DNS Disaster Recovery

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

By Mark Minasi

ntmag01

Article from Windows NT Magazine

As part of my Windows NT administration routine, I've been doing disaster recovery drills on my network. Most disaster recovery is fairly straightforward, but a few NT services require you to carefully prepare for a recovery. DHCP is one of those services, as I explained last month; DNS is another. This month, I'll explain how to transplant DNS information from one server to another. (This column focuses on recovery of the DNS Server software that ships with NT 4.0, not third-party DNS server software for NT.)

After you set up DNS Server on an NT box, the server will have a \winnt\system32\dns directory. This directory contains a file with the extension .dns for each zone that you create on that server; a server has a .dns file for every zone for which it is the primary or secondary DNS server. For example, if a DNS server is authoritative for the acme.com domain, the server's \winnt\system32\dns directory contains an acme.com.dns file. These .dns files are ASCII files in standard BIND-type format. DNS Server also installs a dns.log file and a cache.dns file in the \winnt\system32\dns directory. Cache.dns contains the addresses of DNS's root servers. All these files are important; they define the DNS server's functions.

DNS Booting Methods

When you back up a DNS server, you need to save all the files in the \winnt\system32\dns directory to a disk or a second machine. What other data does a DNS server need to function? The answer to that question depends on whether you've added a BOOT file to the system's \winnt\system32\dns directory.

Although the .dns files completely describe the structure of each zone the server is responsible for, they don't tell the server which zones it needs to worry about. Suppose you put a few dozen zone files (the files with the .dns extension) into the \winnt\system32\dns directory of an already-functional DNS server. The server wouldn't automatically use those files to resolve names from those zones. You have to tell DNS servers which zone files to use. NT's DNS Server offers two methods for identifying which zone files a server needs to use: booting from the BOOT file and booting from the Registry. DNS Server uses the latter method by default.

When a DNS server that boots from the Registry starts up, it looks to the Registry key HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \DNS \Zones to determine which zone files it needs to use. However, DNS servers that boot from a BOOT file (including UNIX DNS servers) store zone names not in the Registry but in an ASCII file named BOOT. You can instruct an NT DNS server to look to a BOOT file for the name of its zones by making a couple of Registry changes and building a BOOT file.

Building a BOOT File

So far, booting from the BOOT file sounds like more work than booting from the Registry. However, putting a DNS server back together is easier if you use the BOOT file method. Therefore, to prepare for a DNS server's recovery, you need to create a BOOT file.

Create an ASCII file in \winnt\system32\dns, and name the file BOOT. You can use Notepad to create your BOOT file, but make sure it's an ASCII file. I've never seen Notepad create a non-ASCII file, but I've heard that Notepad can write Unicode files. DNS can't use a Unicode BOOT file. If you don't use American English, you might want to use edit.com to create you BOOT files.

After you create the BOOT file, identify the server's zones, giving each zone one line of the file. Lines that describe a zone for which the server is primary need to start with the word primary, then name the zone, and end with the name of the zone file. Use a space to separate the lines' elements. Lines that describe a secondary zone need to start with the word secondary, then name the zone, then include the IP address of that zone's primary DNS server, and finally name the zone file. The BOOT file must also contain a line that identifies cache.dns as the file that contains information about the root servers. This line must include the word cache, a space, a period, another space, and the filename cache.dns.

Suppose your DNS server is primary for the domains acme.com and retail.com, and the server is secondary for the apex.com domain. If apex.com's primary DNS server has the IP address 200.100.100.17, the server's BOOT file needs to look like

cache . cache.dns
primary acme.com acme.com.dns
primary retail.com retail.com.dns
secondary apex.com 200.100.100.17 apex.com.dns

The first line of this sample BOOT file identifies the file that contains the root information. The second and third lines tell the server that it's primary for domains acme.com and retail.com and provide the server with the names of those domains' zone files. The last line tells the server that it's a secondary DNS server for apex.com. I'm pretty sure that BOOT files aren't case-sensitive, but I always use lowercase. (The greatest thing about the Internet is that you no longer need that pesky Shift key.)

Using the BOOT File for DNS Recovery

Now, suppose your DNS server dies and you need it back up as soon as possible. You have access to the acme.com.dns, retail.com.dns, and apex.com.dns files, and you've selected an NT server to be your new DNS server. You'll have to reboot the new server during the recovery process, so choose a machine that can be down for a couple of minutes. If the system isn't already running TCP/IP, install TCP/IP. Set the IP address of your new DNS server to the IP address of your recently deceased DNS server. I guess that if you don't want to change your new DNS machine's IP address¯if, for example, the machine is your mail server¯you can just assign the machine the now-dead DNS server's IP address as a second IP address. However, I've never tried making the DNS address the server's second address, so I can't guarantee that this method won't cause problems.

Next, install the DNS service on the system. When you do, the installation program will tell you to reboot the system, but don't reboot yet. You need to reapply your favorite service pack and reboot after that installation, so you can save time by reapplying the service pack before rebooting; then you'll have to reboot only once.

After you apply the service pack but before you reboot, look in \winnt\system32. You'll see that the \winnt\system32\dns directory is in place. Put the failed server's .dns, dns.log, and BOOT files in \winnt\system32\dns. Now reboot, and DNS Server will finish its configuration. A newly installed DNS service looks around the \winnt\system32\dns directory and, if it finds a BOOT file in that directory, automatically uses the BOOT file to configure itself.

Disaster recovery of a DNS server is fairly easy if you've prepared properly. Just follow my steps, and you'll have an instant DNS brain transplant.

About the Author

Mark Minasi is a contributing editor for Windows NT Magazine, an MCSE, and the author of Mastering Windows NT Server 4.0 (Sybex). He writes and speaks around the world about Windows NT networking. You can reach him at mark@minasi.com.

The above article is courtesy of Windows NT Magazine.

We at Microsoft Corporation hope that the information in this work is valuable to you. Your use of the information contained in this work, however, is at your sole risk. All information in this work is provided "as -is", without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by Microsoft Corporation. Microsoft Corporation shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages. All prices for products mentioned in this document are subject to change without notice.

International rights.