Primary DNS server, usually a Domain Controller provides the necessary name resolution of Active Directory operations. It also required for user computer startup and logon. It is also required for all important Internet access.
What about the secondary DNS server? Isn’t that what it suppose to stand in when the primary is not available?
When the user computer starts up, it will check for the availability for the primary DNS at “Applying computer settings”. If the primary DNS is turned off, it will just skip and proceed to the secondary DNS server. If the primary DNS server is available but the DNS is not responding, the user computer may wait a long time for the DNS request to timeout.
The same applies to Internet access.
So what happens if you need to work on the primary DNS for hardware replacement, OS upgrade? etc. Both don’t take very long but will require off-hours.
If you don’t have the window to do this, a highly recommended method is to flip the DNS entries in all the servers and DHCP options. So that you can work in peace. Alternatively, you can swap DNS IP address between the primary and secondary servers. This at first glance looks like great stuff. Except that the DHCP server usually found on the DNS server might fail.
DHCP server operations can only be authorized by an Enterprise Admin. So that is tied down to the IP address. So you need to factor in an additional step of DHCP migration.