+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 19
How do you do....it? Thread, AD and net connection redundancy.. in Technical; Thought I'd run this past everyone to see if you have any suggestions regarding a school setup with some redundancy ...
  1. #1
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    119

    AD and net connection redundancy..

    Thought I'd run this past everyone to see if you have any suggestions regarding a school setup with some redundancy built-in.

    The situation is this:

    - 1 main server with Win2k3 (not R2)
    (DNS, AD, DHCP, Gateway, File server with Roaming profiles enabled)
    Smart UPS installed and set to stay up for as long as possible before shutting down.

    - 1 lower spec machine with Win2k3
    (AD, Printserver, backups)
    APC CS 500 installed and set to shutdown after 3 minutes of no power


    The school suffers regular blackouts and surges thanks to the cr*p electrical grid in the area (it's near a lot of power stations and surges ALL the time!) so it tends to take out the network and a few problems with the current ISP also don't help (but we're getting rid of Vital soon thank {deity}).


    What I'd like to do is sort out the system so that it can handle the primary server dying and being unavailable for 24 hours or potentially longer without losing net access or all printers.

    At the moment I'm pretty sure the setup allows for logins as the AD is on the backup but I'd like to setup the 2nd server as an alternate gateway for redundancy so it can handle internet requests if necessary.

    I also wonder if this approach might help reduce the loads on a single machine too...

    So, anyone care to share some suggestions on how to set this up properly?

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,850
    Thank Post
    110
    Thanked 598 Times in 514 Posts
    Blog Entries
    1
    Rep Power
    227

    Re: AD and net connection redundancy..

    Firstly, I'd look at fixing your power problems. If you can get that sorted out then a lot of your other problems disappear with it. Failing your electricity companry getting a clue, have you considered a diesel generator?

    To keep everything running your going to have to seperate the functionality of your servers out and then duplicate them. Preferably with a front end load balancer. So if we seperate things out sensibly as follows.

    DNS/DHCP.
    AD Domain controller
    File and Print
    Internet Gateway

    So that works out as 8 machines and 2 load balancers (you dont need to load balance Domain controllers or DNS/DHCP). You could eliminate another load balancer if you use DFS for your file shares and distribute your printers sensibly between the two servers.

    Now, with that out of the way, lets thing about your network infrastructure. You'll need UPS's in your switch cabinets to keep them up during a power cut. You'll also want to have some redundancy between your main switches incase you lose a link in some way. Each switch needs wiring up to at least two other main switches. So if for example you had 3 main switches you would wire them up in a triangle layout. Remember to enable Spanning Tree Protocol!

    Finally if you want your internet connection to be as robust as the rest of your network you will want seperate lines from different suppliers. You must make sure they do not use the same exchanges or fibre!

    Combined with a diesel generator and decent UPS systems, you could run the whole of your site as normal even if the electricty grid had failed. No one would notice, at least until you ran out of diesel.

    The above is how I would set things up if I did not have to concern myself with time or money. Obviously reality is likely to get in the way. Pick and choose which things you can reasonably implement.

  3. #3

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,685
    Thank Post
    755
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438

    Re: AD and net connection redundancy..

    You seem to be saying that you'r biggest issue should you have power problems and lose your main file server is aslo loosing Internet access. What do you do that has this requirement for 99.999% Internet uptime?

    Ben

  4. #4
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    119

    Re: AD and net connection redundancy..

    Perhaps I should have qualified the situation a little better (but thanks for the input so far).

    OK.. first off this is for a primary school with 2 buildings, 2 network cabinets and a single net connection.

    The problem in the area re: power is a known one that the whole area suffers (not just the school) so it's unlikely the power company will "get a clue". Usually it goes out for a few seconds but there's been times it'll return after anything from 30 minutes to 10 hours. I could guess as to the cause but like I said, it's nothing I can do a darned thing about.

    Obviously I've protected the servers as much as possible from spikes and blackouts but the biggest issue faced is that I'm not available to come in and resolve an issue on a 24/7 basis... Normally we're talking a day or 2 day delay during which time the entire network is out of action. Primary teachers being what they are, there's not a lot of expertise available to handle diagnosis of problems so it usually waits until my next free slot.

    However what tends to hit the hardest is that the primary server can take down the whole system, net, printers, etc... while the local systems themselves can still provide some of the software, a lot of work is done via sites like Educationcity, etc... so the net is important to them, and printers even more so.


