Some of ideas don't make sense.
| office internet access |
- achieve by add passive internet connection DNS to Windows DNS forwarder
??? This is on your LAN? If so, no action, unless it resolves DNS for external users, too.
| nternal/external web-based erp service provided by apache tomcat |
- By additional A record with passive internet connection's public IP for apache tomcat
Again, is this on your LAN? If so, again, no-action required here.
The issue you have is that you appear to have users external to your network, that need to know when your primary service is down so that they know to use the alternative connection and public IP address.
You need some mechanism that can dynamically update your DNS so it reflects the current config accurately (with caveats) or otherwise re-design your DNS completely so that you are performing DNS resolution for your domain.
The problem is that DNS is fairly dumb, so once a client has asked "where is xyz.com", unless it knows or you tell it that the IP is different, it will just respond as normal, and the user will face a connection error.
If the original DNS request relies on contacting your (down) server, it will try a list of DNS servers until it gets a response. This will enable you to have two DNS servers serve two different IPs for the domain, or one server sever different IPs depending on which IP address the request came from (I'm not sure which software can do this).
I hope this makes sense. In summary, it is your external users that will have problems; your internal network should be largely unaffected if the router does its job in switching connections.