When I dig a domain, I got these nameservers:
dig @8.8.8.8 www.abc.com ns
; <<>> DiG 9.11.36 <<>> @8.8.8.8 www.abc.com ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42510
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.abc.com. IN NS
;; ANSWER SECTION:
www.abc.com. 300 IN CNAME d2iwv1xxkqpmiz.cloudfront.net.
d2iwv1xxkqpmiz.cloudfront.net. 21600 IN NS ns-1231.awsdns-25.org.
d2iwv1xxkqpmiz.cloudfront.net. 21600 IN NS ns-1630.awsdns-11.co.uk.
d2iwv1xxkqpmiz.cloudfront.net. 21600 IN NS ns-194.awsdns-24.com.
d2iwv1xxkqpmiz.cloudfront.net. 21600 IN NS ns-760.awsdns-31.net.
So I got 4 nameservers that can answer as authoritative for www.abc.com
As far I understand, the OS will pick up an random nameserver (could be the DR primary DNS) and then try to get the IP for the requested domain, and I want to avoid it. So I want to disable or force the nameservers hosted at the DR site to no reply as authoritative while the Active site is up.