none
DPM2012:both data backup and normal c/s communication through backup LAN instead of production LAN RRS feed

  • Question

  • Hi , we are deploying DPM 2012. in order to reduce firewall policy changes, we are planning to use backup LAN for everything including agent to server commnication . will this workable? The AD requirements of DPM affect this design or not? Please advise,thanks!
    Thursday, July 26, 2012 3:01 AM

Answers

  • We have some official documentation here:

    http://blogs.technet.com/b/askcore/archive/2009/03/26/so-you-want-to-try-a-backup-network.aspx

    http://technet.microsoft.com/en-us/library/cc964298.aspx

    I suppose If you want DPM to use only the backup network for normal and backup traffic, then remove the production network from the DPM Server leaving only the backup network, then make sure you have a DC and DNS server on that backup network and that should also work.  I would test the solution before running with it. 


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    • Marked as answer by kongfupanda Friday, July 27, 2012 3:51 PM
    Friday, July 27, 2012 3:27 PM
    Moderator

All replies

  • Hi,

    No, only DPM data mover traffic is redirected to the backup network, all normal agent communucations for AD authentication etc. rely on public network.


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, July 26, 2012 3:15 PM
    Moderator
  • Thanks,just double verify, do you mean it's not possible to use Backup LAN for    all normal agent communications  etc? I
    Thursday, July 26, 2012 3:24 PM
  • Correct

    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, July 26, 2012 3:41 PM
    Moderator
  • Any official microsoft link for that statement ? I need show it to customer. Thanks.

    Thanks and best regards, -- KF

    Friday, July 27, 2012 1:31 PM
  • We have some official documentation here:

    http://blogs.technet.com/b/askcore/archive/2009/03/26/so-you-want-to-try-a-backup-network.aspx

    http://technet.microsoft.com/en-us/library/cc964298.aspx

    I suppose If you want DPM to use only the backup network for normal and backup traffic, then remove the production network from the DPM Server leaving only the backup network, then make sure you have a DC and DNS server on that backup network and that should also work.  I would test the solution before running with it. 


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    • Marked as answer by kongfupanda Friday, July 27, 2012 3:51 PM
    Friday, July 27, 2012 3:27 PM
    Moderator
  • Thanks Mike. As both DC and DNS servers are to be protected by DPM, there should be connections among them through backup LAN. Anyway host file can also replace DNS for DPM backup communication. I am not sure the role of DC, could be just used during installation of DPM and agent push...? anyway after all agents installed for PS, with host file I suppose every DMP communications among them can be via backup LAN and I may disable the product NIC on DPM for testing. In future the production LAN will be in use only if the backup LAN failed.

    And from the two links of technet in above post, they seem also never explicitly state that it's impossible to use Backup LAN for everything.

    Is this above correct?


    Thanks and best regards, -- KF

    Friday, July 27, 2012 3:51 PM
  • Hi,

    You are basically on your own to see if that works. As noted, our documentation shows using two networks and we simply seperate the heavy lifting data transfer path (data mover) from normal agent communications (ldap, AD, DNS) path.

    As long as the single network you chose to use for backups allows for all of the following network communications, i should work.

    http://technet.microsoft.com/en-us/library/ff399341.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. Regards, Mike J. [MSFT] This posting is provided "AS IS" with no warranties, and confers no rights.

    Friday, July 27, 2012 7:36 PM
    Moderator