DNSUpdate Utility v2.0.16 - Release Notes

DNSUpdate Utility v2.0.16 - Release Notes

Summary

This Knowledgebase article provides release and usage information about this specific version of DNSUpdate Utility v2.0.16 which is bundled with Neverfail Continuity Engine v8.5.

More Information

New Features

  • Added new option /servervalidation|/sv ping|dns|none: used to configure the NS record verfication mechanisn, default is ping; If the NS server is configured to not echo pings use the dns option
  • Added new option /type static|dynamic: Used to config the record type created in the Name Servers. Static is the default, Dynamic is faster but must not be used when the Aging and Scavenging DNS feature is configured on Name Servers

Issues Fixed

  • DNSUpdate is creating dynamic A records (EN-1594).

Known Issues

  • None

Usage Information

Overview

The tool DNSUpdate is intended to be used by Neverfail Engine when the Principal (Public) IP Address of the Primary, Secondary and/or Tertiary are different.

When the Principal (Public) IP Addresses are different in the Engine Cluster, DNSUpdate is used to update the DNS records for the  IP address of the currently Active Engine node when either a Switchover or Failover occurs.

When a Switchover or Failover occurs a Network Configuration task is ran that utilizes the DNSUpdate tool which updates the forward and reverse lookup addresses for the Active server for the DNS identified in the Name Server list for the domain.

The main steps that DNSUpdate performs are:

  • If they are not passed as parameters, retrieve the machine and environment identities from the machine Local Policy object.
  • Get the list of Name Servers from the DNS Server defined on the first NIC using DNSQuery API (if the “-ns” option is not used).
  • For each Name Server check that it is reachable using the mode specified in the Server Validation parameter (default is ping).
  • For each contactable DNS with an updateable forward zone for the domain.
    • Attempt to remove the Forward record.
    • Attempt to remove the Reverse record.
    • Wait for all known DNS servers to have records removed
    • Attempt to add Forward and Reverse records.
    • Wait for known DNS servers to have records added
  • For each contactable DNS with a Read Only zone
    • Initiate a zone update via wmi

Note: Even though a specific Name Server may have problems (anything from not being present i.e. not switched on, through to a permission conflict) the process will continue and will only report the error code 12 if the /strict flag is set.

Usage:

DNSUpdate [/h] [/v] [/d] [/auto] [/strict]
                     [/ns IpAddress] [/r IpAddress] [/a IpAddress] [/t time]
                     [/pri IpAddress] [/sec IpAddress] [/ter IpAddress]
                     [[/name ServerName] [/domain DomainName]]
                     [[/user user@domain] [/password password]]
                     [/timeout secs] [/pingtimeout secs]
                     [/servervalidation|/sv ping|dns|none]
                     [/type static|dynamic]

Options:

/h Displays this usage information
/v Displays DNSUpdate version
/d Outputs debug messages
/t time                              Time To Live (default 45 seconds)
/r IPAddress Remove this IP Address
/a IPAddress Add this IP Address
/ns IPAddress IP Address of the DNS server to update
/pri IPAddress Primary IP Address
/sec IPAddress Secondary IP Address
/ter IPAddress Tertiary IP Address
/auto Get IP Address from Neverfail Continuity Engine (V6 and later)
/pool n Number of servers to update concurrently
/name ServerName  Server Name (can be FQDN)
/domain DomainName  Domain Name
/user User Name (when server is not part of domain)
/password Password
/strict Returns error 12 if any part of the update has problems
/timeout secs Used to extend the default program timeout (in seconds)
/pingtimeout Used to extend the default ping timeout (in seconds) default is 2 secs
/servervalidation|/sv ping|dns|none Used to configure the NS record verification mechanism, default is ping. If the NS server is configured to not echo pings use the dns option
/type static|dynamic Used to config the record type created in the Name Servers. Static is the default, Dynamic is faster but must not be used when the Aging and Scavenging DNS feature is configured on Name Servers


Exit codes:

0 -   No errors
1 -   Not enough parameters
2 -   Invalid parameter
3 -   Nothing to do
4 -   Windows API error
5 -   Neverfail Continuity Engine not installed
6 -   Invalid IP address
7 -   Out of Memory
8 -   No Access
9 -   Winsock error
10 - No Forward Zones have had any IP addresses added
11 - Domain required
12 - Unknown error
13 - Invalid User name
14 - Cannot retrieve Name Servers
15 - Too many Name Servers, the max is 1024
16 - Program timed out, the default is 300 seconds

Parameter details

-auto      This is used to instruct DNSUpdate to use the IP addresses in the registry. With Heartbeat version V6.0 a new registry structure has been introduced that holds all the Principal (Public) IP addresses, this can be used to avoid having to specify them.

