Comprehensive data protection for all workloads
Post Reply
dgapinski
Enthusiast
Posts: 62
Liked: 4 times
Joined: Dec 05, 2013 8:09 pm
Full Name: Dan Gapinski
Contact:

Replicated VMs and changed MAC addresses?

Post by dgapinski »

We have a separate VMware ESX 5.5 server that we use as a test environment, where we replicate production machines. It runs replicated VMs on a vSwitch that is physically separated from the production network. Last month, we used Veeam to copy VMs to the server and simulate production, for the purpose of upgrading AD from 2008R2 to 2012R2. This worked very well, and so we upgraded production with minimal trouble. I should say that last month, this test environment had NO internet access, so the testing was imperfect in that minor way, but served us well regardless.

This month, we introduced an Internet connection on a completely separate cable modem line to the mock-production vLan on the test ESX server, so that we could do more testing (for an application's upgrade which uses IIS and SQL services) but see real connectivity from clients coming across the Internet. So I have replicated servers handling DC's, DNS, Certificate Services, IIS, and SQL and even Network Policy even though I don't think that plays a hand here. The Internet connection works, but I now see that for about an hour or so after replicating the VMs from production, the network location changes from lss.local to Public. Also, at no point is the test IIS server able to serve out a site, and I see that domain trust relationships are now broken, and recreating them fails every time. Network Location Awareness sets the locations at Public, and setting them manually (via local policy) to Private. They can query DNS successfully, and I am rather stymied as to why the introduction of an internet connection would break all NLA and all secure channels, where it did not behave like this when the Internet had no presence. Meanwhile, servers in production carry on happily, so I don't worry about cross-contamination.

So in short, all these issues now come about from the presence of a new route online OR the replication of a freshly-upgraded AD 2012R2 domain. I suspect NLA has a hand in the trouble here. So here are my questions:

Where would you start looking to pinpoint the cause of the change in network location?

Would a change in MAC affect this, as it would seem that Veeam changes the MAC for replicated VMs?

Last month, when we upgraded AD from 2008r2 to 2012r2, there was no break in trust. Now that we're replicating AD, DNS and CS servers over, would AD be paying attention to a change in MAC addressing on our vNICs?
PTide
Product Manager
Posts: 6408
Liked: 724 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: Replicated VMs and changed MAC addresses?

Post by PTide »

Hi
Would a change in MAC affect this
I believe it could.
as it would seem that Veeam changes the MAC for replicated VMs?
That depends on your replica network settings - you can specify either "Automatic" or "Manual" MAC.

So, I suggest you to run an isolated Lab with SureBackup and check whether your replicas have the same MACs. If not, then please make them match your originals MACs and see if the issues persist.

Thank you.
dgapinski
Enthusiast
Posts: 62
Liked: 4 times
Joined: Dec 05, 2013 8:09 pm
Full Name: Dan Gapinski
Contact:

Re: Replicated VMs and changed MAC addresses?

Post by dgapinski »

I apologize that I never followed up with this. I was making the replication from backup, but found that if I replicated the VMs from production, I would end up with a happy domain with trust relationships well intact. That is good and bad though, as it means to me that a DR failover would likely result in the same behavior. I can say that the DC and IIS and DB VM's all get backed up throughout the day, but in different backup jobs at different times. So should I be looking at relying more on replication jobs vs. copy jobs for off-siting VMs? Or does this indicate another problem I'm not thinking of?
PTide
Product Manager
Posts: 6408
Liked: 724 times
Joined: May 19, 2015 1:46 pm
Contact:

Re: Replicated VMs and changed MAC addresses?

Post by PTide »

Did I get it right - replicas that were made from offsite backups resulted in a broken trust relationship, whereas replicas that were made directly from production VMs spinned-up well and everything worked?

Thank you.
Post Reply

Who is online

Users browsing this forum: No registered users and 178 guests