Setting Up a 3-2-1 Backup for Synology NAS

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
all right how's it going you so today we're going to be going over something that's absolutely critical to business users and that is how to set up a 321 backup solution for sonology Nas a 321 backup solution is something that every single business should strive for for their critical files not every business has one and we'll talk about it later but not every business really needs one but any business that has the budget for it should absolutely strive to have a 321 backup solution for their critical data a 321 backup solution is pretty simple three total copies of your data across two different mediums we're actually going to talk about that it's a little different than it used to be back in the early '90s when mediums actually mattered now it's methods is the way I explain it better and one of them is offsite so you get three total copies of your data across two different mediums with one of them being offsite and so the very normal setup is to have two on-site that are ready to fail over from one to the other and then one offsite somewhere three to toal copies your data especially to somebody who has a ton of data like a video production house can seem absolutely insane and it is not an ironclad rule that all of a sudden you're going to lose your business because you don't have a 3 to1 backup solution really it is what you should be striving for if at all possible it is a lot and it can be quite expensive especially when you're paying a ton and you've got 100 terabytes it can be very expensive but for those businesses what I do really recommend is to go down to your core file maybe it's not the archive projects from 5 years ago that you've not touched in 5 years but maybe it's your active projects where you have not done that delivery to the client yet and make sure the stuff that you really could not live without where if you lost that data your business would be in genu Jeopardy make sure that that is what you get a 321 backup solution for at least if you can't do that a two1 backup solution essentially two copies of your data one of them off site that is a great place to at least be I'd say that in terms of backup goodness having a two one backup solution where we've got two copies of your data and one of them is offsite and by offsite that means an entirely separate location it should be ideally somewhere where if there was a natural disaster hopefully it would not affect both your on-site and your offsite but at least something where if there was something like a theft or a fire or anything like that something that is offsite enough the further way you can get it while also not being insanely far away is a great place to be a lot of business owners I work with stick it at their house it's a great place to put it it's an easy way to get an offsite backup but I would say that that 21 backup solution is probably about 90% of the way there so if that's all you can afford absolutely get the 21 backup solution where you've just got one offsite and we'll show you at the end of this on the offsite how to set that up but def definitely get that and then if you can to get that last hurdle that last 10% of backup goodness get that second on-site unit to get the full 321 backup solution because it will allow you to have a complete Hardware failure and have 10 15 minutes of downtime rather than spending an entire couple of days trying to recover files from your off-site backup throughout this video I'm going to be focusing on kind of the goal best setup three nases but I am also going to be mentioning how you can achieve this with something as easy as an external hard drive it's not going to be as good but if that's all you can afford it's still going to be way better than nothing and get you a lot of the way there I am going to be focusing on like the right way to do it if you've got the budget but I will be mentioning how you can set this up a lot simpler with a lot lower cost as well all right so now that we've gotten all that out of the way let's go ahead and talk about what a 321 backup solution looks like and why it's so important so we're going to to frame this with the standard office file server that main piece of data that contains all of your important stuff that main Nas that is going to be the primary Nas we're going to call it primary we're going to have a secondary the secondary is the on-site one and then they're going to have the offsite Disaster Recovery those are three nases so the primary is really easy to understand because that's what you've got it is your place where you've been storing all your files all of your employees have been storing their files right on that Nas they come in they edit it over SMB they've got it mounted all those normal things this is also very common with something like a virtual machine so if you're running a bunch of virtual machines and using a sonology for storage you would be doing the exact same thing here so now what happens if something goes wrong with that Nas power supply fails it corrupts the data because there was a hard crash there's a bad powerage that pops The Surge on it who knows what happens if something goes wrong with that Nas this is where having a backup is crucial raid redundancy like shr and raid 5 those are not backups because if you delete a file you corrupt a file you do anything it's going to be written to all the discs it is not independent if your volume crashes all the discs have crashed you can't rely on raid as a backup it's great to have because it keeps you going with Hardware failures but it is not a backup all right so now let's go back to the case where you've got that onsite Nas and for whatever reason it has just gone down this