Comprehensive data protection for all workloads
Post Reply
fowler23
Lurker
Posts: 2
Liked: never
Joined: Mar 29, 2017 8:37 am
Full Name: Kevin Coates
Contact:

App Aware Processing-VM's on isolated network to Veeam svr

Post by fowler23 » Sep 28, 2017 12:17 pm

Hi,

I know this has been raised before but am wondering with any latest developments whether there are now any options to provide a fix.

The issue is that the Veeam server sits on 1 subnet. This has a network connection to the Hyper-V hosts allowing me to do non-AAP backups. However, the VM's are a mixture of DC's and SQL server which really require AAP backups.
The VM's themselves attached to the host sit on an isolated network (for security reasons as they sit on another customer's domain). So the Veeam server doesn't have a network connection to the IP of the VM.

My understanding is that this is requred for an AAP backup. Is this correct?

If so, what other choices do we have apart from either having deploying a separate Veeam server on the customer's domain (not ideal) or creating a direct network connection between our network and their network (again, not something we can do really).

I'm sure other people in this forum have had the same difficulty so interested to hear people's views.

Thanks

nmdange
Expert
Posts: 460
Liked: 109 times
Joined: Aug 20, 2015 9:30 pm
Contact:

Re: App Aware Processing-VM's on isolated network to Veeam s

Post by nmdange » Sep 28, 2017 2:26 pm 1 person likes this post

You don't need a separate Veeam server, you would just need a guest interaction proxy that has access to the customer's domain and is accessible from the Veeam backup server. Easiest way to do that would be to give the guest interaction proxy two NICs, one in the back server network and one in the customer network.

That said, App-Aware is recommended but not required even in the case for AD/Exchange/SQL. You can use native Hyper-V Quiescence instead, which will initiate a VSS consistent backup through the Hyper-V Integration Services without Veeam needing access to the guest OS. For AD, as long as you are running DCs that are Windows Server 2012 or later, the DCs are virtualization aware and can be safely restored without needing Veeam's additional processing that App-Aware provides. For Exchange and SQL, you will lose the ability to truncate transaction logs. For Exchange, you would need to enable circular logging. For SQL server, either switch all databases to SIMPLE mode, or use native SQL agent to do transaction log backups to the local disk.

fowler23
Lurker
Posts: 2
Liked: never
Joined: Mar 29, 2017 8:37 am
Full Name: Kevin Coates
Contact:

Re: App Aware Processing-VM's on isolated network to Veeam s

Post by fowler23 » Sep 29, 2017 6:40 am

Thanks nmdange.

We are using the Hyper-V Quiescence so hopefully that will be fine. The DC's are post 2012 and I'll investigate the SQL servers. There are no Exchange servers required to be backed up.

We'll also investigate the possibility of the guest interaction proxy and see if it's something that can be done whilst keeping within the security restrictions.

Post Reply

Who is online

Users browsing this forum: baber, Bing [Bot], Google [Bot] and 41 guests