The DNS Recovery Kit included with the SIOS Protection Suite for Windows Core product provides a mechanism to update DNS A and PTR records of the primary server or a LifeKeeper alias name on the DNS servers in your configuration. The DNS resource allows the user to select the A record of the primary server or a LifeKeeper alias name in DNS which will be modified along with the PTR record (if exists) with the IP address of a backup server when failover or switchover occurs. Using a DNS resource allows clients to connect to the servers in a WAN environment when a failover or switchover occurs. When SIOS Protection Suite servers are in different network subnets, it is not possible to use a switchable IP address. In this type configuration, a DNS resource should be used to provide client connectivity. For details on creating DNS resources, refer to Creating a DNS Resource Hierarchy.
Restriction: SIOS Protection Suite servers should not be configured as Domain Controllers or DNS Servers. Creating a DNS resource that points to a DNS server on the same system will fail with the following error message: “User credentials cannot be used for local connections.”
TTL of DNS Records
When the SIOS Protection Suite for Windows DNS Recovery Kit updates the A record of the primary server or LifeKeeper alias name in DNS, the A record on the caching DNS servers’ cache is not updated. These caching DNS servers are those who do not hold the zone that the SIOS Protection Suite protected A record belongs to. The A record in the cache stays until the TTL is expired or the cache is cleared manually. Therefore, the clients of those caching DNS servers will not get the updated value of the A record in timely fashion. For SIOS Protection Suite protected DNS resources, it is recommended that the TTL value of the A record of the primary server or LifeKeeper alias name should be set to a lower value.
If SIOS Protection Suite creates the A and PTR records for a DNS resource, the TTL of those records is set to 5 minutes. This value can be changed using the Microsoft DNS management console (dnsmgmt.msc). However, changing the value to a higher value will make the A record live in the cache longer on caching DNS servers.
For DNS A and PTR records created prior to creating the SIOS Protection Suite DNS resource hierarchy, it is recommended that the TTL value be set to a lower value like 5 minutes.
Post your comment on this topic.