question

SenadSadikovic-6569 avatar image
0 Votes"
SenadSadikovic-6569 asked SenadSadikovic-6569 commented

Hyper-V Reverse Replication problem

I am in the process of testing and documenting a customers DR procedure in case their primary Hyper-V host would crash and i stumbled upon an issue that i can't seem to get my head around. Initially the replication function was in a really bad shape, not replicating a single MB in 6 months, but i managed to get it to function again and new setup or a cluster setup isn't in their plans or budget right now.

I tried to perform an Unplanned and a Planned Failover with a VM that is not in production and it failed over to the replica host without any issues.

The problem occurs when i try to perform a Reverse Replication, it simply fails because it seems to believe that the receiving host is not in a state to accept replication, these are the things that i have verified so far:

  • I have made sure that the Hyper-V Replica HTTPS Listener (TCP-In) - Firewall rule is enabled on both ends since the replication is done through HTTPS 443 with a certificate trust. I have made sure that no other external firewall is blocking the traffic.

  • Both the Hyper-V hosts are configured to accept replication, there is no difference in the configuration as far as i can see.

  • I tried to break the replication of the VM, delete the replica completely on the replication host and recreate the replication, but still no difference.

  • I tried creating av new temporary VM, enabling replication for it, works fine but reverse replication still fails.

  • I tried to instead create a new temporary VM on the replication host instead and replication to the primary host worked fine, but again when i try to reverse it even from the opposite side it still fails.

  • The hosts can ping and resolve eachothers names as far as i can see so it should be a question of DNS or hosts.

I will attach some screenshots below from the configuration just in case, and also i would like to add that the customer has set this up so that the hosts are not domain joined, instead they are in a WORKGROUP but the full computer name contains the FQDN. When i asked why this was done, they answered that it is because of security reasons and that they have had problems with really slow rebooting of the hosts when they were domain joined. I dont know if the architecture could be the reason that this fails but i will try to recreate the enviroment in my own homelab since it works fine otherwise.

94812-configuration-replication-2.png94706-configuration-replication.png94821-felmeddelande.png94813-firewall-rules-1.png94658-firewall-rules-2.png


windows-server-hyper-v
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

YuhanDeng-MSFT avatar image
0 Votes"
YuhanDeng-MSFT answered SenadSadikovic-6569 commented

Hi,
Based on the screenshots, I didn’t see any replica settings issue.
Maybe you can try this and see if it works:
On both Hyper-V Hosts run these two cmdlets (start Windows PowerShell as Administrator):
Enable-PSRemoting;
Enable-WSManCredSSP -Role server;

Next run these commands:
Set-Item WSMan:\localhost\Client\TrustedHosts -Value "fqdn-of-hyper-v-host";
Enable-WSManCredSSP -Role client -DelegateComputer "fqdn-of-hyper-v-host";

fqdn-of-hyper-v-host enter the fqdn of remote host. Example: on your primary host run this commands with fqdn of your secondary host.
You will also need to configure Group Policy (gpedit.msc)
Computer Configuration > Administrative Templates > System > Credentials Delegation > Allow delegating fresh credentials with NTLM-only server authentication
Click Enable and add wsman/fqdn-of-remote-hyper-v-host.
Run “gpupdate” in PowerShell or Command Prompt.
Test reverse replication with unplanned failover. This will only work if local administrator account has the same password on both Hyper-V Hosts.
For your reference:
https://social.technet.microsoft.com/Forums/ie/en-US/02abecd9-a299-4807-b958-050b89a6cd11/reverse-replication-fails-after-failover?forum=winserverhyperv

Thanks for your time.
Best regards,
Danny


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for that suggestion, i will try it our tomorrow and reply with the result.

0 Votes 0 ·

Tested it, worked like a charm! Thank you!

I configured the Group Policy locally on each Hyper-V Host and not globally from the DC in case someone else is wondering,

0 Votes 0 ·