICs assigned to the DC because by default DNS round robin is active and if DNS clients are in a different VLANs, they may end up getting the with the wrong DNS ip address for that DC (Wrong means an IP that may not be reachable by the clients due FW configurations or routing configs). Additionally you may have problems with replication between both DCs for the same reason.
Unfortunately I am not allowd to take the D.C's down which providing FTP/Web
services for doing my testing,that's a real hinderance from my point of view?
Well, I think that when you lose resolution between the FTP and the DNS/DC may be related with the fact that when querying DC2 the wrong IP is returned or something is in cache preventing it from working correctly.
When I had a chat with my colleague what I understood was FTP services goes
down when we take the DC1 down not for the DC2.
There're other options, you say that only happens when DC1 is rebooting, because you can't take DC1 down to test, you can try to point the preferred DNS to DC2, and check if the same behavior occurs. Another thing to check is if you have any entry in the hosts file with the wrong IP of DC2. After making the changes on NIC preferred DNS run the cmds that I provided before and try to ping the FQDN of DC2, if nothing run the sniffer or check if the IP returned is the correct for DC2. Also check time between DCs and client.
Well, if it fails when DC1 is down, that means that for some reason DC2 is not responding to the server requests when DC1 is down (also check if both DCs are in sync: repadmin /replsum * /bysrc /bydest /sort:delta).
Is this anything to do with the FSMO roles,cause DC1 is acting as PDC,RID
and Infrastructure.I think that might be causing the problem!!!
For FTP service? I don't think so.
PS: If I can make the both the FTP/WEB Servers to look at least same D.C
when the other goes down will give me a quick fix for time being.At the
moment when I run nslookup I can see that one Web server pointing to One DNS
and the other one always pointing to the other one.
Use both DNS in NIC config otherwise when one fails the client has no way to determine where the other is at.
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MVP Directory Services
"millin" <ssuj@xxxxxxxxxxxxxxxxxxxxxxxxx(No Spam)> wrote in message news:D33128A2-9277-4391-B559-603D7DC712FD@xxxxxxxxxxxxxxxx
Hi Jorge,
arp -d
nbtstat -R
by running this cmd on both the m/c what am I going to establish?
We are runnign IP Monitor8.0 when ever the FTP Service goes down it gives us
an alert?I am still learning how to use the S/W?As I said to you on my
earlier mails clients doesn't notice the issue as the DC1 re-boot in couple
of minutes time.But my main worry is what happen if DC1 actually fails how do
I establish clients can still can connect to the other DC/DNS?
Yes the D.C has 2 NIC's.
But we are only using one NIC for the name resolution on each.
what's the interface tab actually means do you really have to set it up 2
NIC's for adding two IP Addresses at the interface tab or can you put 2
different AD-I DNS server ip address which will provide the DNS services.
Unfortunately I am not allowd to take the D.C's down which providing FTP/Web
services for doing my testing,that's a real hinderance from my point of view?
When I had a chat with my colleague what I understood was FTP services goes
down when we take the DC1 down not for the DC2.
Is this anything to do with the FSMO roles,cause DC1 is acting as PDC,RID
and Infrastructure.I think that might be causing the problem!!!
PS: If I can make the both the FTP/WEB Servers to look at least same D.C
when the other goes down will give me a quick fix for time being.At the
moment when I run nslookup I can see that one Web server pointing to One DNS
and the other one always pointing to the other one.
any suggestions would be appreciated.
"Jorge Silva" wrote:
Ah, Ok,
-1st, are the DCs with more than one NIC each?
- Yes, you can configure the DNS to respond only to the address in the IP
that you want to. If your interface tab is setup to respond on the correct
IP address you should have no issues at all.
Try the follwing. After taking the DC down, go to both nodes of the NLB, and
run from cmd:
arp -d
nbtstat -R
ipconfig /flushdns
and try again, what are the results?
Problems?
- Ok, install Wireshark or NetMon to check what is going on at network level
request.
- Another thing to consider is FROM WHERE are you testing the FTP? For
example, if you're testing from a client, can you check if the client is
being redirected to the correct address or DNS server? Is the router or the
network balancing mechanism (assuming alteon or other dedicated device) with
problems when redirecting traffic?
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MVP Directory Services
"millin" <ssuj@xxxxxxxxxxxxxxxxxxxxxxxxx(No Spam)> wrote in message
news:9A9B67DE-6CF1-47D4-9703-B8379C5F71DF@xxxxxxxxxxxxxxxx
> Hi Jorge,
>
> I may be misguided you both. I don't know.
