techjohnny at gmail.com

Barry Finkel b19141 at achilles.ctd.anl.gov
Thu Jul 20 13:46:30 UTC 2006 

techjohnny at gmail.com wrote:

>I've got an Active Directory providing the primary DNS to clients, and
>the backup DNS server is running Bind 9 as a slave.
>
>Today, the primary DNS server failed, but the clients still couldn't
>resolve, even though I was able to manually use the nslookup, change
>servers, and verify that the slave responded to requests made by the
>clients.
>
>The clients are using DHCP and have a primary and secondary dns server,
>but the secondary doesn't automatically kick in when the primary fails.
>
>The slave dns server is properly receiving requests from the primary
>and the zones are all up-to-date.

I am not sure how to interpret this problem.  I assume that the
following happened:

     1) The Windows DNS Server crashed.
     2) Clients had no access to DNS.

What DNS servers are listed in the TCP/IP configuration on the client
workstations?  If you list only the Windows DNS, then no other DNS
servers will be contacted when the Windows DNS crashes.  If the TCP/IP
configuration listed the BIND slave, then I do not know what is
happening.  But the problem would seem to be client-based, not
BIND-based.  Did you do any network packet tracing to see if the clients
were sending DNS requests to BIND when the windows DNS crashed?

Note that if you are using DHCP and dynamic MS W2k DNS, do not expect
that DDNS requests will be accepted by the BIND slave when the W2k
master is unavailable.  DDNS requests must be made to the master,
as the slave does not have the "master" copy to which to apply the
updates.  And by default, BIND will not forward to the master server
a DDNS request made to a slave server.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: BSFinkel at anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

More information about the bind-users mailing list