First of all i would like to provide my excuse for my poor english writing, i'm french.
I come today on this forum to query advices and solutions for the problem i'm going to report here.
i just come to deploy a netbackup environnement with these architecture:
netbackup version: 7.6.1
- Principal Site:
backup VMWare virtual machines (hypervisor network) thru media-hyp-princ.domain.fr network interface
backup clients for physical servers (backup network) thru master-princ.domain.fr of the master and media-princ.domain.fr for the media
Rôle: AIR (Auto image Replication)
Each backup (VMs and clients) on the principal site are replicated via AIR to the secondary domain (using SLP)
i've checked the network client backup flow and all transits thru the backup vlan (media-princ.domain.fr), that we want
And the VMWare backup is on the same VLAN (hypervisor vlan) so the backup flow transits thru media-hyp-princ.domain.fr network interface
All works great but....
The deduplication pool is attached to the MSDP hostname media-hyp-princ.domain.fr, on the hypervisor VLAN and i try to associate media-princ.domain.fr to the MSDP that it could be recognize as media-princ.domain.fr and media-hyp-princ.domain.fr
i've added media-princ.domain.fr as media server and you ca see below the nbemmcmd.exe -listhosts result:
NBEMMCMD, Version: 7.6.1
The following hosts were found:
Command completed successfully.
media-princ.domain.fr and media-hyp-princ.domain.fr appear on the media list from the netbackup windows administration console as media server.
As you can see, media-princ.domain.fr and media-hyp-princ.domain.fr are the same physical media server but on differents vlans
Why i want to do this ?
because when i try to backup Active Directory servers with granular recovery, client backed up try to communicate with media-hyp-princ.domain.fr, and this is the only error i encounter.
Below the nbfsd logs on the client:
12:25:18.724 [472.2344] <2> logparams: <install_path_netbackup_client>\Veritas\NetBackup\bin\nbfs mount -server media-hyp-princ.domain.fr -port 7394 -retry 11 -cred ABCDEFGHIJKLMNOPQRSTUV (cred volontary replaced for copy on this forum) *
12:25:18.739 [472.2344] <2> rpc_connect: connecting to media-hyp-princ.domain.fr
12:25:39.753 [472.2344] <16> rpc_connect: can't create TCP connection to media-hyp-princ.domain.fr (12 10060), will retry...
12:25:44.760 [472.2344] <2> rpc_connect: connecting to media-hyp-princ.private.univ-tlse3.fr
12:26:05.773 [472.2344] <16> rpc_connect: can't create TCP connection to media-hyp-princ.domain.fr (12 10060), will retry...
12:26:10.781 [472.2344] <2> rpc_connect: connecting to media-hyp-princ.domain.fr
12:26:31.810 [472.2344] <16> rpc_connect: can't create TCP connection to media-hyp-princ.domain.fr (12 10060), giving up
and it works....
Perhaps is it the best solution for me because i have a lot of production backup on the media
Because MSDP is declared on hypervisor vlan, my responsible wants i re-install everything....
After such a big works, i'm desesperate in the idea to re-install everythings, i did all the research, test, and implementation alone, without help, this represent months of work, but in my test environnement, my media wasn't on multiple network, just on the hypervisor network, so i did the same configuration on my pre-production architecture and i think now this is a mistake to configure my MSDP on the hypervisor network
Thanks a lot in advance for your advices and solutions
Let me say I don't like backup networks for the exact reasons posted above, its really really complicated and NetBackup's communications are also quite complex. None the less you'd like to do it so I'll give a suggestion that might resolve some issues.
What i would do is install the servers using the shortname, not FQDN. I always do this just in case someone wants to change domains at a later stage.
So as an example you'd have media server called media1, that might have two interfaces
But it is still just called Media1, so there is no confusion about the name.
In terms of the clients, if you'd like to access them via the backup network, they would need IPs/entries in the backup network too (xxx.backup.company.com). That would ensure they media server is going to contact them via 20 network. With this however you might find issue with applications like Exchange where the "DAG" name is used, but you could probably implement some workarounds for that.
I hope that helps/makes sense.
I would just bond the 10g and have 20g and drop all these complicated networks :)
First of all, big thanks for your interesting answer.
the only problem it's just that the domain name is the same, it's a private domain name that we use for non external routable domain.
And the other question is:
Do my MSDP fqdn domain is in the good network ? i use the attached storage for the backup client (backup network) and VMWare backup (hypervisor network)
it seems that my FQDN's msdp should be in the backup network...
But i'm not sure about it
Thanks a lot
I dont think the dual names will work, or i don't how it will work. Other alternative you can use (on a small scale) is to use hosts files and specific routes.
In this scenario you'll place hosts files on the media and client
Media server will have entry that overrides any DNS and points to x.x.x.x for client A.
Client A will have a entry that points x.x.x.y for media.
Having the route ensure there are no other options to get to the media. This method gets a bit messy when you've got many clients as you'll have to manage the hosts files.