EVault - How to Use the EVault Remote Disaster Recovery Utility DNSUpdate.exe (DNS)

Follow

Summary

This Knowledge Base article describes how to use the EVault Remote Disaster Recovery DNSUpdate.exe tool.

Note: DNSUpdate.exe is available stand-alone or as part of the EVault Remote Disaster Recovery kit.


More Information

DNSUpdate uses the dnscmd.exe to automate the change of IP addresses in a WAN environment, where different subnets are used for the Primary and Secondary servers. When the Secondary server becomes active, DNS is updated to change the forward and reverse lookup addresses from the Primary IP to Secondary IP address.

DNSUpdate runs each time a switchover or failover occurs. The DNSUpdate.exe tool operates by first going to Active-Directory to get a list of all the DNS servers and then attempts to update the records for the protected server based on the command line arguments.

The main steps performed by DNSUpdate.exe are:

  1. Self-test (check that EVault Remote Disaster Recovery is installed and the 3rd party tools are compatible).
  2. Get machine and environment identities.
  3. Get the list of Name Servers from Active Directory (if the -ns option is not used).
  4. For each Name Server check that it is contactable.
  5. For each contactable Name Server identify if it is a primary or secondary (slave) DNS.
  6. For each contactable primary DNS extract the list of zones.
  7. For each IP Address that is to be removed:
    1. For each contactable primary DNS that has a forward zone for the machine domain, attempt to remove the Forward record.
    2. For each contactable primary DNS that has a reverse zone for the machine domain, attempt to remove the Reverse record.
  8. For each IP Address that is to be added:
    1. For each contactable primary DNS that has a forward zone for the machine domain, attempt to add a Forward record.
    2. For each contactable primary DNS that has a reverse zone for the machine domain, attempt to add a Reverse record.
  9. Update Secondary server (for each contactable secondary DNS request a Zone Refresh).
  10. Cleanup temporary storage.

The utility removes the A and PTR records for the protected server and replaces them with records for the new IP addresses. When it is run on a server, it will check the registry for the identity of the server. If it is running on the Primary server it will remove the Secondary addresses, identified by -s switch and add the Primary addresses identified by the -p switch. When run on the EVault Remote Disaster Recovery Secondary server it will do the reverse.

User Account Requirements

TheEVault Remote Disaster Recovery DNSUpdate.exe utility uses the Microsoft Dnscmd.exe which requires a minimum of the user's membership in the Administrators or Server Operators group on the target computer. Both the user account and the server computer must be members of the same domain or reside within trusted domains. For more information, please see http://technet.microsoft.com/en-us/library/cc778513.aspx .

Enhanced Features

  1. The DNSUpdate tool can be run after initial install, as it will handle DNS configurations that have changed since then.
  2. Multiple IP addresses can be handled at the same time using multiple -s and/or -p parameters.
  3. The DNSUpdate.exe handles failures and continues to attempt to update the DNS servers even when a server is unavailable or when a specific zone update fails.
  4. It has a self-test feature that checks that the system tools that it uses ( dnscmd.exe and ping.exe ) are compatible.
  5. Can specify name servers (if required) rather than query Active Directory.

Procedure

Usage of v01.05.05

Note: A Domain Controller is not required if the Server (host) Name, Domain and the Name Servers are passed in the command line.

DNSUpdate [-h] [-v] [-d] [-ci] [[-selftest] | [[-cc appName Domain Destination] -r ipaddress -a ipaddress [-ns ipaddress] -p ipdaddress -s ipaddress [ -name compname] [ -domain domain]]

If no parameters are passed, a self-test will run.

General Parameters:

-h : Displays this usage information

-v : Displays the version of this program

-selftest : Self tests the program

-d : Debug (traces the program)

-t time : Number of Seconds that the Address can be held

-r ipaddress : Remove this ipaddress

-a ipaddress : Add this ipaddress

-cc appName Domain Output : Run as if NFDNSScripter for the given App and Domain and put the script in Output

-p ipaddress : This is a Primary ipaddress

-s ipaddress : This is a Secondary ipaddress. Which address is removed/added is dependant on the machine identity Primary or Secondary

-ns : Specify the IP Addresses of the DNS’s that are to be updated.

-ci : This parameter is used to allow zone/domain matching when the case is different, for example, “WAN1.qa” will normally NOT match “wan1.qa” this parameter will allow them to match.

