hey gang,

I'm having some trouble getting VVR to work between sites as part of my Netbackup DR plan.  I am able to configure RVGs, RLinks, etc, but when I try to start replication, I get a notice that "replication is paused due to network disconnection."

The background:

I have a Netbackup environment in our primary site and a smaller version of the same in our DR site.  The NBU Master servers are VCS 5.0,MP3 clustered Solaris 10 servers.  In the DR site, the Master server is a single node cluster (a second node will be added if needed down the road).  VVR will replicate the NBU catalog from Pri site to Sec site for 'recovery without import'.

Both Primary Site and DR Site Master server clusters have an IPMP VIP (on each node in the primary site) plus a VCS VIP (on the active node).   The VCS VIP is the one I'm using for VVR so that VVR can fail over from the active node in the Primary site to the standby node (in the Primary site) if needed.

There is a restrictive firewall between sites with rules like this:

pri-master-vcs-vip -> sec-master-vcs-vip on <vvr ports>
sec-master-vcs-vip -> pri-master-vcs-vip on <vvr ports>

*<vvr ports = 8989 (vxrsyncd), 4145 (heartbeat), 4545 (vradmind), 65500 (data)*

As far as network communications go, it seems that the Primary cluster is working OK.  The source IP address is the VCS VIP (as seen using snoop).

In the Secondary site, things are a little weird.  The source IP address used by the DR (single node) master cluster is the IPMP VIP, not the VCS VIP.

So, the firewall is blocking traffic from the Secondary site to the Primary site because the source IP address is wrong.

A few questions:

1.) is there a way to specify which VIP to use (the IPMP VIP or the VCS VIP)?
2.) why would this work from Pri -> Sec, but the same configuration does not work as expected from Sec -> Pri?
3.) what else am I missing?

Thanks,

ADDODD