cancel
Showing results for 
Search instead for 
Did you mean: 

Backup Exchange DAG using dedicated LAN for backups

AndresV
VIP
Partner    VIP   

Hi guys,

We have a DAG Exchange environment (exchange 2016), each node has 2 IP addresses, one for administrative purposes and one for backups but the DAG itself has only one IP address on the administrative network.

From the Master server, I can ping node1 and node 2 but not DAG (of course). I can use an exchange policy pointing to the physical node but not to the DAG. 

I talked to the exchange Admin and he told me there is no way to add another IP to the DAG just to talk to the master server.

Does anyone know how to get to use a backup network in Exchange considering the dag environment?

10 REPLIES 10

sdo
Moderator
Moderator
Partner    VIP    Certified

This implies that DAG can have multiple subnets:

https://social.technet.microsoft.com/Forums/lync/en-US/bff19469-bb4b-42a7-afe0-c1ea6cfbad4d/add-the-...

Quote: A DAG network is a collection of one or more subnets used for either replication traffic or MAPI traffic. Each DAG contains a maximum of one MAPI network and zero or more replication networks. In a single network adapter configuration, the network is used for both MAPI and replication traffic. Although a single network adapter and path is supported, we recommend that each DAG have a minimum of two DAG networks. In a two-network configuration, one network is typically dedicated for replication traffic, and the other network is used primarily for MAPI traffic. You can also add network adapters to each DAG member and configure additional DAG networks as replication networks

Note: When using multiple replication networks, there's no way to specify an order of precedence for network use. Exchange randomly selects a replication network from the group of replication networks to use for log shipping.

More information:

Managing Database Availability Groups

https://docs.microsoft.com/en-us/Exchange/high-availability/manage-ha/manage-dags?redirectedfrom=MSD...

.

BTW I am not an MS Exchange admin - but wouldn't the above let you create a replication network between the DAG member nodes which you could then use for DAG aware backups - the downside being that MS Exchange might actually use the additional replication network for replication traffic.

sdo
Moderator
Moderator
Partner    VIP    Certified

sdo
Moderator
Moderator
Partner    VIP    Certified

Yet this article:

Best Practices for configuring NetBackup for Exchange over a backup network

https://www.veritas.com/support/en_US/article.100017881

...discusses backup of clustered Exchange, and notes the following:

Applies To

NetBackup 6.5, 7.0, 7.1, 7.5, 7.6

Exchange 2003/2007/2010 Standalone

Exchange 2003 Cluster and Exchange 2007 Single Copy Cluster (SCC) on either VERITAS Cluster Server or Microsoft Cluster Server

Exchange 2007 Cluster Continuous Replication (CCR)

Exchange 2010 Database Availability Group (DAG) servers.

.

So whilst it doesn't specifically mention NetBackup v8.x with MS Exchange 2016 or 2019, I'm hoping that someone else might be able to suggest whether the same approaches discussed in the tech note should still be applicable.

sdo
Moderator
Moderator
Partner    VIP    Certified

Here's hoping that @Lowell_Palecek might be able to comment upon your options.

Taking the bait...

For Exchange 2013 and later, NetBackup maps the DAG to one of its nodes, by name. This is done at runtime on the master server. Ahead of that, each Exchange Server discovers the name of the DAG to which it belongs, and pushes that to the master server. You will see this as a pair of XML files in NetBackup\db\discovery with names like <digit> <client name> exchange.<extension> where the extension is "xml" or "dat".

The master server chooses as the DAG representative, the most recent Exchange server to upload its discovered data.

Since the node is selected by name, nbjm should be able to find it to run bpresolver. Bpresolver creates a worklist of which database copies to back up on which Exchange servers.

I haven't read the "how to use a backup network" article in a long time, maybe 10 years. I think the essence is to put the backup IP address in the hosts file of the master server. If you do that for each Exchange server, I expect your backups to work. If not, post the error you get here.

