Hello,
I am hoping if someone can answer me a question on DirectAccess multi-site. Let me outline the configuration of the sites and the clients:
Seven separate physical sites, one main data centre, one DR data centre and five remote access sites with site to site VPN (client transparent)
Remote working functionality required to access application such as Sharpoint and file and print
Site to site routing (IPV4) for all management and server VLANs
IPV4 used primarily, IPV6 not disabled on NICS
Server OS primarily Server 2012 and 2012 R2
Client machines Windows 8.1 Enterprise
DirectAccess Outline
Hyper-V VM running Server 2012 R2 running DirectAccess only, one server on each site or two servers running Microsoft NLB (unicast), HA method undetermined as of yet.
"Behind an edge device with two network adapters".
No global load ballancers.
No automatic client re-direction required, just the ability of the clients to be able to select the secondary site in the event of an outage at the primary site.
No IPv6 routing possible between data centres.
Scenario
We have two data centres where virtual machines can be hosted and where DirectAccess can be published from. What we would like to do is configure DirectAccess for the primary site and have all clients connect by default here all the time. In the event of a site failure we would like the clients to be able to select the secondary site, this is now a function in DirectAccess. Whilst IPV6 is enabled on internal servers (default options enabled, IPV6 just not un-ticked) we are not in the position where we can route IPV6 between sites, we also do not want to confuse internal support and configuration by rolling out IPV6 defacto.
Is this going to be possible to configure, if IPV6 site to site routing is necessary this will not be possible which brings me to the second question.
Hyper-V replicate the DirectAccess server to the DR site, in the event of a primary site failure change the external DNS to point to a different IP address. TTL on directaccess.domainname.com set sub five minutes if possible. We understand this will not allow for multiple failover capabilities. Whist this is not necessarily the most favourable way to achieve HA is it my understanding that it negates the need for full IPV6 internally with true multi-site?
I look forward to your insight.
Kind regards,
Luke Faichney