Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Secondary DNS being used before primary 1

Status
Not open for further replies.

Draeus

Technical User
Jan 21, 2013
72
US
Where I live, power outs are more common than they should be. When the power goes out longer than the battery backup can last for, the server goes down and when power comes on, it still needs started back up. We can't just have the server power on auto when the power comes back because it's iSCSI'd to a QNAP that takes forever to load and if the server comes on too soon, it doesn't see the virtual machines and blah blah blah. Not everyone knows how to get it up in order and it takes too long anyway. So to get sales going quickly again after a power out (there is a retail part to the store), I just set statics on everything so they could talk with or without server and then primary DNS to the server and secondary to 8.8.8.8 so they get internet with or without server.

So when a power out happens, it is using the 8.8.8.8 to get around but when the server comes back up, it doesn't default back to it as the primary for some reason. Meaning that you can't get to companyweb or email (you can get to email, but not the simple way everyone knows how to do) through a browser. I can go around and take the 8.8.8.8's back out, get to companyweb and then put the 8's back in and still get to companyweb, but that's kind of a long process for something that should already be using the server as a primary.

Any ideas on how to fix this without having to go around to each machine and reset the DNS's again?

Thanks!
 
That is exactly why using a public IP as a DNS secondary is a bad idea.

Basically, once the client can't reach the first DNS server IP in the list, it will switch and use the next DNS IP on the list AND WILL NOT CHANGE BACK WITHOUT A SYSTEM RESTART. So it would be much better for you to only use your DC as the DNS server and not have a secondary DNS IP at all than to use a secondary IP that is external to your network. If you do use your 8.8.8.8, you will cause user authentication issues, failure to reach internal resources, and group policy problems.

To deal with the problem you describe in your office, you could set up a different DNS server (wouldn't have to be an actual server) that the sales systems would query. It would forward queries to your internal DC if available, but if the queries time out (usually 3-5 seconds) then the "proxy" DC would forward the queries to the internet. When the internal DC/DNS came back online, it would then continue to properly service queries for the "proxy". In general, this would be much less brittle than what you are doing. Alternately maybe a firewall/router appliance at your site would support something like that, but the critical need is for it to be able to forward queries to your internal DNS (either globally or conditionally per-domain).

Dave Shackelford
ThirdTier.net
TrainSignal.com
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top