Announcement

Collapse
No announcement yet.

Multisite DNS - Seperating AD DNS Resolving & Internet DNS Resolving

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Multisite DNS - Seperating AD DNS Resolving & Internet DNS Resolving

    I have three Sites that are broken up by the following:

    Site A: 192.168.10.xxx (New York)
    Primary DC for : domain.local
    Primary DNS for: domain.local
    Additional Roles: File and Print Server, GAL
    Network Card Properties:
    IP: 192.168.10.5
    Sub: 255.255.255.0
    GW: 192.168.10.1
    Primary DNS: 192.168.10.5
    Secondary: None
    DNS Server Properties
    Forwarders: isp.dnsserver-1.com, isp.dnsserver-2.com


    Site B: 192.168.20.xxx (Miami)
    Secondary DC for : domain.local
    Secondary DNS for: domain.local
    Additional Roles: File and Print Server, GAL
    Network Card Properties:
    IP: 192.168.20.5
    Sub: 255.255.255.0
    GW: 192.168.20.1
    Primary DNS: 192.168.10.5 <-- New York DC
    Secondary: None
    Forwarders: isp.dnsserver-2.net, isp.dnsserver-2.net (Local ISP's DNS Servers of Miami's site)

    Site C: 192.168.30.xxx (Los Angeles)
    Secondary DC for : domain.local
    Secondary DNS for: domain.local
    Additional Roles: File and Print Server, GAL
    Network Card Properties:
    IP: 192.168.30.5
    Sub: 255.255.255.0
    GW: 192.168.30.1
    Primary DNS: 192.168.10.5 <-- New York DC
    Secondary: None
    Forwarders: isp.dnsserver-3.org, isp.dnsserver-3.org (Local ISP's DNS Servers of Los Angeles site)


    Everything works fine except for when Site A's internet connectivity goes down.

    That means that anyone who is at Site B, or C can no longer surf the internet.

    The sites are fully redundant and have a Primary and Secondary Internet connections with Primary and Secondary VPN tunnels back to Site A.

    I'm under the impression for AD to function correctly between Primary DC/DNS and Secondary DC/DNS Servers that the Secondary DC/DNS Servers need to be pointed to the Primary DC/DNS Servers in the network card properties. (As seen in my config above)

    Ultimately I would like the Secondary DNS Servers(Site B, and C) use the DNS Servers that are local to them for internet DNS queries only AND for anything destine for domain.local to obviously query the Primary DNS Servers.

    Thanks!
    Last edited by shon; 16th June 2008, 19:26. Reason: Changed Primary DNS to 192.168.10.5 for Site A

  • #2
    Re: Multisite DNS - Seperating AD DNS Resolving &amp; Internet DNS Resolving

    I believe for DCs per site that you have the primary pointing at another server and the secondary as the local server. This allows AD to start when a server is restarted. Interestingly you have written in Site A that the primary DNS is the router?

    I wouldn't setup any DC in 1 site to use a DNS in another site unless you have specific reasons for that.

    EDIT: To confirm. Change the DNS in each site to local servers. As it stands if you lose Site A you will start having issues. I assume your clients all us local DCs for DNS?
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Multisite DNS - Seperating AD DNS Resolving &amp; Internet DNS Resolving

      Originally posted by AndyJG247 View Post
      I believe for DCs per site that you have the primary pointing at another server and the secondary as the local server. This allows AD to start when a server is restarted. Interestingly you have written in Site A that the primary DNS is the router?

      I wouldn't setup any DC in 1 site to use a DNS in another site unless you have specific reasons for that.

      EDIT: To confirm. Change the DNS in each site to local servers. As it stands if you lose Site A you will start having issues. I assume your clients all us local DCs for DNS?
      Yes your assumption is correct that clients for all sites (A,B,C) query their local servers for DNS.

      *I edited Site A to reflect the right Primary DNS Server that its currently set too*

      Comment


      • #4
        Re: Multisite DNS - Seperating AD DNS Resolving &amp; Internet DNS Resolving

        Ok, it is one of two things, DNS or connectivity. Can you ping public IP etc when it fails?
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Multisite DNS - Seperating AD DNS Resolving &amp; Internet DNS Resolving

          Originally posted by AndyJG247 View Post
          Ok, it is one of two things, DNS or connectivity. Can you ping public IP etc when it fails?
          It was only DNS that I was wondering about. Thanks for the advice you've answered all my questions.

          Thanks

          Comment


          • #6
            Re: Multisite DNS - Seperating AD DNS Resolving &amp; Internet DNS Resolving

            Are you using primary/secondary zones or AD integrate zones ?
            Guy Teverovsky
            http://blogs.technet.com/b/isrpfeplat/
            "Smith & Wesson - the original point and click interface"

            Comment

            Working...
            X