is where you do not want the case where all of your employees now cannot do their jobs because the Nas is down even you have an off-site backup those are generally things that can take a very long time to recover for so you may be down for multiple days where your employees are not doing anything at all and cannot get their work done that is why having the onsite Nas that rep replicated Nas that secondary Nas is so important the secondary onsite Nas is all about being able to have an instant failover that means if the primary is down you should be able to start working out the secondary as soon as possible and that is going to be our setup here so when I'm setting these up for businesses by the way you can hire me down the link in the description I have it set up where the secondary Nas is able to be failed over to incredibly quickly and we're going to go over how that works essentially you update a couple of commands on the secondary Nas it now becomes the primary and everybody's DNS records just switch over to it and boom now you are back up and running and all of your employees have lost the past progress from the past 15 minutes but they are fully back up and running and can do everything that is the really important part about the on-site secondary Nas that is all about being able to fail over to it it focuses on being able to recover from whatever and not have downtime your off-site Nas that's the one that goes to your house or somewhere far away or even the cloud if you want to pay a subscription fee your offsite Nas is really focused on what's called Disaster Recovery Disaster Recovery are fires floods who knows what happens Disaster Recovery is really focused on having the entire office go down and being able to recover from it a off-site backup is not really designed to fail over it's very much focused on being able to survive a large outage and still have all of your files you may not have instant access to the entire thing where you just fail the entire thing over and everybody's now mounting it and working just as they were really this is focused on if something happens you can rebuild your on-site Nas exactly how it was and in the meantime while it's rebuilding be able to grab the files you need off of it and so you still can do some work it's not a ton of fun but it's really designed to have a major catastrophe and survive that and that is what the offsite Nas really focuses on and it's also great because it's a completely separate system that's actually the two and 321 it used to stand for two different mediums which was like you would have hard drives and then tapes for your backup now it's kind of different methods so say your backup method from your primary to your secondary has has had an issue and it's not actually been backing up properly for the past 8 months but it's been failing silently well you don't want a case where that same backup method The Identical backup method is also going to your off-site backup because though you should be testing your backups every month most people do not and so it's all about having two different methods of backing up that Nas so it's a completely independent way where hopefully if there's an issue with one of the backup methods the other backup will work now the last thing I want to touch on before we go into actually setting this up is a very common thing that a lot of people try to do and I highly recommend not doing it do not backup off of your backup a lot of people want to use their secondary that on-site secondary unit to actually send to the offsite Nas this is not something you should do for the primary reason you don't want a case where you have a single point of failure in that case I talked about earlier where that replication from the primary to the secondary fails you don't want that also to break your offsite back up whenever you're backing up backup off of the source of Truth the place where the files are put and stored primarily whoever is the server that everybody's reading and writing from that is where you should do all of your backups from because that's the only one you know is going to be up to dat and working perfectly because if that's broken you will be told about it but if your secondary is broken and it's failing silently none of your employees are connecting to it all right so now we've got the Core Concepts of a 321 backup solution set up now let's actually just go over the hardware that you use to build this thing out and first an knowy which is what we're going to be focusing on it's easy get any three nasas that have the right storage capacities you're looking for as long as they've got btrfs you are set they can be three entirely different units they can be three identical units it is really up to you you can also have this setup with completely different performance tiers a really common thing I do is I deploy the primary Nas that is the one that's got the ssds in it that's the one that is really powerful the really nice one it's got the 10 gig networking everything great on that and then that secondary on-site Nas you know you can buy lower tier Nas for that depending on what your budget is because you can save a ton of money there and on the very low chance that you ever have to fail over to it yeah yeah you might be slower but you've got it it's way more important to have the hardware than to have the identical Hardware if that makes sense I would take any day a really slow 100 megabit connection to a secondary Nas than having a really powerful primary and no secondary at all because it's one of those things where if you ever need to fail over to it your employees will be able to deal with slower speeds but they will not be able to deal with having access to their files so it's really up to you on whatever you'd