Creating Neverfail Heartbeat DNS Scripts manually

Follow

Summary

This Knowledgebase article provides details of how to manually create Neverfail Heartbeat DNS Scripts for versions prior to Neverfail Heartbeat V4.4.


More Information

To create DNS Scripts manually the following information must be gathered before continuing:

  1. The fully qualified domain name.
  2. IP address of each Primary DNS server in the enterprise.
  3. For each Primary DNS server gather the names of the reverse lookup zones.

Reverse lookup zones are named with the IP address reversed, for example, the reverse lookup zone for 192.168.1.x would be 1.168.192.in-addr.arpa.

Procedure

The DNS scripts need to do three things on a failover or switchover:

  • Firstly they must unregister the current address with all DNS servers that have an entry for the server (this may not be all DNS servers in the enterprise). Unregistering the address involves removing the 'A host record' from the Forward lookup zone and removing the 'PTR record' from any relevant reverse lookup zones.
  • Secondly the scripts must register the new address with all DNS servers that need an entry (again this may not be all DNS servers in the enterprise). Registering the address involves adding the 'A host record' to the Forward lookup zone and adding the 'PTR record' to the pertinent reverse lookup zone
  • Finally where secondary DNS servers are present the script must instruct them to force a replication with the already updated Primary servers.

Removing the 'A host record'

The syntax is as follows:

Echo NFCMD doExecuteAsUser {domain admin name} {domain name} "dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine ip to remove} /f" {protected application name} start

Example:

Removing the 192.168.1.5 address for a machine called Server from the DNS server at address 192.168.1.1 where the machines are in the office domain of the office.neverfailgroup.com FQDN and its Neverfail for Exchange gives this:

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.1 /RecordDelete office.neverfailgroup.com server A 192.168.1.5 /f" Exchange start

Repeat adding lines to remove the A host records from ALL Primary DNS servers that could host the record.

Removing the 'PTR record'

Reverse lookup zones can be split on subnets and there may be multiple containers or just one - for instance if you have 192.168.1.x, 192.168.2.x, 192.168.3.x and 192.170.1.x subnets:

This can have the following reverse lookup zones:

1.168.192.in-addr.arpa

2.168.192.in-addr.arpa

3.168.192.in-addr.arpa

1.170.192.in-addr.arpa

or they could come under two containers as indicated below:

168.192.in-addr.arpa

170.192.in-addr.arpa

or they could all come under one container as indicated below:

192.in-addr.arpa

If you have an address for the Primary in the 192.168.1.x subnet and an address for my Secondary in the 192.170.1.x subnet, the PTR records for the primary and secondary would be stored as indicated below:

1.168.192.in-addr.arpa Primary

2.168.192.in-addr.arpa

3.168.192.in-addr.arpa

1.170.192.in-addr.arpa Secondary

or

168.192.in-addr.arpa Primary

170.192.in-addr.arpa Secondary

or

192.in-addr.arpa Primary and Secondary

You need to determine where the address is stored on each DNS server carefully - once it is known, the syntax is as follows:

Echo NFCMD doExecuteAsUser {domain admin name} {domain name} "dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f" {protected application name} start

Where the server truncated is the rest of the IP

Example:

for a reverse lookup zone of 1.168.192.in-addr.arpa the server truncated for the address 192.168.1.10 would simply be 10

for a reverse lookup zone of 168.192.in-addr.arpa the server truncated for the address 192.168.1.10 would simply be 10.1

for a reverse lookup zone of 192.in-addr.arpa the server truncated for the address 192.168.1.10 would simply be 10.1.168

Review theprevious example.

Example:

Removing the 192.168.1.5 address for a machine called Server from the DNS server at address 192.168.1.1 where the machines are in the office domain of the office.neverfailgroup.com FQDN and using Neverfail for SQL server this time gives this:

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.1 /RecordDelete 1.168.192.in-addr.arpa 5 PTR server.office.neverfailgroup.com /f" SQLServer2000 start

Repeat lines for each DNS server

To Add an A host record

The syntax is:

Echo NFCMD doExecuteAsUser {domain admin name} {domain name} "dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine ip to add}" {protected application name} start

Where TTL is the maximum amount of time in seconds the user can cache a lookup for.

Example:

To add the 192.168.2.5 address with a ttl of 45 seconds for a machine called Server from the DNS server at address 192.168.1.1 where the machines are in the office domain of the office.neverfailgroup.com FQDN and using Neverfail for Exchange gives this:

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.1 /RecordAdd office.neverfailgroup.com Server 45 A 192.168.2.5" Exchange start

Repeat lines for each DNS server

To Add an PTR record

As before with the names of the reverse lookup zones, we get the following syntax:

Echo NFCMD doExecuteAsUser {domain admin name} {domain name} "dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name} " {protected application name} start

Example:

Adding the 192.168.2.5 address with a ttl of 45 seconds for a machine called Server to the DNS server at address 192.168.1.1 where the machines are in the office domain of the office.neverfailgroup.com FQDN and using Neverfail for SQL server this time gives this:

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.1 /RecordAdd 2.168.192.in-addr.arpa 5 45 PTR Server.office.neverfailgroup.com " SQLServer2000 start

or where the reverse zone is called 168.192.in-addr.arpa

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.1 /RecordAdd 168.192.in-addr.arpa 5.2 45 PTR Server.office.neverfailgroup.com " SQLServer2000 start

Repeat lines for each DNS server

Getting Secondary DNS Servers to Replicate

The final piece of the script forces secondary DNS servers to update themselves with their respective updated Primary server.

The syntax for this is as follows:

Echo NFCMD doExecuteAsUser {domain admin name} {domain name} "dnscmd {Secondary DNS server IP} /Zonereload {fqdn} " {protected application name} start

Example:

Assuming we have a secondary DNS server at 192.168.1.8 in the domain office.neverfailgroup.com using Neverfail for SQL Server we would get

Echo NFCMD doExecuteAsUser Administrator OFFICE "dnscmd 192.168.1.8 /Zonereload office.neverfailgroup.com" SQLServer2000 start

Repeat for each Secondary DNS server.


Applies To

Neverfail Hearbeat versions prior to V4.4


Related Information

None

KBID-362

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.