Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Failover Engine (FoE) > How to Use the Orion Failover Engine utility DNSUpdate.exe

How to Use the Orion Failover Engine utility DNSUpdate.exe

Created by Erin Stenzel, last modified by MindTouch on Jun 23, 2016

Views: 5 Votes: 0 Revisions: 3

Overview

This article describes how to use the Orion Failover Engine DNSUpdate.exe tool.

 

Note: DNSUpdate is available stand-alone or as part of the Heartbeat kit.

 

DNSUpdate uses the dnscmd.exe to automate the change of IP addresses in a WAN environment, where different subnets are used for the primary and secondary servers. When the secondary server becomes active, DNS is updated to change the forward and reverse lookup addresses from the primary IP to secondary IP address.  

 

DNSUpdate runs each time a switchover or failover occurs. The DNSUpdate tool operates by first going to Active Directory to get a list of all the DNS servers and then attempts to update the records for the protected server based on the command line arguments.

 

The main steps performed by DNSUpdate are:

  1. Self-test (check that Orion Failover Engine is installed and the 3rd party tools are compatible).
  2. Get machine and environment identities.
  3. Get the list of Name Servers from Active Directory (if the -ns option is not used).
  4. For each Name Server check that it is contactable.
  5. For each contactable Name Server identify if it is a primary or secondary (slave) DNS.
  6. For each contactable primary DNS extract the list of zones.
  7. For each IP Address that is to be removed:
    1. For each contactable primary DNS that has a forward zone for the machine domain, attempt to remove the Forward record.
    2. For each contactable primary DNS that has a reverse zone for the machine domain, attempt to remove the Reverse record.
  8. For each IP Address that is to be added:
    1. For each contactable primary DNS that has a forward zone for the machine domain, attempt to add a Forward record.
    2. For each contactable primary DNS that has a reverse zone for the machine domain, attempt to add a Reverse record.
  9. Update secondary server (for each contactable secondary DNS request a Zone Refresh).
  10. Cleanup temporary storage.

 

The utility removes the A and PTR records for the protected server and replaces them with records for the new IP addresses. When it is run on a server, it will check the registry for the identity of the server. If it is running on the primary server it will remove the secondary addresses, identified by -s switch and add the primary addresses identified by the -p switch. When run on the Orion Failover Engine secondary server it will do the reverse.

 

User Account Requirements

The Orion Failover Engine DNSUpdate.exe utility uses the Microsoft Dnscmd.exe which requires a minimum of the user's membership in the Administrators or Server Operators group on the target computer. Both the user account and the server computer must be members of the same domain or reside within trusted domains. For more information, please see http://technet.microsoft.com/en-us/library/cc778513.aspx .

 

Enhanced Features

  1. The DNSUpdate tool can be run after initial install, as it will handle DNS configurations that have changed since then.
  2. Multiple IP addresses can be handled at the same time using multiple -s and/or -p parameters. 
  3. The DNSUpdate exe handles failures and continues to attempt to update the DNS servers even when a server is unavailable or when a specific zone update fails.
  4. It has a self-test feature that checks that the system tools that it uses (dnscmd and ping) are compatible.
  5. Can specify name servers (if required) rather than query Active Directory.

Environment

  • Failover Engine (FOE)

Resolution

 

Usage of v01.05.05

 

Note: A Domain Controller is not required if the Server (host) Name, Domain and the Name Servers are passed in the command line.

 

DNSUpdate [-h] [-v] [-d] [-ci] [[-selftest] | [[-cc appName Domain Destination] -r ipaddress -a ipaddress [-ns ipaddress] -p ipdaddress -s ipaddress [ -name compname] [ -domain domain]]

 

If no parameters are passed, a self-test will run.

 

General Parameters:

-h : Displays this usage information

-v : Displays the version of this program

-selftest : Self tests the program

-d : Debug (traces the program)

-t time : Number of Seconds that the Address can be held

-r ipaddress : Remove this ipaddress

-a ipaddress : Add this ipaddress

-cc appName Domain Output : Run as if NFDNSScripter for the given App and Domain and put the script in Output

-p ipaddress : This is a Primary ipaddress

-s ipaddress : This is a Secondary ipaddress which address is removed/added is dependant on if the machine is the Primary or Secondary

-ns : Specify the IP Addresses of the DNS’s that are to be updated.

-ci : This parameter is used to allow zone/domain matching when the case is different e.g., “WAN1.qa” will normally NOT match “wan1.qa” this parameter will allow them to match.