    All of this aside, I'm also hedging against the server being stolen, disconnected (by some cleaner or child) or similar issue so having a second server available as a backup as well as redundancy is a definite plus. Having a single server has caused problems in the past and given that replacing it would require, at minimum, 4 to 5 days to deliver, build and recover.

    I'm basing this on experience as a few months back, the primary overheated (a CPU cooler died, the failsafe was removed by an "overzealous" IT coordinator who bypassed it, overheating it and frying the motherboard and CPU). It took 2 weeks to resolve the issue due to the lack of an alternate server, no recent backup and the fact the system used on board RAID which wasn't available elsewhere... Not fun!

    So, to summarise here...
    - The primary requirement is for duplication (real time backup) of the AD (which I've pretty much got covered)
    - The secondary requirement is for an alternate to hold the fort and/or reduce the workload on the primary if it should go down (so printing, internet, etc.. are still available)
    - Finally the idea is to reduce the need for an immediate on-site call-out or a rush replacement if the primary should fail completely.


    It may still not make a heck of a lot of sense but feel free to throw your 10p in the ring.

  5. #5

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,685
    Thank Post
    755
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438

    Re: AD and net connection redundancy..

    The trouble is to provide them with the sort of redundancy you are trying to provide you need to duplicate all of the users files across 2 servers otherwise if one goes down they won't be able to access their info.

    I suppose the backup server could provide a temporary workspace for them so that anything created after the primary went down was available.

    I doubt you're going to be able to provide them redundancy on the Inet connection because if they are fed from the one local exchange and thats the only connection available then if there is no power neither is going to work. Unless you can get a wireless mesh style Inet connection or satellite. I suppose good ole POTS would still work so a dialup is also a possibility albeit very very slow.

    Having talked ICT Support with our group of cluster schools who I have a technician supporting the general feeling is that they can wait a day or 2 to get something fixed so maybe prioritising what they can and can't "live" without such as the school MIS if they use one might be better.

    Ben

  6. #6
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    119

    Re: AD and net connection redundancy..

    Hey Ben,

    I might have missed something out here.. but the point you seem to be focusing on is the power side of things which is a small part of the issue... As I said, it's something of a sporadic thing but it's rarely off for days at a time.. Most common is a 20 minute cutout and then power returns.. but what does happen is the server goes offline... I'd have to be a serious nut to think we could have net, printers, etc.. with the power off for an area.. 8O

    But to go back to my original point, what I'm trying to do is provide a bit of redundancy that means that if the main server goes bye bye for whatever reason (power, theft, etc..) the school can continue to use the resources albeit as "offline".

    After all, once the primary is restored the fact that we're using caching on our small number of systems means that the files aren't lost and I do have backups of both the server OS and the data...

    So, basically what I'm after is the actual process of making it possible.

  7. #7

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    Boston, MA
    Posts
    7,601
    Thank Post
    110
    Thanked 771 Times in 599 Posts
    Rep Power
    183

    Re: AD and net connection redundancy..

    @Contink: It's a tall order to provide redundancy for everything.
    * With two domain controllers, people can still log on
    * If you use DFS, the shares will replicate and so should always be available
    * For DHCP you could have a scope on each box (both within the same subnet)
    * Stick a tape drive in each server and perform backups on each
    * For your Internet connectivity, the best way would be to have two proxy servers - I'm not sure how you would implement the failover but round-robin could be used for load balancing

  8. #8
    meastaugh1's Avatar
    Join Date
    Jul 2006
    Location
    London/Hertfordshire
    Posts
    893
    Thank Post
    70
    Thanked 85 Times in 70 Posts
    Rep Power
    33

    Re: AD and net connection redundancy..

    Quote Originally Posted by contink
    but what does happen is the server goes offline...
    Can you elaborate on this? Are you saying that the server isn't recovering without intervention following a power failure? If so, I would imagine this should be addressed asap in an area where power failure is frequent.

    Your original post suggests that your second server doesn't have DNS installed? If so, AD won't work when your only DNS server fails/disappears.

    If you're particularly concerned about your first server becoming unusable/inaccessible, you could duplicate settings, such as creating an inactive DHCP scope, print queues, user folder structure on your second server. Then you could 'activate' them should the time come.

