cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2661
Views
0
Helpful
1
Replies

Disaster Recovery Network Topology

john
Level 1
Level 1

I am trying to create an exact replica of the production network at the DR location.  Using replication from host to host, host to vmdk, and back up data, I am replicating the servers and data over.  Now I need the same subnet mirrorred along with the server names and domain.  Currently the production network and DR site use different subnet addresses separated by a point to point T3 connection.

Main reasons:

  1. Applications were not designed with DR in mind.  Resources are referenced by name or IP.
  2. Easier to clone DC and specific application systems.
  3. Other systems can be online on the DR subnet and replicating data until the time of disaster, then give DR server the same name and IP address of production system.
  4. Need to be able to bring a server on the mirrored domain online for test without affecting the production network and domain.

Considered L2TPv3, but this doesn't solve my problem of mirroring the systems.  I can't bring up 2 mirrored domain controllers or any replicated servers up at the same time. 

Thinking of using a router to NAT from DR subnet to the mirrorred production subnet. Adds a lot of complexity and IP mapping conplexity.

Also considering setting up a DMZ on the DR PIX with the production subnet.  Allows me to route traffic to the DR subnet and to the Internet.  Allows me to filter traffic to avoid name and IP conflicts.

Of course any testing that will be done will require disabling the T3 connection and accessing the DR network from another path such as VPN.

Looking for thoughts, recommendations, previous configurations.

Thanks in advance.

1 Accepted Solution

Accepted Solutions

mustafa.mail
Level 1
Level 1

Hi,

This is a typical cold DR site setup which normally only used in Disaster time only. The only two option available ti test DR site system are as below.

Disable the communication from main site

Enforce the NAT & ACl at DR to main site link router.

Option two will allow the DR system access and application validation from main site.

Thanks

Mustafa

View solution in original post

1 Reply 1

mustafa.mail
Level 1
Level 1

Hi,

This is a typical cold DR site setup which normally only used in Disaster time only. The only two option available ti test DR site system are as below.

Disable the communication from main site

Enforce the NAT & ACl at DR to main site link router.

Option two will allow the DR system access and application validation from main site.

Thanks

Mustafa

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: