Removing a 2008 R2 terminal server from a terminal server farm where DNS round robin is used

I have six 2008 R2 terminal servers and one 2008 R2 broker server and I am using DNS round robin to manage client connection requests. When I have take a server out of the farm for maintenance I start with draining the users then I remove the server from the session brokers local session broker computers group, however I receive many complaints that the session broker still attempts to connect users to the server that I took out of production. So in addition to the above steps I have also been removing the DNS records for that server on the domain controller then re-creating them when I want to bring it back online. I have the keep alive on the DNS records reduced to 2 minutes from the default of an hour. I do not understand why the session broker is still passing connection requests to the offline server.
sysengineerAsked:
Who is Participating?
 
Patrick BogersConnect With a Mentor Datacenter platform engineer LindowsCommented:
Well... in the connection broker you can add and remove any servers participating in that group (like in hardware load balancing) which is easier to maintain than only round robin.
In the latter you need to delete and add A records everytime and wait for DNS to replicate.
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi

Probably because it is not done draining, in other words, there are still session which are not terminated.
I suggest to start draining in the morning and e-mail every TS user to logoff their sessions somewhere during the day.
0
 
sysengineerAuthor Commented:
I should have explained that in more detail. after I drain the users I open task mgr and send message to all users with an active session notifying them that the server will be rebooted in 15 minutes and to log off and they will be re-directed to another server. After 15 minutes I log off any active sessions from task mgr.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Patrick BogersDatacenter platform engineer LindowsCommented:
Thanks for the explanation, this sounds like a neat way.

So for my understanding the TS is in drain mode as you killed your last sessions but still new connection attempts are made and granted?
0
 
sysengineerAuthor Commented:
New connection attempts are being made but not granted. When the server is still online and in drain mode the users get a " logons are currently disabled". When I have the server offline they get a failed connection attempt. I have suspected this is DNS related so I reduced the time to live on the host A record. Currently I am not using the Connection broker load balancing load balancing, only DNS round Robin because it keeps requiring clients to authenticate twice to establish a connection. I would prefer this method to balance my user connections rather than DNS round Robin however round robin seems to be more prevalent. Not sure why.
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Ok i think i have it clear, by DNS round Robin you mean you have 6 entries in DNS with equal names pointing to 6 different servers?

In that case you should remove 1 A record and force a DNSFLUSH on your clients or wait 15 minutes to have the DNS replicated to all clients.
If after 15 minutes people still get the error they cannot connect there is something wrong/different as default with the DNS distribution schema.

Can we assume all clients run windows 7 pro?
0
 
MaheshArchitectCommented:
Some downsides of Round Robin:
There's typically no heartbeats or failure detection with DNS records, so if a given server in the rotation goes down, its A record must manually be removed from the DNS entries
The time to live (TTL) must necessarily be set quite low for this to work at all, since DNS entries are cached aggressively throughout the internet
The client computers are responsible for seeing that there are multiple A records and picking the correct one

You may give a try to change record TTL value to 30 seconds \ 1 Min.
What I suspect, you need to force DNS update once you deleted host (A) record as its not getting clear immediately from all domain controllers and clients will be able to locate that causing issues.

You could DNS refresh in no of ways:
Just increase SOA record value in properties of SOA record on dns server where you delete Host(A) records
Trigger AD replication manually
Then just reload dns zones and clear dns cache on all DNS servers by dnscmd /clearcache
The simplest way to this for dns servers is to add all dns servers in single MMC console on any one dns server and operate from there

Mahesh
0
 
sysengineerAuthor Commented:
Yes I have six host A records with the farm name that point each of the six servers in the farm and a host A record for each server in the farm (6) with that servers IP address.

Some of the clients are still XP most are Windows 7 pro.
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
Cool. Are the clients complaining mostly xp user?
0
 
sysengineerAuthor Commented:
Not sure how many are XP.
0
 
sysengineerAuthor Commented:
Any thoughts on Connection broker load balancing vs. just DNS round robin?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.