DR for DNS - DNS server IP hard coded in all clients

Hi - lets say I loose the primary DNS server in a DR situation. - And lets say hypathetically I dont have a secondary DNS server set in the IP settings on a server.

The dns server I have set on the server/s points to the 1 interface IP of the failed DNS server.

Is there a way to set this up better in a redundant sense - say point the servers to an IP that will allow me to centrally change to a new non failed DNS server. and not have to change the DNS server IP set in all the servers.

Also hypathetically if I had another DNS server that was ok in a DR situation - Could I simply just add the "primary failed DNS server/s IP address as a secondary IP address to a  good DNS server. - The clients with hard coded DNS server IP  would then communicate DNS ok to this new DNS server via the secondary IP.

I know I should just have secondary DNS set in all servers - Im just not convinced 1 this has been done on the 100's of servers - or in fact all would be ok if the primary DNS server was down/failed.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hypothetically, this sort of issue is most often handled by clients getting their DNS server settings from DHCP, the same source from which they get their IP address. Is there some reason you're not taking advantage of this technology? If you only have one central DNS server, that's a pretty serious single-point-of-failure, and the only option you might have is to point all clients to an external DNS (server like Google's so that they can still reach the internet and do something when the single central server is dead. While it remains dead, you can bring on a DHCP service elsewhere (routers can often perform this function if you enable it) to keep things limping along as best they can.
philb19Author Commented:
Thanks jmcg - Im talking about internal DNS AD DNS here. - And Im talking about servers not PC/clients.
For servers as a rule you always use static IP not DHCP - Yes I have DHCP but for user devices not servers.

Once you change a NIC IP to static - you dont get option to set the DNS as Receive auto - you must set static as well.

Any further help? thanks
Andrew DavisManagerCommented:
Generally on servers (other than the DHCP Server) i will still create a reservation record in the DHCP for the IP that i want the server to have, but then i set it statically anyway, This just then lets me keep track of who has what within DHCP. None of the above really is  of relevance to your situation but thought it was worth saying.

In your instance, you could set up a secondary DNS server and they will replicate changes between them then in the case of a DR on one server the secondary DNS will handle the requests.

Alternatively you could write a Powershell script to change the dns on each of the servers and run this remotely.

$computer = get-content C:\azam\sl.txt
$NICs = Get-WMIObject Win32_NetworkAdapterConfiguration -computername $computer |where{$_.IPEnabled -eq “TRUE”}
  Foreach($NIC in $NICs) {
$DNSServers = “",”"

Open in new window

From https://social.technet.microsoft.com/Forums/windowsserver/en-US/ed3f4c9e-1467-4795-b9d1-ae41937b8962/script-to-change-dns-servers-on-remote-server

Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

I like Andrew's suggestion. Static + DHCP reservation. It would not take much modification of that script to report on your servers' current DNS settings, as well, so you can see which ones don't have a secondary.

If the cost of a Windows license is the barrier to setting up a second DNS server, you can find instructions on how a Linux server (could be a tiny 256MB virtual instance) could fill in that role.
Andrew DavisManagerCommented:
Thanks jmcg,
You are right in that the secondary server could be a Linux server.
Couple of things to consider with that.
1. Don't host on the same machine as the primary DNS, as it is there for DR you don't want to loose both at the same time. (I have seen stupider things :) )

2. you have to be happy to manage a Linux machine within your environment.

philb19Author Commented:
Thanks for both input here.

Im pretty sure 99% of servers have a secondary DNS server specified. And yes as the zones are AD integrated the 2 servers are in synch. My main concern is I really have serious doubt about how our production environment would cope with loosing the server that is specified as the primary DNS server in all our servers. - Im just doubtful that the secondary DNS server would seamlessly with no interruptions take  over.

Do you think If I set a secondary IP (that of the failed primary DNS server) on the secondary DNS server - that that would help ?- At least then the servers could still communicate with the IP set as their primary DNS server. - Or is this not a good idea/wouldnt work?
Andrew DavisManagerCommented:
I think you have lost me.....
So you have two DNS servers and the servers on the network have primary DNS set as IP of DNS1 (i will call the two DNS servers DNS1 and DNS2 for simplification), and they have secondary DNS set as IP of DNS2.

Your question is, if DNS1 failed and dropped off the network, would the servers continue happily with DNS2 settings while DNS1 is offline. If that is the question then the answer is YES. That is the whole point of having a secondary DNS. In fact even while DNS1 is working fine, you should find that some of the requests will be handled by DNS2.

philb19Author Commented:
Ok thanks. You sound convinced - Your right on - not lost on what Im getting at. Id still be surprised though if it was completely smooth. Of course you then need to worry about whether the clients had authenticated against the failed DC. And whether Exchange was pointing/referencing to  it
Andrew DavisManagerCommented:
yes naturally anything else that was housed on that server (Exchange, File, Print, AD, etc.. ) will also have failed, but that is what you have secondary servers for. Without spending $ there will always be some pain in the event of a DR.

philb19Author Commented:
Agreed - With Exchange I meant (exchange on its own server - yes) - but it will still spit the dummy if you pulled a DC out that it was pointing to or communicating with - I know you can in Exchange choose any configuration domain controller.
Im trying to document DR with the least interruptions. Thanks
Andrew DavisManagerCommented:
no problem :)
Rather than having the secondary take over the IP of the primary, you're better off making sure all the servers have DNS pointers to both primary and secondary.

When a DNS service request fails on the primary, a node will immediately try the secondary. At one time, I knew of an implementation that sent ICMP pings to all listed DNS servers to figure out which one responded the fastest and sent all subsequent requests to that one. If a request timed out, it would reselect. Perhaps not the best behavior, but you should find that all modern implementations will switch from one DNS server to another until it has exhausted all possibilities before reporting a DNS lookup failure.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
philb19Author Commented:
thanks guys
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.