Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 296
  • Last Modified:

secondary DNS behavious when cutoff from primary DNS

Hi

One of my clients manages a central HQ, plus remote sites.

The HQ has a Windows 2008 acting as the primary DNS server,
while the Windows 2008 stand alone servers at the remote sites
all act as secondary DNS servers to the primary.  

The forwarding server of these secondary DNS servers is
set to the primary server, and not to the local ISP's DNS
- which to me seems wrong.

The remote site servers also run an in-house web app

When the remote site's Internet link goes down, the local
workstations continue to access the local web app unhindered.

Twenty four hours later, however, the workstations can't
access the web app anymore. The server hasn't been rebooted;
I'm not sure whether the workstation has been switched off
overnight, although I suppose it has.

The two solutions used up till now were connecting to the app
using the local server's IP address, or by inserting the local
server's FQDN and IP pair into the workstation's host file.

Obviously this type of situation doesn't happen too frequently.

What I'd like to know, the next time this happens, is what address
does the web app resolve to on the workstations when it fails ?

Any ideas ?
I'll add the responses asap to the two queries I formulated here
while writing my question.

thanks

yann
0
Yann Shukor
Asked:
Yann Shukor
1 Solution
 
FrabbleCommented:
I suspect the SOA record for the zone has the expiry time set to the default of 24 hours. After this time, if a secondary DNS cannot contact a primary name server, it will stop answering queries for this zone because it considers the data too old to be reliable.
You can fix this by changing the SOA Expire time value on the primary DNS for that zone to something else, for example, 3 days - something longer than a remote site link stays down for.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now