As Jorge mentioned you do not have to follow your physical
subnets for Lag-Sites. Usually you would use that as a guideline, but for
lag-sites you can do a sub-subnetting. AD replication does not care about the
physical structure or TCP/IP-Settings (Subnetmask, Def-Gateway) - it just cares
what you have configured in the sites, subnets and what IP the DC is using. So
you can in a 10.1.x.x network you could configure all servers with 10.1.x.x
IP-Adresses with a Subnet-Mask of 255.255.0.0, however you keep all servers in
one lagsite in the same "virtual subnet" 10.1.9.x and all production Servers in
10.1.1.x - 10.1.8.x. Remember that all have the default gateway and subnet mask
for 10.1.x.x. But now you create the virtual subnets in AD, and join 10.1.1.x -
10.1.8.x to the production site, and 10.1.9.x to the lag-site. AD-Replication
will do what you wanted it to do, even without the need for
routing.
However - and this was the main reason why I wanted to
follow up on this - remember that one lag-site might not be enough. Imagine you
configure your lag-site to replicate every thursday 6pm. So if someone
makes an error deleting a whole OU on e.g. Tuesday, you are recognizing it on
Wednesday and are able to rollback this OU (authoritative restore on the lag
site, then force replication). However if someone deletes a OU on thursday, and
you recognize it on friday (or even thursday 7pm) you have to restore a server
from tape first, because your only lag-site has already replicated that
deletion.
What I prefer is creating two lag-sites, one which
replicates in the middle of the week and one which replicates on the weekend. No
matter when the error will be performed (even right before replication of one of
the lag-sites), we always have a at least half week old copy of the AD
in the one of the Lag-Site. And I've even heard from someone
using seven lag-sites for every day in the week. Perhaps he's jumping into this
thread later ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz
Weblog:
http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile: http://mvp.support.microsoft.com/profile="">
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frank Abagnale
Sent: Friday, March 03, 2006 4:29 PM
To: Active
Subject: [ActiveDir] AD Lag SitesSingle Forest, Single Domain, W2K3 FFLI am thinking about setting up a lag site for DR purposes.Just for clarification purposes, would I need a separate IP subnet i.e IP subnet that isn't assigned to any other site in AD to create this?All my existing IP Subnets are assigned to existing Sites which are used for normal replication, so I am assuming my question will result in a yes.Does anyone have any recommended guides to followthanks frank
Relax. Yahoo! Mail virus scanning helps detect nasty viruses!