like to do the most important thing is to make sure that the primary and secondary have overall the same storage capacity or the secondary actually having more storage capacity if you want to use it for additional versions for a later date so one asterisk to that is if You' got something like a security camera running on the primary it's up to you but most people don't care to back up that footage to the secondary Nas Just because it's not worth it the chances of something happening and actually needing to grab the footage off the secondary Nas because not only did your primary Nas crash but you also had a break-in where you need to review security camera footage is pretty low for most people and if there was a break in or fire something both are going to be destroyed anyway so it's one of those things where there's no law on exactly what you have to do these are just guidelines and there are asterisks to everything I'm going over here one last thing I did want to mention is if you do have a large space it can be worth it to put your primary and your secondary in completely different locations if that can work for you because if there is a fire water or even theft that does increase your chances of one of them being affected but not the other one the important thing for this is that both the primary and the secondary are Nas units with btrfs because that's actually what we're going to be using to sync these two then the off-site nas generally can be very low performance because it really does not matter much at all all it needs is the Right storage capacity in general if you get plus units you're never going to have any issues whatsoever with this kind of stuff I'm going to be doing this with a 923 plus backing up to a 1522 plus and that's just going to be the setup it really does not matter too too much and I'll go ahead and leave a link down the description below to some Amazon links to just like hey this is a great Nast use for this this this just down the description below and now with all that out of the way let's go ahead and actually set these things up so right here I'm going to go ahead and log into these guys and Nas one right here is our primary Nas this is the one that everybody's going to be accessing all the time and then Nas 2 right here is going to be our secondary on-site Nas this is the nas that we want to be able to fail over in an instant and have everybody just switch over to it so the first thing I would really recommend doing just to make your life easier is go in and on NAS 2 change the wallpaper you can just come in here go into a personal display preferences and just customize the background to a different image that way whenever you're on here you just subconsciously know oh I'm on a different Nas it really helps out a lot and can just make your life a lot easier and really reduces risk of making stupid mistakes because you just have a very instant recognition oh this is the secondary Nas okay so now with that set up effectively have two things that we need to get done that sync between these two units the first one is the files by far the most critical part of this that's all about what we're doing and we're going to be using snapshot replication for this so then the second thing that needs to distinct between the two of them is users and permissions so there are three different ways to do this the first and the one that actually works without any other Hardware at all is you actually just set up an ldap server on both the primary and the secondary set up the ldap ser server on the primary and then that replicates to the secondary why this is important is you want to make sure that if you have to fail over your users and their permissions also automatically fail over without you having to add your users really quickly so I'm not going to go over it here because it's a pretty complex tutorial but I will leave a link down the description below where it's very easy to set up you just go through step by step by step and you will have the two users with two different independent groups set up on there where even if the primary is down users can still log into the secondary unit option number two is you've got a domain controller if you've already got a Windows domain controller easy just add your Nas to that domain controller and make sure your primary and your secondary are both on the domain controller this also works for any other sign on method that you're using if you've got like jump cloud or ldap or whatever you're doing just make sure both the primary and the secondary have the same user groups finally option number three which especially if you're a smaller group and the stuff gets gets complex very quickly is just not to deal with that and don't syn your users instead if you've only got a few users and you have to switch over from nas one to NAS 2 and you've got pretty simple permissions it's okay you can just add the permissions later on and maybe you're down for an hour while you're getting everybody the new permissions but you have all your data so if that's too complex for you it's okay you can absolutely just set it up and if you ever have to fail over as long as you're okay coming in adding user accounts and permissions really quick it's not too big of a deal but that is the one thing we're not going to go over here just because it can get complex pretty quickly so now I'm going to go ahead and pretty much set this thing on up I'm going to go ahead and start with our shared folder and we are going to create a shared folder here I'm just going to call it office files going to run through it however you want to more likely than not you've already got this set up with a bunch of different things and let's just go ahead and dump a few files to this thing so all right we've