Poor man's disaster recovery

[Mark Alexander Bertenshaw]

Hi -

I have recently been asked to provide a disaster recovery solution for my
organisation. We currently have two stage backup which consists of copying
everthing off a shared drive on the server onto another machine each night,
and the next evening, backing up that data onto tape. Unfortunately, if we
had a fire in the office that destroyed the area around our server, we would
be in trouble.

Our network consists of a single Windows 2000 server machine, with about 12
internal client machines, and about 5 external clients. The server also
acts as a router between a separate Netscreen 5GT firewall and the rest of
the internal network. On the other side of the firewall is the ADSL router
connecting us to the internet. We have a number of static IP addresses on
the internet.

We also have another site, which has a simpler configuration of a PC
connected to an ADSL modem, with another machine connected to the PC via a
cross-over cable. Unfortunately, the modem allocates the PC a dynamic IP
address.

I was thinking that we could buy a new server to replace the current server,
and promote this to be the main Active Directory machine. After recreating
the configuration of the old on the new, the old machine would be taken to
the other site, where we would replace the ADSL modem with a router, and
attach the existing PCs onto that router. Another Netscreen firewall would
be attached to the router, and the old server be put behind that firewall.
The firewall would be setup to as to create a tunnel between the firewalls
at both sites. The old machine would now be a backup Active Directory to
the old one, and we would arrange for data to be replicated to the old
server.

Can anybody comment on whether this is a viable idea? Could the first issue
be that since the other site has a dynamic IP address? I am very sketchy on
Active Directory, so assume complete ignorance on my part!

 

[Pegasus \(MVP\)]

Hi -

I have recently been asked to provide a disaster recovery solution for my
organisation. We currently have two stage backup which consists of copying
everthing off a shared drive on the server onto another machine each night,
and the next evening, backing up that data onto tape. Unfortunately, if we
had a fire in the office that destroyed the area around our server, we would
be in trouble.

Our network consists of a single Windows 2000 server machine, with about 12
internal client machines, and about 5 external clients. The server also
acts as a router between a separate Netscreen 5GT firewall and the rest of
the internal network. On the other side of the firewall is the ADSL router
connecting us to the internet. We have a number of static IP addresses on
the internet.

We also have another site, which has a simpler configuration of a PC
connected to an ADSL modem, with another machine connected to the PC via a
cross-over cable. Unfortunately, the modem allocates the PC a dynamic IP
address.

I was thinking that we could buy a new server to replace the current server,
and promote this to be the main Active Directory machine. After recreating
the configuration of the old on the new, the old machine would be taken to
the other site, where we would replace the ADSL modem with a router, and
attach the existing PCs onto that router. Another Netscreen firewall would
be attached to the router, and the old server be put behind that firewall.
The firewall would be setup to as to create a tunnel between the firewalls
at both sites. The old machine would now be a backup Active Directory to
the old one, and we would arrange for data to be replicated to the old
server.

Can anybody comment on whether this is a viable idea? Could the first issue
be that since the other site has a dynamic IP address? I am very sketchy on
Active Directory, so assume complete ignorance on my part!

The issue of the dynamic address is easily resolved. However,
I suspect that you will run into link speed issues right from the
start. How much data do you intend to back up? What is your
ADSL link speed? Did you consider that the "A" in ADSL
stands for "Asymmetric", which means that the upload speed
is quite low?

To get a good idea of the link speed, use FTP to copy a
1 MByte file from your own server to your ISP's FTP server,
and measure the time it takes.

The charity whose PCs I maintain needs to back up between
20 and 30 GBytes. They do it by using a few hard disks
installed in caddies. Five hard disks, each with its own caddy,
is much cheaper than a 40 GByte backup drive!

 

[Mark Alexander Bertenshaw]

The issue of the dynamic address is easily resolved.

How exactly?

However,
I suspect that you will run into link speed issues right from the
start. How much data do you intend to back up? What is your
ADSL link speed? Did you consider that the "A" in ADSL
stands for "Asymmetric", which means that the upload speed
is quite low?

We will be intending to be doing replication between the two servers, having
initially cloned the original server. We would be looking at around 100M
changing a day. The ADSL link speed is 256Kbs upstrean, and 512Kbs
downstream.

I suppose if that is too slow, we could always think about getting SDSL.

To get a good idea of the link speed, use FTP to copy a
1 MByte file from your own server to your ISP's FTP server,
and measure the time it takes.

The charity whose PCs I maintain needs to back up between
20 and 30 GBytes. They do it by using a few hard disks
installed in caddies. Five hard disks, each with its own caddy,
is much cheaper than a 40 GByte backup drive!

The problems with this approach are that it requires user intervention, and
it won't allow you to completely recover the state of the server as it used
to be.

 

[Pegasus \(MVP\)]

How exactly?

By installing a service, e.g. DynDNS-Updater, and registering
your own free domain name with www.DynDNS.org. When
the service is up and running then you can refer to your remote
machine by that domain name, regardless of the actual IP
address.

We will be intending to be doing replication between the two servers, having
initially cloned the original server. We would be looking at around 100M
changing a day. The ADSL link speed is 256Kbs upstrean, and 512Kbs
downstream.

I suppose if that is too slow, we could always think about getting SDSL.

Your data volume is quite small. It should take between 60 and 90 minutes
to back up 100 MBytes.

The problems with this approach are that it requires user intervention, and
it won't allow you to completely recover the state of the server as it used
to be.

Yes, it does require user intervention.
Full recovery is possible by using ntbackup.exe to back up the System State.
To facilitate a black start, you could use a imaging product to create an
image
from time to time. Ghost or DriveImage come to the mind.

 

[Jeff Cochran]

Aside from your question, the first thing I'd suggest is a proper
backup strategy. Copying files to another system and backing that up
isn't it.

Jeff