Secondary domain controller on a different network - resolving local domain for AD clients


It is quite possible that my problem is already solved or has a standard solution, but I do not know what is the solution or approach. Any tips would be very helpful to point me in the correct direction or idea.

My situation. I have two offices/sites/locations, and therefore two different subnets. For example:
Site A, original: with primary controller

Site B, secondary: with secondary controller,

Sites are connected with VPN line between each other. The controllers are replicating fine.

AD clients in Site A, if windows laptop wants to resolve they resolve to either IP address. or

Same with clients in Site B, windows laptops resolve to either or IP address.

To make the case and example simple, I removed additional redundant controllers from this example. You can assume they exist.

My problem is that if VPN between site A and site B stops working, clients at site A will still be resolving to both controllers, and sometimes windows login or AD join will not work. Same problem with clients on site B. Equally, if network in site A stops working for few days, clients in site B will still resolve to controller in site A.

What is the normal and standard solution for this problem? My colleagues suggest something to do with DNS Views. Is it worth pursuing this option?


PS note that I may have oversimplified the example. Clients connect to the Site A and Site B via VPN, so clients do not have the same subnets as mentioned above.
i.e. clients connecting to Site A have IP, and connecting to Site B Clients have two VPNs and are free to connect to any site they want.

Probably I have to solve this with DNS views on a separate DNS server: Understanding views in BIND 9