November 7, 2016 at 10:36 am
Dear all,
I have setup a 2 x node WSFC with alwaysON AG (primary replica on node1, and secondary replica on node2) with synchronous commit (and manual failover).
When i trigger a failover, i can see that the AG listener resource/IP will get reallocate to node2.
However, I will to setup another DR site which is on another subnet and add this node into the WSFC cluster; then add this into the AG with async commit and manual failover too.
However, i am abit lost in its implementation of doing so, and i hope gurus here will experience on such setup and shed some light ->
q1) when adding a node (e.g. node3) from another subnet into the existing WSFC, is there any firewall port that must be open to allow the WSFC heartbeat communication between node1,node2 (local site) to node3 ?
q2) i have read some multi-subnet cluster setup, and it seems like there will be 2 DNS entries with different subnet IP for each the WSFC cluster name resource as well as the AG listener resource.
e.g. AGListener 192.168.1.1 - primary site subnet ip
AGListener 192.168.10.1 - dr site subnet ip
e.g. WinCluster 192.168.1.100 - primary site subnet ip
WinCluster 192.168.10.100 - dr site subnet ip
As DNS lookup work in a round robin fashion, what will actually happen if a client lookup AGlistener and get routed to 192.168.10.1 (which is the DR site subnet) ? Will there be a AG resource created over in the DR node which will then route the request back to the primary site ?
q3) can i confirm for multi-subnet cluster setup for Alwayson AG, there is no need for any shared storage nor storage replication ?
I have seen google abit but most multi-subnet cluster setup are done with FCI, can anyone here share with me any setup references for multi-subnet cluster setup with alwayson AG ?
Thank you so much!
Regards,
Noob
November 9, 2016 at 9:50 am
q1)
all ports must be open between three nodes multi subnet or not. check out the ports
Windows Server Clustering –
TCP/UDPPortDescription
TCP/UDP53User & Computer Authentication [DNS]
TCP/UDP88User & Computer Authentication [Kerberos]
UDP123Windows Time [NTP]
TCP135Cluster DCOM Traffic [RPC, EPM]
UDP137User & Computer Authentication [NetLogon, NetBIOS]
UDP138DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
TCP139DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
UDP161SNMP
TCP/UDP162SNMP Traps
TCP/UDP389User & Computer Authentication [LDAP]
TCP/UDP445User & Computer Authentication [SMB, SMB2, CIFS]
TCP/UDP464User & Computer Authentication [Kerberos Change/Set Password]
TCP636User & Computer Authentication [LDAP SSL]
TCP3268Microsoft Global Catalog
TCP3269Microsoft Global Catalog [SSL]
TCP/UDP3343Cluster Network Communication
TCP5985WinRM 2.0 [Remote PowerShell]
TCP5986WinRM 2.0 HTTPS [Remote PowerShell SECURE]
TCP/UDP49152-65535Dynamic TCP/UDP [Defined Company/Policy {CAN BE CHANGED}]
when you add node, verify you have 2 (multi-subnet) ip addresss for the windows cluster name. only one should be online at any given time.
q2)
you will have 2 ip addresses for one DNS record for windows cluster name and for listener
clients will not go to DR server unless you fail-over to DR site
q3)
Thats correct. all you need is local storage.
Check out my you tube video, https://www.youtube.com/watch?v=WSZsm3y-pHs , here is another link https://mssqltrek.com/2016/07/10/lab-setup-alwayson-ags-in-a-multi-subnet-cluster-part-2/
November 9, 2016 at 10:17 am
goher2000 (11/9/2016)
q1)all ports must be open between three nodes multi subnet or not. check out the ports
Windows Server Clustering –
TCP/UDPPortDescription
TCP/UDP53User & Computer Authentication [DNS]
TCP/UDP88User & Computer Authentication [Kerberos]
UDP123Windows Time [NTP]
TCP135Cluster DCOM Traffic [RPC, EPM]
UDP137User & Computer Authentication [NetLogon, NetBIOS]
UDP138DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
TCP139DSF, Group Policy [DFSN, NetLogon, NetBIOS Datagram Service]
UDP161SNMP
TCP/UDP162SNMP Traps
TCP/UDP389User & Computer Authentication [LDAP]
TCP/UDP445User & Computer Authentication [SMB, SMB2, CIFS]
TCP/UDP464User & Computer Authentication [Kerberos Change/Set Password]
TCP636User & Computer Authentication [LDAP SSL]
TCP3268Microsoft Global Catalog
TCP3269Microsoft Global Catalog [SSL]
TCP/UDP3343Cluster Network Communication
TCP5985WinRM 2.0 [Remote PowerShell]
TCP5986WinRM 2.0 HTTPS [Remote PowerShell SECURE]
TCP/UDP49152-65535Dynamic TCP/UDP [Defined Company/Policy {CAN BE CHANGED}]
when you add node, verify you have 2 (multi-subnet) ip addresss for the windows cluster name. only one should be online at any given time.