<Dsclosure: Since hitting a significant birthday last year, I only work for Veritas 3 days a week. I have Friday and Monday off. There will be a delay for any follow-up from me.>

sdo
Moderator
Moderator
Partner    VIP    Certified

Happy Birthday Mr P!

Your contributions are always worth reading, and so are also worth waiting for.  Tc.

Michael_G_Ander
Level 6
Certified

Think you need to be able to reach the DAG on the administrative network

What I have seen is that you use the DAG as client in the policy and use host.xlate to get the exchange servers to respond through the backup network

If you cannot make it so that you can reach the DAG on the administrative network, my best guess is to put all exchange servers on the backup network in the preferred list and hope Exchange can communicate internal with the DAG

The standard questions: Have you checked: 1) What has changed. 2) The manual 3) If there are any tech notes or VOX posts regarding the issue

AndresV
VIP
Partner    VIP   

Hi,
I'm sorry to bother after so much time since I wrote this post.

We were taking backups over the backup network directly through each node like standalone.

Both master and media server has 2 NICs. Nic1 in 10.151.12.xx and Nic2 in 10.70.92.xx (backup network)

The exchange server nodes have 2 NICs as well, Nic1 in 10.70.64.xxx and NIC2 in 10.70.92.xx. So if I ping from the master or media to exchange node 1 I receive response 10.70.92.xx

The Dag hostname has an IP 10.70.64.xx

According to the above the backup and restore over the backup network works very. Now the customer wants to backup using DAG hostname even though like I said the backup is running fine using each node.

Both networks 10.70.92.xx and 10.70.64.xxx are different VLAN so they cant see each other, however, 10.70.64.xxx and 10.151.12.xxx can ping each other because both are administrative networks.

Do you have any suggestions?

 

AndresV
VIP
Partner    VIP   

Hello,

I thought I posted some additional information but apparently I didn't, anyway, let me give more information.

Both master and media server has 2 NICs, Nic1: 10.151.12.xxx, Nic2 10.70.92.xxx (backup network)

the exchange nodes now have 2 NICs as well, Nic1: 10.70.64.xxx, Nic2: 10.70.92.xxx. (backup network)

the Dag IP address is in 10.70.64.xx.

Right now the backup policy is configured to use directly the node because we have communication thought backup network, and like I said backups and restores operations run fine.

10.151.12.xxx can communicate to 10.70.64.xxx because both are administrative networks,

10.70.92.xxx cant communicate to 10.70.64.xxx because are different VLANs.

I modified the host file so master and media server can resolve exchange node over 10.70.64.xx that is why backups/restore work.

Now the customer wants to modify the policy so we use DAG hostname, do you have any suggestions?

Yes, use the DAG name as the policy client name. NetBackup maps the DAG name to the Exchange server nodes internally (assuming Exchange 2013 or later). This is based on the DAG membership info that NetBackup on each client pushes to the master server. See my earlier response.

If you don't find the exchange .xml and .dat files in the master server's NetBackup\db\discovery folder, then you need to troubleshoot the NetBackup Discovery Framework service on the Exchange nodes. The process is nbdisco.exe and it logs in VxUL format to the nbdisco folder. The monad log in the beds folder also would be relevant.

Assuming nbdisco does work in your environment and you do have the exchange files in the master server's discovery folder then using the DAG as the client name should work for you without further changes, as follows:

1. nbjm invokes the discovery service on the master server to find an Exchange server to represent the DAG.

2. nbjm executes bpresolver on the selected Exchange server. Bpresolver makes a worklist of which databases to back up on which Exchange servers. Bpresolver appears in the Activity monitor as a snapshot job that is the parent of the subsequent real snapshot jobs.

3. pem creates individual snapshot and backup jobs on the individual Exchange clients.

In all of this, NetBackup never needs to find an IP address for the DAG. Everything is done with individual Exchange server nodes. The Exchange servers are accessed by name. If you had backups to the Exchange servers working before, they should continue to work when you change the client name to the DAG.