Cannot Add Second Node to Cluster: Multiple DNS records were found for "MyServer.MyNet.local"

Discussion in 'Clustering' started by Charles Law, Dec 18, 2007.

  1. Charles Law

    Charles Law Guest

    It was all going so well; too well, if I'm honest.

    I am attempting to set up a Windows Server 2003 Enterprise (SP2) two-node
    cluster. The equipment is absolutely standard and straight out of the box. I
    have two Dell PE2950s and an AX150 SAN. I have followed Microsoft's guide to
    Creating and Configuring a Server cluster to the letter, but it all went
    wrong when I tried to add the second node. The hardware all checks out, and
    each server is configured with identical hardware and software, right down
    to BIOS and driver version level.

    MyServer1 is a domain controller, and so is MyServer2, as recommended in the
    MS guide. Both have DNS installed.

    I have configured and checked a private and public network between the
    servers; the private network is over a short cross-over cable, whilst the
    public network goes to an unmanaged Gigabit switch. I have fixed IP
    addresses all round, and can ping everything in sight. The server's public
    network configurations point to each other for primary DNS and to themselves
    for secondary DNS. The private network has only TCP/IP enabled, no default
    gateway or DNS, no LMHOSTS, and NetBIOS disabled.

    The SAN is configured with a single disk group, and three virtual drives.
    The first is 500Mb, for the quorum.

    The first node worked like a dream. The quorum disk is drive Q:, with two
    other shared drives as R: and S:. I can read and write to the three shared
    drives from my first server (node 1) and when I switch it off and start
    server 2 that can also read and write to the drives.

    The first odd thing to note is that when I try to add node 2, it is unable
    to see drives Q: through S:. That is, I start node 1, wait a while and then
    start server 2. If I look in Computer Management | Disk Management, the
    three disks have 'no entry' signs on them, and are marked as unreadable. I
    don't know if that is significant, but it would explain some of the error
    messages I get in the log file. For example,

    [WARN] MyServer2: The physical disk '\\.\PHYSICALDRIVE1' does not have any
    partitions and will not be managed

    [WARN] MyServer2: Physical disk 'PHYSICALDRIVE1' is NOT quorum capable

    [WARN] MyServer2: Local quorum 'is not' the quorum device

    I also get this message:

    [WARN] MYSERVER1: Multiple DNS records were found for
    "MYSERVER1.MyNet.local"

    which I don't understand. I have run

    dcdiag /t:DNS

    on both servers and both pass.

    If I keep clicking Next when adding the second node, the wizard completes
    and tells me that node 2 was added successfully, but I don't believe it. If
    I open Cluster Administrator I can see two nodes: MyServer1 and MyServer2.
    MyServer1, Active Resources contains entries for

    Cluster IP Address
    Cluster Name
    Disk Q
    Disk R
    Disk S

    MyServer2, Active Resources is empty, as is the Active Groups folder in
    Cluster Administrator.

    Can anyone tell me what I could have done wrong, or how I can home in on the
    cause of this problem? It looks like there could be more than one problem:
    a) the multiple DNS issue, and b) the inability to read the quorum disk on
    server 2 when node 1 is on.

    TIA

    Charles
     
    Charles Law, Dec 18, 2007
    #1
    1. Advertisements

  2. This is a very bad idea. You should never cluster domain controllers.
    DNS should be on a remote DNS server. This is especially true when doing
    what you are doing.
    In the meantime, Server1 failed to register its IP info on the DNS in
    Server2 and thus registered with itself only.
    This is expected behaviour as Server1 owns the disks.
    Sounds to me like you have a cluster.
    Yep, because they are all active on Server1.
    Can you right click the cluster group and move it to Server2 and then back
    again to Server1? If yes, then you are done. You ahve a cluster. A cluster
    that is configured like a nightmare, but a still a cluster.


    --
    Russ Kaufmann
    MVP - Windows Server - Clustering
    ClusterHelp.com, a Microsoft Certified Gold Partner
    Web http://www.clusterhelp.com
    Blog http://msmvps.com/clusterhelp

    The next ClusterHelp classes are:
    Jan 18 - 31 in Denver
    Mar 10- 13 in Denver
     
    Russ Kaufmann [MVP], Dec 18, 2007
    #2
    1. Advertisements

  3. Charles Law

    Charles Law Guest

    Hi Russ

    Thanks for the reply.
    Yes, I can. So now I think I only have one problem: the multiple DNS thing
    (not withstanding, the nightmare configuration).
    I'm not disagreeing, but more than one Microsoft document says that this is
    ok. I saw a reference in another thread you are helping in, and the
    Microsoft guide I have been following also makes reference to this as a
    viable configuration.

    What I need to know is, can it work, and/or can it be made to work? What, in
    practice, are going to be my problems?
    I know not ideal, but isn't that the point of each server pointing to each
    other for DNS resolution?

    Just for the moment, if I could get this DNS issue resolved, then I would be
    happier. Do you know why I get the message, and what would put it right?

    Cheers.

    Charles
     
    Charles Law, Dec 18, 2007
    #3
  4. Like I also said in that thread, Microsoft might say it is OK in that doc,
    but there are other docs where they clearly say it is not supported
    depending on the applications. Also, from experience, every single MVP in
    clustering will tell you that it is a very bad idea.

    Let me give you a perfect example: Microsoft clearly says that Active-Active
    clustering is supported for Exchange Server 2003. However, they also very
    clearly, in other documents, recommend against doing it. So, what is
    possible and what is a good idea/best practice are two different things in
    many cases. This is one of them.

    What can go wrong? Well, think about how a service account gets
    authenticated when the DC is the first computer up and it uses its own
    account. Think about the security hole that is created when your local
    administrator account that would normally be a regular domain account now
    has to be a full domain admin account because there is no such thing as a
    local accounts database on a DC. Also, think about the Register this
    connection in DNS setting in the TCP/IP configuration and how that is set on
    a DC. A DC does not honor the check box, so you will see entries for the DC
    in DNS for both the public and private networks. Think of the issues around
    name resolution with some names being out and out wrong when it comes to
    resolution. There are other reasons, such as issues with Exchange Server
    itself where it is not supported on domain controllers.

    Is that all enough?
    Yes, and no. Personally, I want all accounts properly registered in DNS.
    Don't you? This is especially important when you need DNS resolution for
    using kerberos enabled network names later on. Again, just because you can
    do something doesn't mean it is a good solution.
    Follow best practices. <G>

    --
    Russ Kaufmann
    MVP - Windows Server - Clustering
    ClusterHelp.com, a Microsoft Certified Gold Partner
    Web http://www.clusterhelp.com
    Blog http://msmvps.com/clusterhelp

    The next ClusterHelp classes are:
    Mar 10- 13 in Denver
    May 12-15 in New York
     
    Russ Kaufmann [MVP], Dec 18, 2007
    #4
  5. 'Viable' does not equal Best Practice. Please don't cluster DCs.

    Also it sounds like you may not have your DNS configured properly -
    AD-integrated? Make sure your zone is configured properly and is
    replicating to both DCs correctly. Both DCs should have a record in the
    same zone and be present when viewing the DNS zone from each DC.

    --
    Ryan Sokolowski
    MVP - Windows Server - Clustering
    MCSE, CCNA, CCDA, BCFP


    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Ryan Sokolowski [MVP], Dec 19, 2007
    #5
  6. Charles Law

    Charles Law Guest

    Hi Ryan

    I have identified and fixed the DNS problem: KB275554 relates. I followed
    method 2, and when I got into it, it was obvious what the problem was. It
    seems to be that this is almost guaranteed to happen, so a word to the wise
    in the MS documentation might have been useful.

    As for clustering DCs, I have now done it and it is working. It might not be
    pretty, but so far everything is doing what it should. If I had read your
    plea two months ago I would have happily capitulated, but I am where I am,
    and for now, at least, I have to go forward.

    Rest assured, at the first opportunity, I will reconsider.

    Regards

    Charles
     
    Charles Law, Dec 19, 2007
    #6
  7. You would have received my plea two months ago - if you had posted your
    query here at that time! :) Don't worry about it now - as you've stated, as
    long as things are working for you currently, I wish you continued luck and
    success with your environment.

    As soon as you start to see any issues, I'd definitely consider
    un-clustering your DCs! Thanks for sharing your configurations here with
    others.

    --
    Ryan Sokolowski
    MVP - Windows Server - Clustering
    MCSE, CCNA, CCDA, BCFP


    This posting is provided "AS IS" with no warranties, and confers no rights.
     
    Ryan Sokolowski [MVP], Dec 19, 2007
    #7
  8. Charles Law

    zeid atallah

    Joined:
    Apr 23, 2012
    Messages:
    1
    Likes Received:
    0
    Dears

    as far as you are recommending not to cluster a domain controller

    >> i have a 2003 domain controller , and also the server runs the DNS
    iam using a static IP on all clients and all are pointing to my DNS IP

    i need to install a secondary real time back up server for my domain ,, if its just a child domain it will be with another IP

    i was thinking of a domain cluster , but after i have read your post i really appreciate is you suggest a better scenario

    many thanks :D
     
    zeid atallah, Apr 23, 2012
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.