DNS-export and import for DR

  • Thread starter Thread starter Chad
  • Start date Start date
C

Chad

How do I export my current DNS to import it to a different
machine offsite? This is for Disaster Recovery. Hardware
will be different.
 
If there is any connectivity between the LIVE and DR networks, then the
simplest way to achieve this is to "temporarily" change the Zone on the live
domain to Primary (if it's currently AD-integrated). Then authorize zone
transfer from the live DNS server to the DR DNS server, create a secondary
zone on the DR DNS Server, point the master to the live DNS server. After
you've pulled the zone into the DR server (about 15-30 minutes, say), then
change the zone back to AD-integrated on the Live server. On the DR server,
change the zone to Primary (or AD-integrated). You are done.

If there is no connectivity between the 2 sites, then make sure the zone is
set to Primary and that the "Store the zone in Active Directory" option is
NOT checked. Now, right-click on the zone and click on "Update server data
file". Go to the Winnt\system32\dns folder on the DNS server. You will find
a file named domainname.dns. Copy that file same location on the the DNS
server in the DR Domain. I suggest that you open up the file in Notepad and
replace any reference to the LIVE DNS Server with info for the DR DNS
server. Now, create a new Primary zone in the DR Domain. Make sure you
choose the option to use existing file and select the file that you just
copied over. If you didn't edit the file as mentioned before, you will now
have to go through and "properly" configure the zone.

HTH

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
 
In Chad <[email protected]> posted a question
Then Kevin replied below:
: How do I export my current DNS to import it to a different
: machine offsite? This is for Disaster Recovery. Hardware
: will be different.

This is normally not needed especially for the AD domain.
Even if you had a thousand machines saving the DNS database won't make a big
difference.
Why? Because these records are generated automatically by AD and the clients
themselves. You can totally delete the AD DNS zone. then create a new one
with the new zone wizard, restart the Netlogon on the DC and run ipconfig
/registerdns on all machines and boom it is all back except for maybe a
couple of manually created records.

The only disaster, that would leave you incapable of recovering would be to
have you last DC go dead, in that case even if you had a copy of the AD
zone, it will do you absolutly no good without it on a DC for your domain.

If you want real disaster recoverability, let's say the room where the DC is
burns to the ground, you need to keep a DC for your domain runnning offsite,
at all times.
 
Well, a lot of the DNS records are for our remote
locations, over 200 locations. It is mostly for email that
DNS is needed (in this instance). We use exchange as a
relay and sendmail for our remotes. The remote side is
UNIX, so they would not re-create themselves is AD. This
DR is under the assumption that our server room is totally
gone. We just want to get communications back up to all of
our remote locations.

Just wanted to give a little more back ground...
 
In Chad <[email protected]> posted a question
Then Kevin replied below:
: Well, a lot of the DNS records are for our remote
: locations, over 200 locations. It is mostly for email that
: DNS is needed (in this instance). We use exchange as a
: relay and sendmail for our remotes. The remote side is
: UNIX, so they would not re-create themselves is AD. This
: DR is under the assumption that our server room is totally
: gone. We just want to get communications back up to all of
: our remote locations.
:
: Just wanted to give a little more back ground...
:
You can allow zone transfers to the UNIX then set up a secondary zone on the
UNIX. You can also create the zone as a primary or convert the secondary to
a primary and delegate the AD subzone back to the Win2k.
The secondary is probably just about as any but if the connection goes down
by default, AD zones expire in one day, so the zone won't last long after
the link goes down.
 
Back
Top