got some files over here great the next thing we want to do is we want to make sure we can send the files from nas one to NAS 2 constantly and for this we're going to use what's called snapshot replication to replicate these files so on both the primary and the second go in the package Center install Snapshot replication It'll ask you to also install the replication service say yes to both and optionally I'm also going to install DNS on here this way we can actually update the records to make this fail over even more seamless but this is kind of optional what DNS is going to allow us to do is to actually change what everybody's mounting so we can actually tell everybody okay Mount the SE secondary not the primary anytime we want to we can do this All without logging into anybody's computers by just updating DNS records this is one of those things that's also going to be a little bit more complex for people who don't necessarily understand the stuff super well but this is what I like to set up on everybody's systems because it allows you to switch over so easily lastly I forgot to mention this earlier make sure you've got static IP addresses or DHCP reservations for both the primary and the secondary you don't want these to have I addresses that change so now snapshot replication is installed the next thing we need to do is just go ahead and set up a replication task from nas one to NAS 2 for all of our important shared folders and that is incredibly easy to do and that is what we're going to use to sync these two file systems we're just going to go in the replication Tab and hit create this is the super powerful part about this that lets us have these things sync really really really often we're going to set up a remote so that way we will send them from nas one to NAS 2 we're going to put in the IP address of Nas 2 and if it's on a local network you don't have to encrypt and we're just going to go ahead and authenticate the pop-up window will probably be blocked but now just sign in to nas2 with an administrator account you can set up a one-off user account for this the problem is it has to be an admin user so probably the easiest thing to do is just sign in with your admin account I wish there was a way to limit permission to only replication but yeah it needs full admin privileges on the secondary unit so now we're just going to hit next and now we are going to get to pick what volume the snapshots go to on the secondary unit so if you've got two different volumes on the secondary unit that have some shared folders go to one place some sh folders go to the other it's not a big deal just come in do this task twice and set up two different times we only have the one volume so we're just going to go to that and now we're going to go ahead and select office files and homes because I do want to show one asterisk on the homes one and so these are the folders We want to replicate and these are the folders that are going to be synced on over so I'm not doing million files because that was a test for another video but this could also be like surveillance station that you just don't want backed up and won replicate it so now we're going to send it over the network and now we get to choose our schedule for most people I would recommend 1 hour or less what this means is how often do the snapshots get sent and so you can do this during business hours so just say between 6: a.m. and 8 whatever works for you and every 1 hour or you can also do every 30 minutes it kind of comes down to if that failover does need to happen how much data are you okay losing if you do every hour you will at worst have lost the last hour of employees work if you do every 30 minutes I would recommend 15 minutes at the most because it can start to slow down the nas but if not much is going on 1 hour is an easy recommendation because it's very rare that this ever occurs and we can also set it to have immutable snapshots where the snapshots cannot be deleted on the backup system if you are running DSM 7.2 or later and the secondary system has the ability to have immutable snapshots so what this will mean is nobody not even us as the administrator will be able to delete these files for 7 days so we're essentially just going to send these snapshots every day from 6:00 a.m. to 8:00 p.m. every hour now we're going to set the retention policy for the destination what's easy to do is keep the essentially hourly versions for the past 14 days then dailies for 60 days and it kind of comes down to whatever you'd like to do these are pretty easy to recommend though and I would not recommend checking either one of these and so now what this is going to do is every hour it is going to send over anything that's changed from the primary to the secondary that is incredibly powerful it is really efficient really lightweight because it doesn't have to do a full file scan it doesn't have to go through and check all the different metadata like hyper backup does or rsync does instead it just knows everything that's on both systems already and can replicate incredibly quickly without having ton of random reads on either system so now it's going to go ahead and start the initial replication and it's pretty small so it's not going to be too much at all we can also change our settings here by saying all right we can handle two tasks at once if we'd like to and going on the secondary unit and doing the same and now when we come into our secondary unit over here and go into snapshot replication we're actually going to see these two coming on in and you will notice office files has the exact same name but homes has the name of homes replicated and there's not an easy way to change this unless you do need to fail over which is an annoying thing but we can see we've got