No announcement yet.

Questions about DNS

  • Filter
  • Time
  • Show
Clear All
new posts

  • Questions about DNS

    Hello all
    I just started at our company about two weeks ago. I've been going through our AD environment and had a couple of questions. some things seem to be set up differently than i'm used to seeing and wanted to ask if you all have seen this kind of setup. Mainly it's the way the DNS servers are set up. We have 4 sites, each site has 2 DC's. the DC's are both DNS servers for the site. So we have a total of 8 DNS servers. the thing that seems weird is all of the NIC cards on each server point to San Diego (one of the sites, it holds the FSMO) for their primary DNS. Shouldn't the DNS servers point to themselves for DNS? All of the workstations are pointing to their sites DNS servers for resolution, it's just the servers that seem weird. Also there are only 2 reverse lookup zones and we have more than 2 subnets. What do you guys think? Thanks.
    Last edited by gmagerr; 26th July 2006, 13:29.

  • #2
    Re: Questions about DNS

    I think the NICs should point to themselves primarily then the other server as a secondary. Seems inefficient otherwise.
    Server 2000 MCP
    Development: ASP, ASP.Net, PHP, VB, VB.Net, MySQL, MSSQL - Check out my blog

    ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **


    • #3
      Re: Questions about DNS

      Thanks for the reply. Yeah I thought it was set up kinda weird. I've installed AD and DNS many many times and I've never done it like this. Wonder since San Diego is the HUB if they have it like this for a reason, or if it was just not set up correctly to begin with.


      • #4
        Re: Questions about DNS

        This is a standard approach when you are dealing with W2K AD - the setup is supposed to prevent the island DNS effect that was breaking replication. It was fixed in W2K SP4 (I think).

        With W2K3 it's probably better to point all the DCs to itself as primary and to either central DC as secondary or have some ring setup.

        In any case, the current setup is just fine.

        As for the reverse lookup zones, you are not required to have those, but for the consistancy sake, if you have reverse lookup zones already configured, just add the missing zones.

        btw, are those missing subnets configured in AD sites & services ?
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"


        • #5
          Re: Questions about DNS

          DNS has always been a touchy subject specially when troubleshooting Active directory issue.
          I personally believe that pointing the DC to itself or a local DNS server is best practice and it also would reduce WAN traffic.
          It also could have happened that the previous admin may have changed the setting while troubleshooting a replication issue for example.


          • #6
            Re: Questions about DNS

            Thanks for the reply. Yes guy all of the subnets are in sites and services just not in the reverse lookup zones. If it's not broke than I'm not going to mess with it. How about scavenging stale resource records? i know this is off by default. If i turn it on at my DNS servers it's just going to clear stale records at my site correct? I know it's going to replicate to the other DNS servers, but it should only clear the stale records in my subnet and not anyone else. Is this correct? thanks again guys.