none
Secondary and Chaining DPM issue with Cluster RRS feed

  • Question

  • Hi,

    Wondering if anyone has any ideas.

    DPM2012R2 CU5

    We have a primary DPM (DPM01) that has all the relevant firewall ports opened between Servers being backed up and DPM01. All backups are fine for clustered and non-clustered servers from DPM01.

    We setup another DPM server (DPM02) in DR and opened up the same firewall ports, but only between the DPM01 and DPM02. Only the non-clustered server expands to allow us to select the databases when creating a new protection group on DPM02. When we try to expand the cluster name or clustered nodes, it times out.

    Do we need to open firewall ports between the Servers being backed up and DPM02 or should all communication happen via DPM01?

    A network trace seems to indicate that the ports need to be opened between Server <-> DPM02 as well. However, I would have not thought so since we can access the non-clustered databases without ports being opened. RPC ports are frowned upon by our security team so if we can do something without opening more ports, would be great.

    Any guidance would be appreciated.

    thanks. 

    Wednesday, April 29, 2015 11:30 AM

Answers

  • Hi,

    Secondary DPM servers can take over the role of the Primary should it have problems, therefore the secondary DPM Server needs to have equal access to the protected servers.  I cannot explain why enumeration for clustered resources behave differently than non-clustered ones.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, April 29, 2015 9:57 PM
    Moderator

All replies

  • Hi,

    Secondary DPM servers can take over the role of the Primary should it have problems, therefore the secondary DPM Server needs to have equal access to the protected servers.  I cannot explain why enumeration for clustered resources behave differently than non-clustered ones.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, April 29, 2015 9:57 PM
    Moderator
  • Hi Mike

    Thank you for taking the time to respond.

    Is there a way to do it without opening up more ports. Would Chaining not be able to do this? or am I misunderstanding the chaining solution.

    Thanks

    Thursday, April 30, 2015 6:53 AM
  • Hi,

    Please download and review the DPM_DR_Configurations.zip which contains a .ppt explaining the various supported DR configurations. You will need to open the ports so the secondary DPM server can communicate with the protected servers. 


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, April 30, 2015 5:03 PM
    Moderator