those both sent on over and we look into office files we'll see all those files exactly how they were even better they are read only on this end which is exactly what you want so the secondary unit you can read files from anytime but nobody can modify it so nobody can accidentally be saving to the backup unit essentially and this is incredibly fast and really easy so let's just say I add a new folder in here we can see I'm going to actually just manually schedule the snapshot just to make it so we don't have to wait hit sync and all of a sudden over here that demo folder is just right there and this also works by mapping the drives in file explorer so I just mounted both the drives in here and we can see that this one's on NAS 2 and this one's on NAS one so if I make a modification on NAS one and sync it to NAS 2 it is just going to show up on NAS 2's version of office files without us really having to do anything it's automatic every hour really really really reliable one of the best parts of using snapshot replication is there's two possible outcomes anytime a replication task occurs the entire thing every bit of file every bit of metadata comes over perfectly exactly how it was on the other system just like that or the entire replication fails because it's actually sending over the underlying file system there's no chance where oh that extension actually caused a weird issue with a script so it wasn't sent over there are two possible outcomes everything's sent or the entire thing fails which is very very very valuable in a backup solution and so that is how the replication works now let's say that the nas one is down so I'm just going to go ahead and shut it down let's say it hard crashed it's corrupted it fell off a desk and shattered whatever now let's do the fail over process for Nas 2 over here so we can see that when I shut it down the server went away and so now I've only got one office files and this is the replicated one and I cannot come in here and I can't add any files to this because well it is read only it is still the destination replication what I then do is I come into the secondary unit and I go into the recovery Tab and now I hit fail over so now we're just going to hit fail over and now we just come back in and boom we're working again we have just failed over to the secondary Nas and that's it that's how easy the failover was I'm not going to go into it here because it's just going to make this video a lot more complicated but what I also add in for a lot of people is the ability to update DNS records so if you have to fail over from nas one to NAS 2 instead of telling everybody all right this is the new drive you mount instead what you do is you just simply go ahead and you update the the DNS records on the secondary system and boom everything just switches on over and have it like a TTL of 5 minutes on there unfortunately there's just too much to do in this video because we still have to set up our off-site backup and so that is how the primary setup works now I'm going to go ahead and boot it back up and we're going to go into the offsite backup while it's booting I did also want to mention you do not require a second Nas to do a full 321 backup solution you don't need a second on-site Nas though there's a huge benefit to them if you don't have the budget a great place to start is to have a hard drive that you just plug in via USB to the Nas and you set it with USB copy or hyper backup to essentially just copy everything on over to this and that way if the primary Nas does fail you can grab this hard drive plug it into your computer and start sending people over the files as they need them it is not a phenomenal solution if you ever do have to switch Swit over to it because you can't really switch over to it you just have to grab files one off but the real value in it is it's a lot cheaper and a lot less maintenance and so if you can't afford the second on-site Nas at least get a external hard drive for your critical stuff because it will be the difference in all right this is a huge pain and oh we are going to have to be down for a few days as we try to recover so I just booted as one back on up and now we're just going to go in and reprotect it and we have the options to go ahead and figure this out so we're going to say that Nas 2 failed over we want to make Nas One The Source again and we are going to take the data that was set up on NAS 2 all right and so now that's it we've got our two on-site units set up and ready to go and working now we have to get that last one that one crucial off-site backup and there are actually a few different ways of doing this ranging from a Cloud sync hyper backup to C2 hyper backup to your own server hyper backup to a senology whatever we're going to be going over hyper backup to a off-site sonology Nas because this is really focusing on no subscription fees and just onetime costs so to do that simply go in and install hyper backup on your primary unit once again your primary unit not your secondary but your primary unit and then on your third off-site unit which we're actually going to be using Nas 2 for because I don't have three nasas that I can use for this go ahead and install hyper backup Vault just like that so your primary will have hyper backup and your off-site will have hyper backup Vault now on your secondary system go ahead and go into control panel shared folder and we're going to create a shared folder for the backup so we're just going to go ahead and create a new folder here without recycling bin and we're going to call it Nas One hyper backup hyper backup destination for Nas one you can optionally encrypt it here but I would actually instead we're going to encrypt it via transit before ever even gets to This n so we'll skip that