I have 2 NAS’s same specs. I want to have one act as a full hot spare (mirrored server) that is off sight. In the event of a catastrophic failure of the primary NAS I want to be able to bring the secondary NAS to the primary sight and plug in and go. Is this possible?
Has SPACEREX posted a video on how to do this, I’m not seeing it.
Thanks
There are several ways to do this
High Availability App lets you mirror the 1st Nas to the 2nd nas. When Nas1 goes offline Nas2 takes over. No fiddling with IP adress and device name required. Thats at least what marketing says. Since a heart beat connection between devices is required the nas needs to have at least 2 network ports. Also requires at least a PLUS Verion device
With PLUS model and Btrfs you can do snapshot replication from Nas1(production unit, AD joined) to Nas2 (warm backup, not AD joined, no AD user access, only local admin) to mirror shared folders.
Make local Hyperbackup jobs for apps and DSM settings on each machine and use SSR to copy them to the other machine.
I often use this setup for off-site backups via vpn with units as simple as DS2xx+.
Nas1 goes down you have 2 options
A. Use failover in SSR on Nas2 to promote the backup shared folders to production folders, disconnect or rename Nas1 to Nas1old, change IP adress of Nas1old, change name of Nas2 to Nas1 and assign IP adress of former Nas1. NAS1(NEW) can now be joined ro AD and the shared folders includind permission work like before. Apps are not restored. By going backwards through this process you can undo this.
B. You disconnect/rename old Nas1 and assign a new IP address. You open Hyperbackup on Nas2 and select restore from local folder. Select the replicated HB jobs of Nas1 and restore Apps and DSM settings. THIS FULLY RENDERS Nas2 into Nas1 - all settings and apps included. The device needs to be rejoined to the AD. This approach is interesting if Nas1old won’t be back online.
This process can be redone by restoring the restoring JB job Nas2.
4 There is shared folder sync and i thibk @Will has a yt video on this
So for me I very rarely recommend high availability unless you really actually need true high availability (failover without user intervention)
High availability is incredibly powerful, and it actually works really well. But there are a few downsides when it comes to performance.
In general its going to be very rare for a NAS to all of a sudden just break mid way through the workday. If a unit is about to fail generally what happens is it is shut down, and then fails to boot back up.
Part of the benefit of having 2x onsite units is the fact that if you completely screw up configuring a system, you can just switch over to the backup unit. With high availability, that screw up is applied to both units and takes them both down.
The other downside of high availability is risk of split brain. (where both units act as the active file server) Though I have never seen this happen with Synology.
When I setup a 2nd unit for a business I almost always go with @Stephan_Angele’s recommendation
As its incredibly efficient, you also know that if the snapshot get sent over it has all the files EXACTLY as they were on the other system, as its block level replication rather than file level. Plus you can then just fail over really easily.
I like this option but have a question. You mention being joined to ADs. Currently we have no ADs. Do we need to implement this first?
No, AD or SynologyDirectoryServer not required.
While AD is very nice for professional use it needs to be maintained and adds complexity. When possible, avoid it.
And if you had an environment with AD or SDS i would still suggest you do NOT join the replication target(Nas2) Like this you do not expose Nas2 through a potentially compromised or malconfigured user.
Best practice for security settings:
2FA (not via synology app) is also advised for this device. When you use google/microsoft authenticator you can SCREENSHOT & PRINT THE QR code and stick it to the underside of the Nas2. You can rescan the code in case you loose your phone or google access.
For replication you could create a user SYNOREP2 (user group: user; application: smb(TBC*); pw: “password”@Nas2)
When you setup SSR on Nas1 you can use SYNOREP2 for connection to Nas2.
Lastly, under settings/security add autoblock for 24h after 3 failed logins within [max possible value, ?1440min?]. Worst case you get locked out for a day but without correct username AND password nobody gets access - ever
This really streamlines access to this box so that risk of malware/hacking is reduced as much as possible.
Following the recent video for 321 backup, I purchased my third NAS to be used as a mirror for the Snapshot Replications. When I try to create the Replication Task and login, the pop up window shows up and I login and the pop ups close and there is no username at the Login credentials section. If I hit next, it just pops up another authentication window. User is an admin on the new NAS2 and logging in directly works fine to access NAS2. So I am stuck at this point.
Any suggestions?
I have the same problem with DS155+ as source and DVA1622 (basically DS220+ for surveillance station) as replication target.
Inverting the replication direction eberything works like expected.
Obvoiusly Snapsshot services are installed both devices. Credentials are inserted correctly etc…
Synology support did not come back with usefull answers…
Well that is not very helpful!
Seriously, thanks for the reply. My two NAS systems are: primary 1621xs+ with add ons and secondary a new 1621+ with same capacities. It is a home system, I am just finally getting around to protecting the data appropriately. I have a backup system already but I like the idea of a fail over. I will submit it to Synology and see. Any thoughts of next best process? I was using Carbon Copy Cloner to back up local ext drives but now I am going to work directly from the primary NAS. I will look at Hyperbackup options as well.
So I got reply from Synology support and it seems it is a port issue. They referred me to a site to check my ports, which it says are not open, but I have a question. The ports are not open or forwarded to my external address, but these 2 NASs are on the same network and do not have firewall enabled (it was, but I turned off in troubleshooting this) so ports shouldn’t be blocked, I think.
Specific info: In order for snapshot replication to work, it requires the dsm port (5001 using https) as well as the sync port (5566 for shared folders) to be accessible going in both directions. From the source to the destination as well as from the destination to the source.
What is the syntax of the destination address in the source NAS? Do you use IP_address:port or for example DDNS like host.synology.me:port?
I was just trying to access directly by IP of NAS, but after realizing my network needs cleaning up, I created a Synology Drive sync. Hopefully that will work for me. Meanwhile I am looking into bridging my ISP modem/router to allow settings in Synology router.
So, since I couldn’t manage Port forwarding to get the Snapshot Replication method of mirroring active NAS, and I set it up as DriveSynch Share, it has been trying to duplicate about 30TB over the past 10+days. Is that normal. They are both on same LAN. Would Snapshot Replication have taken as long?
I would not recommend using snapshot replication over the internet for security reasons.
I normally install tailscale on both units and follow more or less the steps from here
To do a replication backup over the internet
Does it make any difference that these 2 NAS units are inside the same network?