Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: firstname.lastname@example.org
1. Hyper-V Replica in Windows Server 2012
Disaster recovery and business continuity are issues that we often lose sleep over. Sure, we know that we need to make sure that everything is backed up, and we do those backups (at least most of us do, at least most of the time), but I would guess many of us have not always been able to test whether we can actually fail over to our backups and restore from them. That's especially true when you think about your virtualized infrastructure. Historically, it's been pretty difficult to get a low cost and effective disaster recovery system up and working and if you did, you might not have the time or wherewithal to do a restoration and ascertain that it works.
I've had the same concerns in the past, so when I found out about the Windows Server 2012 Hyper-V Replica, I realized that my dreams (and those of a lot of other IT pros) had come true. Some commentators are calling this Windows Server 2012 Hyper-V's “killer feature” and for good reason. Right in the box is a complete disaster recovery and business continuity solution that enables you to asynchronously replicate your running virtual machines to a DR site. But that's not all. The best part is that Hyper-V Replica also has a built-in feature that enables you to test whether the replicated virtual machine will actually work when you start it up.
Microsoft calls Hyper-V Replica a "storage-agnostic and workload-agnostic solution." So what exactly can you do with it? You can replicate with standalone servers, servers in failover clusters or any combination of standalone or clustered servers. And something I think you'll really appreciate is that the source and destination servers do not have to be in the same domain, nor do they even have to belong to a domain at all.
You can replicate your VMs from the Hyper-V host at your primary site to the Hyper-V host at the Replica site, without having to rely on shared storage or storage arrays. Then if a disaster occurs at the primary site, failover to the secondary server(s) typically takes only minutes, and you can even restore the workloads to a specific point in time through the Recovery History options. You can also perform a planned failover, whereby you gracefully move a virtual machine from the primary site to the replica site.
Replication takes place every five minutes, so it's likely that if the primary virtual server goes down, the maximum amount of data that you'll lose is five minutes' worth. In addition, you can configure replication to use application consistent snapshots so that if you're running Exchange or similar workloads, there won't be any issues with database corruption.
The data can be replicated over an IP network (LAN or WAN) Replication is performed over HTTP/HTTPS, so you don't have to worry about complicated configurations on your firewalls to enable the replication. Firewall rules do need to be set to allow incoming connections on the Hyper-V Replica servers for the port designated by the Hyper-V Administrator. Authentication is done via server certificate authentication, so you don't have to worry about the servers being domain members (unless they're part of a failover cluster); just make sure that each server trusts the certificate of the other server. If the servers are part of an Active Directory domain, Kerberos/Integrated Authentication is used for mutual authentication between trusted domains.
Replica also works with clusters. You can replicate from a standalone host to cluster, from a cluster to a standalone host, or from cluster to cluster. Migration of a replica VM from one cluster node to another relies on the Windows Server Failover Clustering Service and the Hyper-V Replica Broker.
You can find out more details about Windows Server 2012 Hyper-V Replica in this blog post.
For detailed instructions on understanding and troubleshooting Hyper-V Replica in different scenarios, download this paper from the Microsoft web site.
Enterprises have lots of (high cost) options for disaster recovery but small and mid-sized businesses are particularly challenged in this arena, so Hyper-V Replica is going to be a godsend to them. Because it's built into Windows Server 2012, it's a cost effective solution for companies on a budget.
I highly recommend that you try out the new Hyper-V Replica feature. If you want to test it for yourself, check out Deploy Hyper-V Replica.
‘til next time,
Quote of the Month -
A person who never made a mistake never tried anything new. - Albert Einstein
2. ISA Server 2006 Migration Guide - Order Today!
Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..
Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.
Click here to Order your copy today
3. WindowsNetworking.com Articles of Interest
4. Administrator KB Tip of the Month
System Restore and Windows Update
By default, when Windows 7 downloads updates from Windows Update and you choose to install those updates, Windows first creates a new System Restore point before it installs the updates. The reason for this is so you'll be able to roll back your system to its pre-update state in case any of the installed updates cause problems.
However, some organizations have an IT policy that requires that System Restore be disabled on all computers. One reason sometimes given for doing this is that if a computer becomes infected with malware, any system restore points might also contain that malware. Another reason is that System Restore points can take up a lot of disk space, so turning it off frees up more disk space for users. A third reason is that if the user restores the computer to a state several weeks earlier, the computer's domain password could get out of sync with Active Directory and this can cause the computer to dis-join from the domain and need to be re-joined.
Whatever the reason, if you disable System Restore functionality on your system, you won't be able to roll back your system after installing updates. But does disabling System Restore have any impact on the ability of Windows to download and install updates from Windows Update?
No, it doesn't. Updates will install just fine on a Windows system on which you have disabled System Restore. Just know what's at stake if you do this.
For more great admin tips, check out http://www.windowsnetworking.com/kbase/
5. Windows Networking Tip of the Month
If you've been reading this newsletter and have checked out the article on the www.windowsnetworking.com web site, you know about the amazing SMB 3.0 protocol that's included with Windows Server 2012. The SMB 3.0 protocol can now work with Remote Direct Memory Access (RDMA) to give you remarkable levels of network performance. However, there is a potential problem. Windows Server 2012 also includes out of the box support for NIC teaming.
Why is that a problem? The issue is that NIC teaming and RDMA are not compatible because RDMA needs to bypass most of the network stack in order to do its magic directly with the NIC. Does this mean you can't have fault tolerance and bandwidth aggregation when using SMB 3.0 and RDMA? No! All you need to do it install additional RDMA capable NICs. SMB 3.0 includes two key features – SMB multichannel and SMB transparent failover. That means all of the NICs will be used to connect to file share resources and if any of the NICs should become unavailable, other RDMA NICs take over the connection. Nice!
6. Windows Networking Links of the Month
I'm setting up a virtualization infrastructure at work that we'll use to move our physical infrastructure onto over the next couple of years. I understand that I can take advantage of Windows Server 2012 failover clustering to provide high availability for the virtual machines. I get the value in that and it's great to have that right out of the box. But what about the guest VM workloads? How do I provide high availability for the services running in the VMs? Does Windows Server 2012 support guest clustering, and if so, how do I connect to storage?
Thanks, Mooney C.
Great question! Yes, Windows Server 2012 does include failover clustering right out of the box and the new failover clustering feature is now very tightly integrated with Hyper-V, so that you can deploy and manage a highly available virtual infrastructure with a minimum of hassle. Windows Server 2012 also supports guest clustering and it's a great idea to take advantage of the guest clustering capabilities because you not only want the VMs to be highly available, but also the services running on them. But as you know, you need shared storage to support a guest cluster. The great news is that you now have two choices for shared storage for your guests: you can use iSCSI (as you could with Windows Server 2008 R2) or you can use the new guest Fibre Channel capability, so that if you have Fibre Channel HBAs installed on the physical machine, the virtual machines can now use those to connect to storage.