locked
Multi-site design with point to point connection over WAN RRS feed

  • Question

  • Hello.

    We are working on setting up a secondary server room for the purpose of failing over in the event of a fire or other disaster at our primary location. We are only looking at configuring a Active/Passive design with a manual failover.

    Right now we have a point to point 500Mbps layer 2 network from our primary to our secondary location, so our VLAN 1 at our primary is 10.0.0.1/16 and our secondary location VLAN 1 is also 10.0.0.1/16. Everything is communicating and working fine.

    My question is regarding the setup of the two sites in Active Directory and I basically have two choices:

    • A) I can create different subnets at the secondary location and control the routing between the networks. This will allow me to easily associate the subnets with the appropriate sites to make sure everything is authenticating where it should authenticate.
    • B) (One I'm leaning towards) I can keep it the way it is and use a Catch-All subnet in Active Directory Sites & Services. So the network at the secondary site will still be 10.0.0.1/16 but I will make sure to put all servers on 10.0.192.0-10.0.255.255 and then create a subnet in Sites & Services for 10.0.192.0/18. I can manually move the domain controllers in the secondary site to the correct site in Active Directory.

    The B) option sounds more ideal to me since I won't have to mess with routing and I can configure a mirror image of the primary datacenter as far as the networking is concerned, but I've never done it that way and was wondering of any drawbacks. With the B) option all servers should still authenticate to the appropriate DC's. 

    Thursday, December 14, 2017 9:08 PM

Answers

  • Hi,

    Based on the description, I would suggest you using option B, and assign a smaller subnet for the secondary site with the secondary DC.

    For data security, we suggest you create at least two DCs in each site and keep backup for all DCs every day.

    For your reference:

    https://technet.microsoft.com/en-us/library/2009.06.subnets.aspx

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    William


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Quadrantids Friday, December 15, 2017 9:40 PM
    Friday, December 15, 2017 8:19 AM

All replies

  • Hi,

    Based on the description, I would suggest you using option B, and assign a smaller subnet for the secondary site with the secondary DC.

    For data security, we suggest you create at least two DCs in each site and keep backup for all DCs every day.

    For your reference:

    https://technet.microsoft.com/en-us/library/2009.06.subnets.aspx

    If there is anything else we can do for you, please feel free to post in the forum.

    Best Regards,

    William


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Quadrantids Friday, December 15, 2017 9:40 PM
    Friday, December 15, 2017 8:19 AM
  • Yeah I think we are going to go with that option. Thanks William
    Friday, December 15, 2017 9:40 PM