and you cannot select Worm for this go ahead and enable data check sum you don't need to enable compression because the you can compress via hyper backup before it's actually transmitted and now we're going to go ahead and create a new user for hyper backup I always call it Nas in hyper backup user and generate a random password if you'd like or set your own this is just a one-off service account account that is just used for hyper backup and so that way we've got least permissions it's just easy to start with it this is the user going to sign in on NAS one to NAS 2 with don't add them admin group and just give them access to NAS one hyperbackup and allow them permission to hyperbackup Vault so this is just what we're going to use for permissions here now we can come on into Nas One and we're just going to create a new hyperbackup task we'll do folders and packages though now there is entire system as an option and we're going to select remote Nas device or once again if you're going to anything else these can work as well I'm kind of running through this because I've done this in a few different videos that I will leave down in the description below enter the IP address we're first going to start with the local IP address because because we want to set up the first backup on site not over the Internet just to save on bandwidth but then backups after that we will switch this IP address to however you're going to be connecting to it I will leave a link down description below for how to use tail scale with Hyper backup if you don't have the ability to do port forwarding or if you just want to sight site VPN there's a bunch of different options here that I you can set up in exactly your specific case but figure out the best way you want to do this off-site backup for now we're just going to do it locally for this sake of this video for certificate often ignore is the right solution it encrypts the data though it does technically put you in subject to a possible man the midle attack but we're going to be encrypting the data before every leaves the nas so it's not too big of a deal for authentication I click no here so I can just type in the password and just send over the username and password you created over here and now select your shared folder you should see it if you see it there means everything's worked and now back up everything you want to back up this is granular where you can choose exactly what things you like backed up and all that good stuff and finally we can do client side encryption where this is where we're actually going to encrypt it before it ever even leaves the Nas and that way even if you're data is intercepted or anything like that it's encrypted before ever even leaves this Nas and then it's going to download the encryption key make sure to keep it and then it's just your regular hyper backup settings how long you'd like to keep the versions at your house for and that's it we now have set up a full 32 one backup solution after this Nas finishes the very first backup go ahead bring it offsite update the IP address to your home's IP address use the tail scale link down the description below where I go over how to use that and now you are truly protected pretty much anything should be able to happen because you have this off-site disaster recovery backup and if something just happens to the primary Nas boom you can switch over very easily I apologize I did have to leave out a few components of this that kind of bring it to the next level I'll leave a link down description below for how to set up the ldap server as well as the DNS server that allows us to kind of switch over it's just there's a million different things you can do in everybody's case will be different but now you are truly protected and you have set up a 321 backup solution with your sonology Nas all right well that's going to be it for this I know this was a long one go and leave any other questions You' got for me down in the description below and if you want to hire me for a project I've got link down the description below for that as well all right have a good one bye [Music] oh
Info
Channel: SpaceRex
Views: 27,316
Rating: undefined out of 5
Keywords:
Id: u_77X-MlCnk
Channel Id: undefined
Length: 35min 5sec (2105 seconds)
Published: Wed Sep 27 2023
Related Videos
Ransomware Protection: The Complete Guide for Synology NAS
SpaceRex
81K
How to set up Synology for your Business: COMPLETE BEGINNER GUIDE
SpaceRex
21K
Backups: You're doing 'em wrong!
Jeff Geerling
285K
what is Data Scrubbing (and how to enable on Synology)
Nick Talks Tech
920
Synology How To: Setting Up Remote Hyper Backup, No Cloud Necessary
Lon.TV
19K
Synology Home vs Homes Explained - New users most common mistake
SpaceRex
43K
No NAS, No Nonsense Backup Strategy
Raymond Parker
7.2K
How to Backup MacOS to Synology NAS using Time Machine (easy)
SpaceRex
38K
COMPLETE BEGINNER’S GUIDE for Synology NAS - 2023 DSM 7.2
SpaceRex
264K
Massive Botnet Attacking Synology - how to protect your NAS
SpaceRex
95K
I Built a NAS: One Year Later. EVERYTHING I Learned and the Mistakes
Jimmy Tries World
811K
You NEED a NAS for Video Editing! why and how to do it
SpaceRex
30K
COMPLETE Guide to Synology Drive - Create your OWN CLOUD
SpaceRex
34K
Synology NAS Upgrade Step-by-Step
Crosstalk Solutions
23K
Everyone Should have a NAS - How I backup everything
zollotech
43K
Complete Backup Strategy for Synology NAS Devices (Automated 3-2-1 Backups)
WunderTech
10K
The Complete Hyper Backup Guide For Synology NAS (YOU NEED TO BACKUP YOUR NAS)
SpaceRex
119K
Microsoft 365 Backup with Synology Active Backup
Bright Ideas Agency
2.6K
Synology NAS Auto Backups - Backup from one NAS to another NAS [Keep Your Data Secure]
Tech With Emilio
14K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.