-name compname : Name of the server

-domain domain : Domain Name

Return Codes:

0 : Success : This will be returned if there have not been any errors that will cause DNSUpdate to be unable to complete its calls of DNSCMD . If any of the DNSCMD calls fail or if there are no contactable Name Servers, the Success return code will be returned. This is intentional to allow the known situations where the DNS topology is inconsistent and/or flawed.

1 : Incorrect Usage

2 : Invalid Parameters

3 : Self-test error

4 : Fatal Windows error

6 : Incompatible DNSCMD.exe

7 : EVault Remote Disaster Recovery not correctly installed

8 : Invalid IP Address

9 : Ran out of memory

10 : No normal Zones on any DNS have had IP Address's added. This will be returned when there has been no successful attempt to update a zone (not reverse zones).

11 : Domain Controller cannot be contacted

How to check whether there are secondary DNS servers in the infrastructure.

When EVault Remote Disaster Recovery is configured for a WAN during installation, EVault Remote Disaster Recovery automatically creates the required DNSUpdate tasks under the Applications: Tasks tab of the EVault Remote Disaster Recovery Management Client. If EVault Remote Disaster Recovery is initially installed in a LAN and later stretched to WAN or problems are encountered when DNSUpdate.exe executes, the DNSUpdate tasks must be created manually.

  1. Determine detected secondary servers using the DNSUpdate -d switch (the -d switch enables the debug mode) and look in the output for the below section:

    UpdateSecondaries

    Update secondary DNS servers

  2. If you see /zonerefresh commands on various DNS servers, you will then need to add Network Configuration tasks to both servers manually.

How to create a network configuration task that runs DNSUpdate in environments without secondary DNS servers.

To create DNSUpdate tasks manually, follow these steps:

  1. Launch the EVault Remote Disaster Recovery Management Client.
  2. Select the Applications: Tasks tab.
  3. Click on the User Accounts button.
  4. Click the Add button.
  5. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
  6. Click OK , and then Close .
  7. Click the Add button to add a new Task.
  8. Provide a descriptive name for the Task (for example, DNSUpdate).
  9. Select Network Configuration for Task type .
  10. Select either Primary or Secondary for the server the task should run on as appropriate.
  11. In the Command field, enter the dnscmd with appropriate flags as shown below in the example.
  12. In the Run As field, select the appropriate user account from the dropdown and then click OK .

Note: The DNSUpdate.exe tool will detect if it is being run on Primary or Secondary server by checking the registry as described previously.

Example: Dnsupdate -p <primary public IP address> -s secondary public IP address>

How to create a network configuration task that runs DNSUpdate in environments with secondary DNS servers.

To create DNSUpdate tasks manually, follow these steps:

  1. Launch the EVault Remote Disaster Recovery Management Client.
  2. Select the Applications: Tasks tab.
  3. Click on the User Accounts button.
  4. Click the Add button.
  5. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
  6. Click OK , and then Close .
  7. Click the Add button to add a new Task.
  8. Provide a descriptive name for the Task (for example, DNSUpdate).
  9. Select Network Configuration for Task type .
  10. Select either Primary or Secondary for the server the task should run on as appropriate.
  11. In the Command field, enter the dnscmd with appropriate flags as shown below in the example.
  12. In the Run As field, select the appropriate user account from the dropdown and then click OK .

Note: To simplify the DNS update process, a batch file can be created to include all dnscmd instances and then a single network configuration task can be configured to run newly created batch file.

Example: Add the following 4 commands as separate Network Configuration tasks in the sequence listed below for each detected secondary DNS server replacing {…} with the appropriate value:

dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine IP to remove} /f

dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f

dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine IP to add}

dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name}

DNSCMD Calls

/RecordAdd - Used to add both Forward (A) and Reverse (PTR) records.
/RecordDelete - Used to remove both Forward (A) and Reverse (PTR) records.
/Zonerefresh - Used to instruct a Secondary (Slave) DNS to refresh its zones.
-? Used to extract the usage of DNSCMD so that its compatibility can be determined.
/EnumZones - Used to retrieve the list of zones.
/Info IsSlave - Used to identify secondary (slave) DNS’s.


Applies To

EVault Remote Disaster Recovery All Versions


Related Information

RDR-REFID-389

KBID-2357

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.