q2)
you will have 2 ip addresses for one DNS record for windows cluster name and for listener
clients will not go to DR server unless you fail-over to DR site
q3)
Thats correct. all you need is local storage.
Check out my you tube video, https://www.youtube.com/watch?v=WSZsm3y-pHs , here is another link https://mssqltrek.com/2016/07/10/lab-setup-alwayson-ags-in-a-multi-subnet-cluster-part-2/
Hi goher2000,
Thanks for your reply and the links provided.
Can you elaborate further if there are 2 DNS entries per AG listener, what if the DNS resolution (round-robin) resolves to the IP/subnet in the secondary replica node ? - does it means that will also be a listener listening at the secondary replica node, but it will direct the request back to the primary replica ?
Regards,
Noob
November 10, 2016 at 6:04 am
szejiekoh (11/9/2016)
Can you elaborate further if there are 2 DNS entries per AG listener, what if the DNS resolution (round-robin) resolves to the IP/subnet in the secondary replica node ? - does it means that will also be a listener listening at the secondary replica node, but it will direct the request back to the primary replica ?Regards,
Noob
This link details multi subnet clustering
https://msdn.microsoft.com/en-us/library/ff878716.aspx%5B/b%5D%5B/u%5D%5B/url%5D
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
November 10, 2016 at 9:29 am
Perry Whittle (11/10/2016)
szejiekoh (11/9/2016)
Can you elaborate further if there are 2 DNS entries per AG listener, what if the DNS resolution (round-robin) resolves to the IP/subnet in the secondary replica node ? - does it means that will also be a listener listening at the secondary replica node, but it will direct the request back to the primary replica ?Regards,
Noob
This link details multi subnet clustering
https://msdn.microsoft.com/en-us/library/ff878716.aspx%5B/b%5D%5B/u%5D%5B/url%5D%5B/quote%5D
Hi Perry,
Thanks for the link. Not having an actual environment now to try.. i am taking points from the site, hope to seek your confirmation on my understanding
1) SQL Server Setup sees this configuration as a multi-subnet cluster and sets the IP address resource dependency to OR.
-- This means the AG listener resource will always be up if either IP from the different subnet can be bind to the node.
2) In a multi-subnet failover cluster configuration, the IP addresses are not owned by all the nodes in the failover cluster, and may not be all online during SQL Server startup.
-- This means in a multi-subnet cluster, that the IPs addresses/subnets configured for the AG listener are not bind/available on all nodes. Hence if the current node is the primary replica, the means the AG listener will be running on this node at its IP/subnet configured.
3)In a multi-subnet configuration, both the online and offline IP addresses of the network name will be registered at the DNS server.
-- I will be seeing two IPs/entries for a single resource name (AG listener) on the DNS server
4) The client application then retrieves all registered IP addresses from the DNS server and attempts to connect to the addresses either in order or in parallel.
-- This means somehow my client driver must have the capability to connect to 2 IPs at the same time using the parameter
MultiSubnetFailover=True
5) With legacy client libraries or third party data providers, you cannot use the MultiSubnetFailover parameter in your connection string.
-- This means the client will have to adjust it timeout setting, to retry the 2nd DNS entry for reconnection
In short, the AG listener is always on the active node, but the DNS lookup will always return multiple entries. The ability to connect to the AG on the active subnet depends on the client compatibility in handling multiple returned DNS entries..
Hope i am right :/
Regards,
Noob
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply