Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides

Search the VMware Knowledge Base (KB)

View by Article ID

Correcting problems when DNSUpdate encounters Secondary DNS Servers in VMware vCenter Server Heartbeat

Purpose

This article provides instructions for configuring DNS update tasks in VMware vCenter Server Heartbeat manually.

Resolution

During a switchover in a WAN implementation, multiple DNS servers are updated during execution of the DNSUpdate command, but one or more servers are not updated because they are recognized by the DNSupdate tool as Secondary DNS servers.

To resolve this issue:

Determine detected Secondary servers using the DNSUpdate -d switch (the -d switch enables the debug mode) and look in the output for the below section:

Update Secondaries

Update secondary DNS servers
If you see /zonerefresh commands on various DNS servers, you need to add Network Configuration tasks to both servers manually. Add the following 4 commands as separate Network Configuration tasks in the sequence listed, for each detected Secondary DNS server replacing {…} with the appropriate value:

dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine IP to remove} /f

dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f

dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine IP to add}

dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name}

To create a new Network Configuration task:

Launch the VMware vCenter Server Heartbeat Console.
Click Advanced > Application.
Select Tasks.
Click User Accounts.
Click Add.
Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
Click OK and Close.
Click Add to add a new task.
Provide a descriptive name for the Task.
Choose Network Configuration for Task type.
Select either Primary or Secondary for the server the task runs on as appropriate.
In the Command field, run the dnscmd command with appropriate flags.
In the Run As field select the appropriate user account from the drop down and then click OK.

Additional Information

VMware vCenter Server Heartbeat is designed to integrate with DNS technology where the DNS is itself integrated with the Active Directory. Domain Name System (DNS) provides efficient name resolution and interoperability with standards-based technologies. Deploying DNS in your client/server infrastructure enables resources on a TCP/IP network to locate other resources on the network by using host name-to-IP address resolution and IP address-to-host name resolution. The Active Directory service requires DNS for locating network resources.

VMware recommends that VMware vCenter Server Heartbeat be installed in an Active Directory Integrated DNS environment.

In a standard DNS zone, there can be one Primary and multiple Secondary DNS servers. The Primary is the Start of Authority (SOA) server for that zone and the other servers are Secondary. When adding a new host record, like a new server is added into the zone, the record is inserted only in the Primary DNS server. The information is available on the Secondary servers during the replication process between the Primary and Secondary servers.

In an AD Active Directory Integrated DNS environment, all servers are updated within the AD through multi-master replication (a change on any one server is replicated to all other Active Directory databases).

For instructions on converting to an Active Directory Integrated DNS environment, see vCSHB-Ref-238 or VMware vCenter Server Heartbeat with Integrated DNS and Active Directory (1008132).

In rare cases, DNS environment issues might occur when a switchover is performed in a WAN. This may occur because the new principal (public) IP address was not registered in the DNS servers by the VMware DNSUpdate tool. The VMware DNSUpdate tool only issues a dnscmd /zonerefresh command (the DNS server is flagged as Secondary) instead of a deletion and addition of the new host record. This can cause service interruption to users that are having to setup Secondary servers for name resolution servers because they do not have the latest modifications in the environment. The workaround for this issue requires creating a series of Network Configuration tasks via the VMware vCenter Server Heartbeat Console to maintain up-to-date host records. The tasks delete the obsolete records from the Forward and Reverse Lookup Zone and add the new host record on the wrongly flagged Secondary DNS servers.

Microsoft Knowledge Base articles:

http://support.microsoft.com/kb/198437 - How to Convert DNS Primary Server to Active Directory Integrated (Win2000 Svr)
http://support.microsoft.com/default.aspx?scid=kb;en-us;816101 - How To Convert DNS Primary Server to Active Directory Integrated (Win2003 Svr)
http://support.microsoft.com/kb/828263 - DNS query responses do not travel through a firewall in Windows Server 2003

vCSHB-Ref-1707

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

1 2 3 4 5

1 2 3 4 5

Actions

Bookmark Document

Did this article help you?
This article resolved my issue. This article did not resolve my issue. This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)