> O.K our network structure is like this.
>
> we have got 2 FTP/WEB Servers which are public having ip address in the
> range 217.45.XXX.8 and 217.45.XXX.9 and both are clustered using > Microsoft
> NLB,whose Virtual IP address is 217.45.xxx.12.
>
> Whenever we take one of the D.C for maintenance or goes down, FTP > servers
> is
> going down. But I ran ipconfig/all on both the WEB01/02,I can see the
> preferred DNS and alternated DNS as our AD-I DNS servers.
> But another thing which I noticed was for the restricted IP address (at
> the
> interface tab) for both the DNS servers, only have one DNS server IP
> Address.
> I am just wondering if I give both the DNS server's IP address at the
> interfaces (tab) might solve my problem!!! I don't know.
>
> does it make sense !!!
>
> thanks
> mill
>
> "Jorge Silva" wrote:
>
>> Hi
>> I'm a little lost here...
>>
>> - You have one FTP cluster in Active/Passive configuration? Then you >> also
>> have 2 DCs that are supporting that cluster (probably for the >> accounts)?
>
> That's correct, these 2 DC's are for the External accounts.
> You can see the Host A records of both DC/DNS are there in each DNS.
> But I couldn't find any records of Cluster IP there!!!.
>>
>> - You say that you nee to take the FTP out (evict node?) of the >> cluster
>> config, why you need to do that? Failover doesn't work?
>
> We are having a different system at our Co. Because we are running a
> slightly complicated procees consuming applications we always have to > do
> it
> manually. Once we took one of WEB Box out you have to point that as the
> Active server for all external client request by changing the name and
> location of server on xx.cfg file.
> You know what I am talking about, don't you?
>
> If you need further info please don't hesitate to contact me.
> It's kind of urgent, if we resolve ASAP, it's good for me and for the > Co.
>
> Thanking you,
>
> mill
>
>
> "Jorge Silva" wrote:
>
>> Hi
>> I'm a little lost here...
>>
>> - You have one FTP cluster in Active/Passive configuration? Then you >> also
>> have 2 DCs that are supporting that cluster (probably for the >> accounts)?
>>
>> - You say that you nee to take the FTP out (evict node?) of the >> cluster
>> config, why you need to do that? Failover doesn't work?
>>
>> - Then you say that the server doesn't update the DNS config? What
>> server?
>> Assuming the Cluster Virtual Network Name (associated with virtual IP
>> Address), that record should already exist in DNS when the cluster is >> up
>> and
>> running?
>>
>> Perhaps I missunderstood you!!!
>> -- >> I hope that the information above helps you.
>> Have a Nice day.
>>
>> Jorge Silva
>> MVP Directory Services
>> "millin" <ssuj@xxxxxxxxxxxxxxxxxxxxxxxxx(No Spam)> wrote in message
>> news:12694AE9-1DFC-4F91-9BEF-BD856AF9A287@xxxxxxxxxxxxxxxx
>> > Dear All,
>> >
>> > I am having a problem with our live FTP servers.
>> > We are running our FTP servers on cluster.
>> > Whenever one of the FTP server goes down we have to take that server
>> > out
>> > from the cluster and point to that to the other FTP >> > server(passive).
>> > The problem which I am facing is whenever we take one of the FTP >> > server
>> > from
>> > the cluster.For a couple of minutes the server doesn't seem to be
>> > updating
>> > on
>> > the DNS server,so our LIVE FTP says it's DOWN!!!.From our point of >> > view
>> > that
>> > is not acceptable.
>> > we have got 2DC's running for the Domain(LIVE).I ran replmon and it
>> > doesn't
>> > showing any replication issues between the two DC's.
>> > So I am bit stucked at the moment?
>> >
>> > any help would be apprciated.
>> >
>> > Thanks
>> > mill
>>
.
- Follow-Ups:
- Re: issue with DC replication
- From: millin
- Re: issue with DC replication
- From: millin
- Re: issue with DC replication
- References:
- issue with DC replication
- From: millin
- Re: issue with DC replication
- From: Jorge Silva
- Re: issue with DC replication
- From: millin
- Re: issue with DC replication
- From: Jorge Silva
- Re: issue with DC replication
- From: millin
- issue with DC replication
- Prev by Date: Adm Template - Disable XP tour at first logon
- Next by Date: Re: Forest Trust: Restricting access to Domain in logon
- Previous by thread: Re: issue with DC replication
- Next by thread: Re: issue with DC replication
- Index(es):
Relevant Pages
|
Loading
