VMware vCenter Server Heartbeat - How to Correct Problems when DNSUpdate Encounters Secondary DNS Servers in vCenter Server Heartbeat

Follow

Summary

This Knowledgebase article provides information about how to configure DNS update tasks in vCenter Server Heartbeat manually .


More Information

vCenter Server Heartbeat is designed to integrate with DNS technology where the DNS is itself integrated with the Active Directory (AD). For more information about vCenter Server Heartbeat and DNS integration, please refer to the Related Information below. Domain Name System (DNS) provides efficient name resolution and interoperability with standards-based technologies. Deploying DNS in your client/server infrastructure enables resources on a TCP/IP network to locate other resources on the network by using host name-to-IP address resolution and IP address-to-host name resolution. The Active Directory service requires DNS for locating network resources.

Active Directory Integrated Environments

VMware recommends that vCenter Server Heartbeat be installed in an Active Directory Integrated DNS environment.

In a standard DNS zone, there can be one Primary and multiple Secondary DNS servers. The Primary will be the Start of Authority (SOA) server for that zone and the other servers will be Secondary. When adding a new host record (for example, a new server is added into the zone) the record will be inserted only in the Primary DNS server. The information will be available on the Secondary servers during the replication process between the Primary and Secondary servers.

In an Active Directory Integrated DNS environment, all servers are updated within the AD through multi-master replication (a change on any one server will be replicated to all other Active Directory databases).

For instructions on how to convert to an Active Directory Integrated DNS environment, please see the Related Information below.

In rare cases, DNS environment issues might occur when a switchover is performed in a WAN.  This may occur because the new Principal (Public) IP address was not registered in the DNS servers by the DNSUpdate tool. The DNSUpdate tool will only issue a dnscmd /zonerefresh command (the DNS server will be flagged as Secondary) instead of a deletion and addition of the new host record. This can cause service interruption to users that are having to setup Secondary servers for name resolution servers because they do not have the latest modifications in the environment. The workaround for this issue requires creating a series of 'Network Configuration' tasks via the vCenter Server Heartbeat Console to maintain up-to-date host records. The tasks will delete the obsolete records from the Forward and Reverse Lookup Zone and add the new host record on the wrongly flagged Secondary DNS servers.

Procedure

During a switchover in a WAN implementation, multiple DNS servers are updated during execution of the DNSUpdate command, but one or more servers are not updated because they are recognized by the DNSupdate tool as Secondary DNS servers.

  1. Determine detected Secondary servers using the DNSUpdate -d switch (the -d switch enables the debug mode) and look in the output for the below section:

    UpdateSecondaries

    Update secondary DNS servers
  2. If you see /zonerefresh commands on various DNS servers, you will then need to add 'Network Configuration' tasks to both servers manually. Add the following 4 commands as separate Network Configuration tasks in the sequence listed below for each detected Secondary DNS server replacing {…} with the appropriate value:

    dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine IP to remove} /f

    dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f

    dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine IP to add}

    dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name}

    To create a new 'Network Configuration' task, follow the steps below:
    1. Launch the vCenter Server Heartbeat Console.
    2. Click on the Application button.
    3. Select the Tasks tab.
    4. Click on the User Accounts button.
    5. Click the Add button.
    6. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
    7. Click Ok, and then Close.
    8. Click the Add button to add a new task.
    9. Provide a descriptive name for the 'Task' (i.e. DNSUpdate).
    10. Select 'Network Configuration' for Task type.
    11. Select either Primary or Secondary for the server the task should run on as appropriate.
    12. In the Command field, enter the "dnscmd" with appropriate flags.
    13. In the 'Run As' field select the appropriate user account from the drop down and then click Ok.


Applies To

All Versions


Related Information

vCSHB-Ref-1706 - 'vCenter Server Heartbeat, Integrated DNS, and Active Directory'

Microsoft Knowledge Base articles:
http://support.microsoft.com/kb/198437 - How to Convert DNS Primary Server to Active Directory Integrated (Win2000 Svr)
http://support.microsoft.com/default.aspx?scid=kb;en-us;816101 - How To Convert DNS Primary Server to Active Directory Integrated (Win2003 Svr)
ht tp://support.microsoft.com/kb/828263 - DNS query responses do not travel through a firewall in Windows Server 2003

KBID-1707

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.