• This topic has 29 replies, 2 voices, and was last updated October 6, 2020 by Julian M.

Update VM DNS after Failover

  • Does anyone have suggestion on the best way to update dns or AD Object after moving to another datacenter after a failover?


    I am considering running a post script to force update of servers DNS once on new IP.



    Hi Dan,

    Sorry for the delayed response. I’m writing up a full reply to you but just haven’t finished in order to post it! I’ll put some information up for you shortly.

    ~Harry @HarrySiii

    Follow me: www.twitter.com/HarrySiii

    No worries, sounds good!



    Hi Dan! Thanks for your question.

    There are multiple ways to accomplish this and what works for one environment may not be best for others. With that said…I’ve seen it a few ways but some are more popular than others. I’ll indicate what I think, but I invite others to chime in with their most commonly seen solutions. 🙂

    • Production DNSservices should be up and running in the DR site already to keep them always up to date with the source/production site.
      1. Servers typically can come back online in the new site, and automatically update their DNS records in this scenario.
    • You can run post scripts in order to update DNS entries and I used to see it a lot, but I’m not sure how popular it is these days. I would imagine it is still a pretty prevalent solution.
      1. You can either call a post script from within the Zerto VPG settings, or you can inversely call the ZVR failover (or test) from an external script that also calls out to DNS separately.
    • A less common (from my experiences) solution I have seen in some production environments is to set servers to DHCP with static reservations, which will allow these server IP changes to automatically be updated in the recovery site and will align correctly with the recovery DNS server.

    Any other insight from others? What solution(s) are you using and which one(s) work the best for you?



    Follow me: www.twitter.com/HarrySiii

    Great run down Harry, much appreciated!

    I have a powershell script that updates records and i can just update this on demand, i have been able to get he VPG to now fail over and get past the script pre or post configuration, but again i think i can just stick with the script w/out any pre or post failover.

    One thing i have been thinking is “if” i were to integrate a post script to update DNS and i was doing a “test” i wouldn’t want that script to run right, since i will still have the Prod Side online and the test failover is just a test. I suppose i could go in and disable the script for just a test, but im thinking why not just keep the script out of the mix and run it outside on my own accord, then i can use remote powershell to manage the script from anywhere and execute it and just modify the files it looks at.

    I do like the integration of the pre/post script this allows for a lot of flexibility, but i would have to say i think i like the idea of having one script w/ multiple files to reference when i wanted to update DNS.

    I think im going to have my scripts on Both ZVM’s in case we lose a side of course and just mange the files manually then execute the script manually as well, this i think gains me more control over the process and wont confuse anything especially it i am not the one running a failover.

    If anyone has any more input please add it into the discussion.

    Thanks Again !

    Dan – I’ve done this very thing. I have a script that I crafted, that fires off as a post-script. When the VPG is failed over, the script runs and updates DNS. It works perfectly. A few top tips for you:

    • The script needs to be placed on the recovery ZVM server. This means you will really need 2 scripts, with the same name. On the destination ZVM the script changes DNS to the recovery subnet. On the production ZVM the script changes the DNS to the production subnet. You set it up this way so regardless if you are failing over, or failing back, the script will run and update DNS appropriately.
    • You need to ensure that the service account that the ZVM software run on, has appropriate permission to update DNS via however your script does it. The service account credentials are what will be used when calling the script, so they need the proper permissions.
    • Pre and Post scripts do not run during a VPG test, so you don’t need to worry about that. You can have your scripts run as a post script, and not impact anything when you are performing a test.

    Hope that helps.

You must be logged in to create new topics. Click here to login