  9. #9

    plexer's Avatar
    Join Date
    Dec 2005
    Location
    Norfolk
    Posts
    13,685
    Thank Post
    755
    Thanked 1,715 Times in 1,526 Posts
    Rep Power
    438

    Re: AD and net connection redundancy..

    You don't need to have an inactive dhcp scope on the second box you split the addresses each one dishes out so they can both perform dhcp.

    DNS on both boxes. Both boxes being a domain controller to enable logon.

    Print queues can be duplicated on both boxes and could all be dished out by both permanently splitting the load as well.

    Ben.

  10. #10
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 45 Times in 35 Posts
    Rep Power
    30

    Re: AD and net connection redundancy..

    Just out of curiosity but what about the client computers??

    Surely they must be getting destroyed with the constant power outs etc..

    ...or have you got little UPSs on those also?

    Cheers
    Nath

  11. #11

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,850
    Thank Post
    110
    Thanked 598 Times in 514 Posts
    Blog Entries
    1
    Rep Power
    227

    Re: AD and net connection redundancy..

    There's no data on the client computers that isn't easily replaceable (RIS, Ghost, etc).

  12. #12
    tarquel's Avatar
    Join Date
    Jun 2005
    Location
    Powys, Mid-Wales, UK
    Posts
    1,740
    Thank Post
    13
    Thanked 45 Times in 35 Posts
    Rep Power
    30

    Re: AD and net connection redundancy..

    hehe Geoff... im not on about that :P

    I mean the hardware turning on and off due to pwer cuts is going to wreck the machines of course

    Surge adaptors are only gonna do so much i would have thought.

    Nath.

  13. #13
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    119

    Re: AD and net connection redundancy..

    Quote Originally Posted by tarquel
    I mean the hardware turning on and off due to pwer cuts is going to wreck the machines of course

    Surge adaptors are only gonna do so much i would have thought.
    You're not wrong... we've been having all sorts of problems and so far this past 12 months we've had 3 fried PSU's although in fairness they weren't all that great.


    But as to the suggestions above... re: DNS, DHCP, etc... that's exactly the sort of stuff I was looking to find out.

    The net side of things is still a bit fuzzy as I've found Win2k3 is complaining about multiple gateways on the 2nd machine.

    Would I be right in assuming (edit) that if I hook up another Nic on the 2nd server and connect it to a second port on the outgoing router (ie: it has direct access to Vitals proxy), then all I really need to do is setup a seperate DHCP scope on the 2nd server, with itself as the DNS and gateway and the two shouldn't clash?

    Something tells me it's not quite that simple though as I've this feeling it goes wrong when the two connect to each other.


    As for duplicating print queues... I'm curious as to how I go about sorting that aspect out.. especially when it comes to login script setting which printers are where.

    Appreciate my initial post was a bit cack handed but thanks for the input recently it's getting what I need to know.. cheers

  14. #14

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    Boston, MA
    Posts
    7,601
    Thank Post
    110
    Thanked 771 Times in 599 Posts
    Rep Power
    183

    Re: AD and net connection redundancy..

    @contink: RE you're gateway thing... assuming that all machines connect directly to the net with the server(s) acting as router(s) rather than using a proxy... you could set up each server as a router and use your DHCP idea. This would also load balance your Internet routing through the servers in theory. Since all the gateway details would be updated by server B if A disappeared all should be well.

  15. #15

    Join Date
    Jan 2006
    Location
    Surburbia
    Posts
    2,178
    Thank Post
    74
    Thanked 307 Times in 243 Posts
    Rep Power
    116

    Re: AD and net connection redundancy..

    All sounds very complicated for a Primary School. I don't understand why DC-1 is between the LAN and the WAN.



SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. VPN connection with internet connection option
    By FN-GM in forum Wireless Networks
    Replies: 6
    Last Post: 29th December 2007, 08:19 PM
  2. Replies: 12
    Last Post: 21st December 2007, 03:40 PM
  3. ASP connection to Exchange
    By TechMonkey in forum Windows
    Replies: 1
    Last Post: 11th October 2007, 12:08 PM
  4. Unfiltered Internet Connection
    By richard in forum How do you do....it?
    Replies: 16
    Last Post: 22nd April 2006, 09:23 PM
  5. failed redundancy - what to do?
    By browolf in forum Hardware
    Replies: 3
    Last Post: 2nd November 2005, 09:59 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •