beawolf - Fotolia
Fix VMware DNS troubles with proper setup
To troubleshoot DNS issues in your VMware environment, ensure all components are installed completely, including reverse lookup zones and fully qualified names.
It's never fun to clean up erroneous settings that were done in a hurry. However, when you inherit an existing environment, it may come with these issues. In most cases, the problem is easy enough to correct, but changing your virtual infrastructure settings can affect your DNS.
VMware environments come with many infrastructure elements -- from IP addresses to time sources -- that you generally ignore. As long as they work, most admins rarely give them a second thought. The domain name system (DNS), a naming database that locates domain names and translates them into IP addresses, is one of those infrastructure elements.
VMware environments typically use a combination of trusted certificates and authentication to integrate with non-Active Directory products. However, as certain infrastructure components increase their requirements over time, it can become more challenging to track these certificates. Particularly, DNS entries often continue to grow, and you must ensure their accuracy with both forward and reverse lookup zones.
VMware DNS setup: Complete installations before licensing
With DNS, proper setup is necessary. It's easy to overlook setting up reverse lookup zones or fully qualified names, but an incomplete DNS installation can create challenges in your VMware environment.
Host to vSphere communication worked across an entire environment in early versions of DNS, but later versions have trouble communicating with vSphere products that extend the environment, such as NSX. This is because VMware licensing makes it so your environment isn't aware of the products you implement until after you install them, even if you install through vCenter. This means if you take an NSX license, for example, and try to activate it in vCenter, the product key remains invalid until after you complete the NSX installation and connect it to vCenter.
Once you install a product, it enters a trial period in which you have a specific number of days to license it. The length of time depends on the product. Although waiting for a complete installation might be frustrating, it also makes sense: Why burden vCenter with all the products VMware offers if you might not use them all?
Waiting to license a product or add-on until it's installed has the added benefit of ensuring the product is set up properly and works before you activate its license. This approach also ensures products are able to communicate with one another and that your VMware DNS setup will continue to work properly.
Fully qualified forward and reverse lookup zones involve more than vCenter. DNS goes between all parts of your virtual infrastructure to help them communicate with one another -- be it vCenter, a new product or appliance, or the ESXi hosts.
Environment integration
When certain pieces of your environment don't work together properly, simply correcting the entry in the host or vCenter might not fix the issue. Success can depend on the nature of the problem -- whether you're missing fully qualified names or dealing with people cheating IP addresses and host type files -- and what exactly you change.
The network stack in ESXi is more like Linux than Windows. In some cases, it might hold on to older settings and not refresh the entire stack. Although you can refresh the network stack, it's difficult to do quickly. Instead, you can rebuild your ESXi host with the correct setup. Because of ESXi's relatively small footprint, this approach is faster than attempting to refresh the network stack.
However, with vCenter, you should correct any issues you encounter through vCenter settings before trying to rebuild. You can use VMware support to help correct any lingering VMware DNS issues.