-ns        This is used to specify the IP Addresses of the DNS’s that are to be updated. The “-ns” option will replace the list of Name Servers that are extracted from Active Directory. There is no limitation as to how many times “-ns” can be specified.

-pri                  This parameter is used to specify the Principal (Public) IP Address of the Primary.

-sec                 This parameter is used to specify the Principal (Public) IP Address of the Secondary.

-ter                  This parameter is used to specify the Principal (Public) IP Address of the Tertiary.

-p                    An alternative for “-pri”.

-s                    An alternative for “-sec”.

-p/s                 These parameters are used in different ways depending on if the tool is run on the Primary or the Secondary. When the tool is run on the primary it will remove the “-s” IP Addresses and add the “-p”, when the tool is run on the secondary it will remove the “-p” IP Addresses and add the “-s”.

-t                     This parameter is used to define the TTL (Time-To-Live) for any added records, the default value is 45 seconds. This is used by other servers to time limit their cache of the record.

-name             This is used to override the server name that is extracted from the Domain Controller. This can be a FQDN of the form server.domain.com

-domain          This is used to override the Domain that is extracted from the Domain Controller.

-pool n            DNS servers are updated in batches or concurrently, to prevent too much concurrent network traffic the number of simultaneous updates can be limited to the value ‘n’. The default value is 10. Larger values have not caused any adverse effect.

-user              DNSUpdate can be ran on a server that is not a member of the domain. In this usage case, a user name of the form name@domain.com and password must be specified of a user who has DNS update permission.

-strict               If any interrogation or update of any of the Name Servers fails for any reason when this flag is set then error code 12 is returned.

-timeout          This can be used to override the default timeout of DNSUpdate (5 minutes). Either a longer or shorter time can be specified. The value passed is in seconds.

-pingtimeout    This can be used to override the default timeout of the ping (2 sec). Either a longer or shorter time can be specified. The value passed is in seconds.

-servervalidation or –sv     This is used to override the default NS server ip address validation mechanism (ping). When servers are configured to not echo when pinged the mode dns should be used. Note: if the ip address is not present or does not have a DNS running then the dns mode can take upto 12 seconds to timeout.

-type                 This is used to override the default of creating Static records. Dynamic is faster but the records can be removed if Aging and Scavenging is configured on the Name Server.

In some environments where two or more DNS servers need to be updated, the task buffer might get full and display an exit code "-1073741819" or similar. As a workaround, you will have to create one task per each DNS server. So from Advanced Management Client -> Applications -> Tasks you will have to create new DNSupdate network tasks by clicking the Add button. You will need to have one per each DNS server that needs to be updated and also one per each server in the cluster. You can configure them with the same username as the old ones and as for the command you will have to use the -auto parameter and the –ns followed by one DNS server, as in the example below:

DNSUpdate -auto –ns 192.168.1.254

Applies To

DNSUpdate Utility v2.0.16

Related Information

None

KBID-3009

 


    • Related Articles

    • Neverfail IT Continuity Engine v8.0 - Release Notes

      Summary This Knowledge base article provides information about this specific release of Neverfail IT Continuity Engine v8.0 More Information Supporting Documentation A listing of technical documents supporting this version of Neverfail IT Continuity ...
    • Neverfail Continuity Engine 16 Release Notes

      Summary The following information applies to the v16 release of Continuity Engine. Continuity Engine 16 This release supersedes Continuity Engine v15. What's New EMS Alerting based on Managed Server Telemetry The first chapter in unlocking advanced ...
    • Neverfail Continuity Engine 14 Release Notes

      Summary The following information applies to the v14 release of Continuity Engine. Continuity Engine 14.1 This point release supersedes Neverfail Continuity Engine v14.0. What's New Schneider Electric Security Expert Plugin v201.5.1 Schneider ...
    • Neverfail Continuity Engine 15 Release Notes

      Summary The following information applies to the v15 release of Continuity Engine. Continuity Engine 15 This release supersedes Continuity Engine v14.1. What's New EMS Alerting based on Managed Server Telemetry The first chapter in unlocking advanced ...
    • Neverfail Continuity Engine v12 Release Notes

      Summary The following information applies to the v12 release of Neverfail Continuity Engine. Neverfail Continuity Engine 12.1 This point release supersedes Neverfail Continuity Engine v12.0. What's New Continuity Engine CLI Installer EMS bundles a ...