-name compname : Name of the server

-domain domain : Domain Name 

 

Return Codes:

0: Success : This will be returned if there have not been any errors that will cause DNSUpdate to be unable to complete its calls of DNSCMD. If any of the DNSCMD calls fail or if there are no contactable Name Servers, the Success return code will be returned. This is intentional to allow the known situations where the DNS topology is inconsistent and/or flawed.

1: Incorrect Usage

2: Invalid Parameters

3: Self-test error

4: Fatal Windows error

6: Incompatible DNSCMD.exe

7: Orion Failover Engine not correctly installed

8: Invalid IP Address

9: Ran out of memory

10: No normal Zones on any DNS have had IP Address's added. This will be returned when there has been no successful attempt to update a zone (not reverse zones).

11: Domain Controller cannot be contacted 

 

How to check whether there are secondary DNS servers in the infrastructure.

When Orion Failover Engine is configured for a WAN during installation, Orion Failover Engine automatically creates the required DNSUpdate tasks under the Applications: Tasks tab of the SolarWinds Orion Failover Manager. If Orion Failover Engine is initially installed in a LAN and later stretched to WAN or problems are encountered when DNSUpdate executes, the DNSUpdate tasks must be created manually. 

 

  1. Determine detected secondary servers using the DNSUpdate -d switch (the -d switch enables the debug mode) and look in the output for the below section:
    - Update Secondaries
    - Update secondary DNS servers
  2. If you see /zonerefresh commands on various DNS servers, you will then need to add Network Configuration tasks to both servers manually. 

 

How to create a network configuration task that runs DNSUpdate in environments without secondary DNS servers.

To create DNSUpdate tasks manually, follow these steps:

 

  1. Launch the SolarWinds Orion Failover Manager.
  2. Select the Applications: Tasks tab.
  3. Click on the User Accounts button.
  4. Click the Add button.
  5. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
  6. Click OK, and then Close.
  7. Click the Add button to add a new Task.
  8. Provide a descriptive name for the Task (for example, DNSUpdate).
  9. Select Network Configuration for Task type.
  10. Select either primary or secondary for the server the task should run on as appropriate.
  11. In the Command field, enter the dnscmd with appropriate flags as shown below in the example.
  12. In the Run As field, select the appropriate user account from the dropdown and then click OK.

 

Note: The DNSUpdate tool will detect if it is being run on primary or secondary server by checking the registry as described previously. 

 

Example: Dnsupdate -p <primary public IP address> -s secondary public IP address

 

How to create a network configuration task that runs DNSUpdate in environments with secondary DNS servers.  

To create DNSUpdate tasks manually, follow these steps:

 

  1. Launch the SolarWinds Orion Failover Manager.
  2. Select the Applications: Tasks tab.
  3. Click on the User Accounts button.
  4. Click the Add button.
  5. Enter the credentials for an account with rights to update the DNS (a member of the Administrators or Server Operators group on the target server).
  6. Click OK, and then Close.
  7. Click the Add button to add a new Task.
  8. Provide a descriptive name for the Task (for example, DNSUpdate).
  9. Select Network Configuration for Task type.
  10. Select either primary or secondary for the server the task should run on as appropriate.
  11. In the Command field, enter the dnscmd with appropriate flags as shown below in the example.
  12. In the Run As field, select the appropriate user account from the dropdown and then click OK.

 

Note: To simplify the DNS update process, a batch file can be created to include all dnscmd instances and then a single network configuration task can be configured to run newly created batch file. 

 

Example: Add the following 4 commands as separate Network Configuration tasks in the sequence listed below for each detected secondary DNS server replacing {…} with the appropriate value:

dnscmd {DNS server IP} /RecordDelete {fqdn} {netbios machine name} A {machine IP to remove} /f

dnscmd {DNS server IP} /RecordDelete {reverse zone name} {server IP truncated} PTR {fully qualified machine name} /f

dnscmd {DNS server IP} /RecordAdd {fqdn} {netbios machine name} {TTL} A {machine IP to add}

dnscmd {DNS server IP} /RecordAdd {reverse zone name} {server IP truncated} {TTL} PTR {fully qualified machine name} 

 

DNSCMD Calls

/RecordAdd - Used to add both Forward (A) and Reverse (PTR) records.
/RecordDelete - Used to remove both Forward (A) and Reverse (PTR) records.
/Zonerefresh - Used to instruct a Secondary (Slave) DNS to refresh its zones.
-? Used to extract the usage of DNSCMD so that its compatibility can be determined.
/EnumZones - Used to retrieve the list of zones.
/Info IsSlave - Used to identify secondary (slave) DNS’s.

 

 

 

 

Last modified
19:29, 22 Jun 2016

Tags

Classifications

Public