HP StorageWorks Storage Mirroring application notes Guidelines for networking and failover (T2558-96063, February 2008)
Storage Mirroring Guidelines for networking and failover application notes 17
See Microsoft Knowledge Base article 197132 for a concise description of these roles. Unavailability of
some of the FSMO roles can cause immediate effects, such as Windows NT 4.0 users not being able to
change their passwords (PDC emulator), inability to extend the AD schema (schema master), and inability
to add a domain to a forest (domain naming master).
Global Catalog (GC) servers are also critical for proper domain functionality, particularly the logon
process in a multi-domain forest (see Microsoft Knowledge Base article 216970). A properly designed
Active Directory infrastructure will have multiple GC servers placed strategically throughout the network to
ensure that the failure of a given GC server will not impact users.
Windows NT
Windows NT domains also use a pull-based directory replication architecture, so a failed-over backup
domain controller (BDC) will not cause any inconsistencies in directory replication. The PDC prompts BDCs
to request replication on a scheduled interval, and the BDCs then request updates from the PDC. The BDC's
request informs the PDC of the last change it received, and the PDC sends the subsequent updates.
Again, there are no issues related to Storage Mirroring, and the only concerns are those related to a PDC
or BDC being unavailable for a period of time. A thorough understanding of Windows NT domains will be
necessary to be aware of all possible issues, and the Windows NT 4.0 Resource Kit contains the relevant
documentation. Some of the most important issues to consider include:
• Clients may be required to authenticate across a WAN link if a local domain controller is not available,
which may cause a delay based on the available bandwidth.
• Extended downtime of the BDC may result in a full directory synchronization, which, depending on the
size of the directory, can utilize significant bandwidth. By default, the PDC keeps a change log of 2000
entries, and a BDC will require a full synchronization if more than 2000 changes are made during its
downtime. This is particularly a concern if the BDC is separated from the PDC by a WAN link.
• Some applications, such as Microsoft Exchange Server 5.5, require access to the PDC at installation
time.
• User and computer accounts, user rights, and other directory objects cannot be created, modified, or
deleted if the PDC is unavailable.
• Trusts cannot be created if the PDC is unavailable.
IP address failover to a remote target
In most cases, failing over to a remote target can be accomplished by failing over the computer name only
and updating the name resolution servers to associate the source name with the target's IP address.
However, some solutions may require an IP address to be failed over to a remote target. Failing over IP
addresses to remote targets can be accomplished a number of ways. If a VPN infrastructure exists so that
the source and target can be on the same subnet, IP address failover will work exactly as it does in a LAN
environment.
If a VPN does not exist, routers can be automatically reconfigured with a failover script after the IP address
is failed over so that the failed-over address will be routed to the target. This would entail configuring the
routers to move the source's subnet from the source's physical network to the target's physical network.
There are a number of issues to consider when designing a solution that requires router configuration to
achieve IP address failover. Since the route to the source's subnet will be changed at failover, the source
server must be the only system on that subnet, which in turn requires all server communications to pass
through a router. Additionally, it may take several minutes or even hours for routing tables on other routers
throughout the network to converge.
Depending on the router's capabilities, other options may also exist. Some routers can be configured to
provide a routing infrastructure that can accommodate IP address failover to another segment. Additional
discussion on this topic is beyond the scope of this document due to the number of router manufacturers
and various capabilities of router operating systems. If additional information is required, HP Professional
Services division can be engaged to provide fee-based engineering services to analyze, design, and
implement solutions.
Troubleshooting client access after failover
In general, the recommended way to resolve client access issues is to confirm that everything is configured
appropriately. This can be done by gathering information about the solution requirements and the network