cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
624
Views
0
Helpful
2
Replies

Disaster Planning - Keeping IP Addresses

gsabatino
Beginner
Beginner

Hello,

I'm looking for a way to keep IP addresses of servers in the event of a disaster.

My goal is to keep the IP addresses at the main datacenter (DC) to the FO (failover) DC.

 

I've come up with the following, but I'm sure there is a better way.

 

1. Main DC - IPSec Site to Site VPN to FO DC.

2. Perform NAT between these two sites for replication.  Only key servers need this NAT.

     a. ESX Hosts, SAN/NAS devices

3. Use SAN/NAS block-level replication from the main DC to the FO DC.

4. When a decision to use the failover site is made, redirect all sites to the FO DC.

 

Remote Sites have a primary VPN to the Main DC and a FO VPN to the FO DC.

Local Subnets - 192.168.50.0/24 - 192.168.85.0/24

 

Main DC - Local Subnet - 192.168.1.0/24

NAT - 10.10.1.0/24

 

FO DC - Local Subnet - 192.168.1.0/24

NAT - 10.10.2.0/24

 

 

Reasons:

1. When failing over to the FO DC, all we need to do is boot up the VMs and they'll have network connectivity.

     a. No need to re-IP everything.

2. The VMs/Datastore will be up to date

     a. No restoring data from backups as the replication is block-level and running constantly.

3. Sites will manually failover to the FO DC.

   

 

Any thoughts/advise, better options?  Thanks in advance!

 

2 REPLIES 2

mahditalebi
Beginner
Beginner

I did not get that why you need NAT between DCs. Most of the time in designs, two data centers are connected through technologies like OTV, VPLS, VXLAN BGP EVPN and etc. According to your application traffic types, business and technical requirements these decisions will be made. Designing Active/Standby or Active/Active designs requires a deep understanding of business applications.

Hi there and thanks for your reply.

 

I'm wanting to do NAT so that my primary/prod network can talk to the failover network using the same IP subnet.

 

Using any of those technologies would require differing IP addresses, meaning that a prod server in the primary site would be say 172.16.1.1/24 where in the failover site would be 172.16.20.1/24.

 

During failover, changing all of the failover IPs would require a lot more work to get up and running.

 

The alternative I can think of is using DNS.  Then changing the hosts in DNS with the new addresses.  

 

I'm not sure of what the 'correct' way of setting up a failover site should be.  Looking for advise/help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: