It is important to ensure that your network is configured and working properly before you install SIOS Protection Suite. There are several tasks you should do at this point to verify your network operation:
- You must ensure that every network interface card (NIC) has one permanent IP address in order to create a TCP/IP comm path or protect an IP address.
- If your server has more than one NIC (recommended), you should configure them to be on different subnets. If the adapters are on the same subnet, TCP/IP cannot effectively utilize the second adapter.
- Your IP addresses should be configured as follows, assuming at least two NICs in each server (one on a private network and one on the public network):
a. In the Control Panel, click on Network Connections. Right-click Open.
b. From the Advanced menu, select Advanced Settings.
c. Ensure that the NIC connected to the public network is in the topmost position of the Connections list.
d. Do not register private network connections with DNS. Uncheck the “Register this connection’s address with DNS” checkbox for the private network adapter as follows:
Internet Protocol (TCP/IP) Properties-> Advanced -> DNS Tab
Since no DNS servers are needed for the private network connection, none should be listed.
This prevents the browser from occasionally getting confused when switching over LAN Manager computer names.
- From each server, ping the local server, and ping the other server(s) in the cluster. If the ping fails, then do the necessary troubleshooting and perform corrective actions before continuing.
- To ensure that the LifeKeeper GUI server and client components can effectively communicate ensure that localhost is resolvable by each server in the cluster.
• If DNS is not implemented, edit the %windir%\system32\etc\drivers\hosts file and add an entry for the localhost name. This entry can list either the IP address for the local server, or it can list the default entry (127.0.0.1). If localhost is not resolvable, the LifeKeeper GUI may not work.
• If DNS is implemented, verify the configuration to ensure the servers in your SIOS Protection Suite cluster can be resolved using DNS.
- Ensure each server’s hostname and networking addressing information is correct and will not change after SIOS Protection Suite is installed. If changing the hostname after SIOS Protection Suite is in operation, you must run the lk_chg_value utility to modify the computer name in the SIOS Protection Suite configuration files. If changing the networking configuration after SIOS Protection Suite is in operation, you must run the lk_chg_value utility to modify existing SIOS Protection Suite comm paths and resource hierarchies after re-configuring your network information.
Note: If you are using SIOS DataKeeper for Windows, refer to the SIOS DataKeeper section of the documentation for additional information on specifying the network cards to be used for replication and comm path considerations.
Switchable IP Address
Most SIOS Protection Suite configurations use the IP Recovery Kit, which defines a switchable IP address. A switchable IP address is a “virtual” IP address that can be switched between servers. It is separate from the IP address associated with the network interface card of each server. Applications under SIOS Protection Suite protection are associated with the switchable IP address. Then, if there is a failure on the primary server, the switchable IP address “switches” to the backup server.
If you plan to configure resource hierarchies for switchable IP addresses, you must do the following on each server in the cluster:
- Verify that the computer name is correct and will not be changed.
- Verify that the switchable IP addresses are unique on the network.
Note: If using teaming software or if network cards are changed after creating a switchable IP resource, the switchable IP resource should be deleted and recreated as the associated index number for the card can change.
Switchable IP Addresses, DNS and LifeKeeper GUI Considerations
Special network considerations must be made when a “virtual” IP address is used on the server’s main NIC and DNS registration is enabled on the NIC. When a “virtual” IP address is created by SIOS Protection Suite on a registered NIC, DNS will add this additional IP address for the server and start using it for host name resolution on the network. However, SIOS Protection Suite protected “virtual” IP addresses are switchable across cluster nodes. Therefore, precautions must be taken to prevent the LifeKeeper GUI from also using DNS registered “virtual” IP addresses to get updates from local and remote cluster nodes.
To keep LifeKeeper GUI connections to local and remote systems stable when using “virtual” IP addresses, there are two options:
- Use a network hosts file on each SIOS Protection Suite node.
• In the hosts file, identify the permanent IP address for every other remote cluster node.
• Do this on every SIOS Protection Suite system in the cluster.
As explained above, these addresses must be on the highest priorty network used for LifeKeeper GUI binding.
- Use an alternate network and associated alternate NIC for LifeKeeper GUI connections to all other nodes in the cluster. This option differs from the simpler recommendations explained above.
• Enable DNS registration on the alternate network and NIC.
• Make the alternate network the highest priority in the Network Connections -> Advanced -> Advanced Settings selection in the Adapters and Bindings tab. The LifeKeeper GUI will use this highest binding network.
• The highest priority SIOS Protection Suite comm path should also use this network.
• Do this on every SIOS Protection Suite system in the cluster.
The LifeKeeper GUI will use this alternate network for connections to all cluster nodes. With no virtual IPs assigned to this alternate network, the address registration will be stable. DNS registration may also be used for the main/public NIC on the server as needed.
Note: After making network configuration changes, the “ipconfig /flushdns” command may be used to remove obsolete cached DNS information.
IP Local Recovery Configuration
SIOS Protection Suite provides the ability to monitor local switchable IP addresses and move them to another network adapter in the same system when a failure is detected. This functionality, called IP Local Recovery, imposes additional requirements and limitations on the system configuration.
The backup adapter, also known as the Local Recovery Adapter where the switchable address will become active after a failure of the primary adapter,must be configured as follows:
- Both adapters must be connected to the same physical subnet.
- For routing purposes, all addresses on the Local Recovery Adapter must be on a different logical subnet than any permanent addresses on the Primary adapter. They must also be on a different logical subnet than any SIOS Protection Suite-protected switchable addresses that are configured on the Primary adapter.
- IP Local Recovery can only be enabled at the time the IP resource is created. Local Recovery cannot be added to an IP resource by modifying its resource attributes after the resource has been created.
- IP Local Recovery may be disabled for an IP resource by using the “ins_setlocalrecovery” command line utility. This utility is located in the SIOS Protection Suite \bin directory (C:\LK\bin by default). From a command prompt, type “ins_setlocalrecovery” for the usage and switch options.
How IP Local Recovery Works
When IP Local Recovery is enabled and the IP resource fails its quick check or deep check tests, then SIOS Protection Suite will do the following:
- First, SIOS Protection Suite will attempt to bring the IP address back in service on the current network interface.
- If that fails, SIOS Protection Suite will check the resource instance to determine if there is a backup (Local Recovery Adapter) available. If so, it will then attempt to move the IP address to the backup interface.
- If all local recovery attempts fail, SIOS Protection Suite will perform a failover of the IP address and all dependent resources to a backup server.
Even if you do not have a backup adapter, you can enable Local Recovery so that SIOS Protection Suite will retry the primary network interface before initiating failover to a backup server.
Post your comment on this topic.