Primary\Secondary DNS IP Fail-Over bug in VMware vCenter Server Appliance 6.0 Update 2 ( VCSA U2)

We have the PRD setup with external PSC and VC which is configured with the Primary DNS and Secondary DNS . Due to the hardware issue on our primary DNS server , it went down and we couldn’t connect the VC.

All other application in our environment was working fine and we login to the PSC and VC with the port 5480 ( https://VC:5480 ) and manually changed the primary DNS IP to the working DNS server and within few seconds , VC started connecting to the PSC and allowing the AD authentication .

In our investigation we couldn’t find any concert reason for the failure and also tested in lab by just changing the Primary DNS to some unknown IP and didnt find any issue on the connectivity .

Finally raised the ticket with VMware and they confirmed that the issue is because of some bug in the VCSA Update 2 and they are working on to fix the issue in the next update 3 and also they confirmed it has been fixed in the VCSA 6.5 version but still no answer for my lab  environment which is working fine on changing the primary DNS.

UPDATE 3/16/2017 : VC 6.0 U3 release notes doesn’t show anything related to this bug fix and when we checked with VMware they confirmed still it is in testing stage and not included in the latest U3 update..

Also pls find the blog which list all the known issue on the VCSA


This entry was posted in vCSA 6.0, VCSA6.5 and tagged , , , . Bookmark the permalink.

3 Responses to Primary\Secondary DNS IP Fail-Over bug in VMware vCenter Server Appliance 6.0 Update 2 ( VCSA U2)

  1. Leigh says:

    Likely workaround if you’re wanting to stay put:

    1. ssh into the appliance shell
    2. vi /etc/resolv.conf
    3. append lines below to complement the primary and secondary ip lines:
    options rotate
    options timeout:1

    There’s a longer auth delay while it works through, but it gets there. Works on standard Linux for DNS failover with primary name server / domain controller down. Just be aware these entries will get stripped out if you edit the IPs again via appliance gui. Keep a backup copy in /etc to reapply quickly.


  2. Thank u for this post .


  3. Nitin Rawat says:

    Nice blog. I understood the concept very well. This blog is very informative. And it’s very interesting topic. Visit to get more knowledge. How To Upgrade Esxi Server To 6.7 On HP Proliant DL380 Gen9 Server


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s