Announcement

Collapse
No announcement yet.

Alternate DNS doesn't work in Backup domain controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Alternate DNS doesn't work in Backup domain controller

    i am dealing with the problem that is the dns service as alternate doesn't work in back up domain controller.Actually, when the prefer dns server will stop its service in Domain Controller,it just need to start automatically resolve to alternate dns server in backup domain controller.But it doesn't work in my organization.How to solve this problem and i would like to get the detail information about this problem. Can someone help me in this ?

    i appreciate you all.

  • #2
    Re: Alternate DNS doesn't work in Backup domain controller

    Is your DHCP configured to give out both DNS servers?
    Don't think of the ADC as a "backup", think of it as being available to share the load at all times
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Alternate DNS doesn't work in Backup domain controller

      Welcome to the forum, thuya.
      First of all - there is indeed no "backup DC" in Active Directory - all are equal (excluding FSMO roles).
      Can you please provide us with some more info - what is the OS the DC is running? service pack? Is it a DNS itself? How is the DNS configured on this server - what is the primary and what is the secondary server?
      Keep in mind that alternate DNS is only used when the primary is not functioning. Let me illustrate:
      I have a computer with two DNS IP addresses configured. The first one is my local DNS server and the alternative is ISP's DNS server. Local DNS server only knows about local addresses.
      When I'll try to browse to google.com, I will not be able to. Why? Because the primary server answers "No such host"; no more queries will be sent to alternate DNS server. Only if the primary DNS query times out, the secondary will be used.

      If you can provide us with the simplest network diagram of your network, it will be very helpful.

      Regards,
      Leonid
      Regards,
      Leonid

      MCSE 2003, MCITP EA, VCP4.

      Comment


      • #4
        Re: Alternate DNS doesn't work in Backup domain controller

        Originally posted by venom83 View Post
        Keep in mind that alternate DNS is only used when the primary is not functioning. Let me illustrate:
        I have a computer with two DNS IP addresses configured. The first one is my local DNS server and the alternative is ISP's DNS server. Local DNS server only knows about local addresses.
        When I'll try to browse to google.com, I will not be able to. Why? Because the primary server answers "No such host"; no more queries will be sent to alternate DNS server. Only if the primary DNS query times out, the secondary will be used.

        If you can provide us with the simplest network diagram of your network, it will be very helpful.

        Regards,
        Leonid

        Not true.

        If the server is left at its default setting it will query a root hints server to resolve unknown address. If the user has forwarders set then these will take precedendce over the root hints hence why it is recommended to use your ISP DNS servers as forwarders.

        In your position i would remove the 2nd DNS server and use that on your own DNS server as a forwarder.

        Back to the OP's question.

        Is the 2nd DC setup as a 2nd DNS server?? Remember although a DC requires DNS to operate it need not be a DNS server.

        Does you DHCP scope, if you use one, issue the correct 2nd DNS server IP address??

        Comment


        • #5
          Re: Alternate DNS doesn't work in Backup domain controller

          Originally posted by wullieb1 View Post
          Not true.

          If the server is left at its default setting it will query a root hints server to resolve unknown address. If the user has forwarders set then these will take precedendce over the root hints hence why it is recommended to use your ISP DNS servers as forwarders.

          In your position i would remove the 2nd DNS server and use that on your own DNS server as a forwarder.

          Back to the OP's question.

          Is the 2nd DC setup as a 2nd DNS server?? Remember although a DC requires DNS to operate it need not be a DNS server.

          Does you DHCP scope, if you use one, issue the correct 2nd DNS server IP address??
          It's my fault for not explaining myself. Not used to write in forums In my example I meant that the local DNS server is not connected to the outside on purpose.

          Basically, if you have two DCs and both run DNS and sync via domain/forest replication and you configure on any server in the network their IP addresses as primary and secondary DNS addresses, as soon as you stop the DNS service on first server, the second one should answer. If this is not the case, the second DC is
          a. not running DNS service - as wullieb1 stated - it's not there by default.
          b. running a misconfigured DNS service - although it's pretty hard to mess up there - again, assuming you use forest/domain replication. If not - it might be simply miscofigured.
          Regards,
          Leonid

          MCSE 2003, MCITP EA, VCP4.

          Comment


          • #6
            Re: Alternate DNS doesn't work in Backup domain controller

            Originally posted by venom83 View Post
            It's my fault for not explaining myself. Not used to write in forums In my example I meant that the local DNS server is not connected to the outside on purpose.

            Basically, if you have two DCs and both run DNS and sync via domain/forest replication and you configure on any server in the network their IP addresses as primary and secondary DNS addresses, as soon as you stop the DNS service on first server, the second one should answer. If this is not the case, the second DC is
            a. not running DNS service - as wullieb1 stated - it's not there by default.
            b. running a misconfigured DNS service - although it's pretty hard to mess up there - again, assuming you use forest/domain replication. If not - it might be simply miscofigured.
            Again is till don't see why you would put your ISP's DNS onto the client machines, nor for that fact the server. This is a sure fire way to start having AD issues.

            You can stop all internet access except DNS by using your firewall to full effect.

            Comment


            • #7
              Re: Alternate DNS doesn't work in Backup domain controller

              Originally posted by wullieb1 View Post
              Again is till don't see why you would put your ISP's DNS onto the client machines, nor for that fact the server. This is a sure fire way to start having AD issues.

              You can stop all internet access except DNS by using your firewall to full effect.
              You are right. It shouldn't be done in a domain environment; However, the example was given to demonstrate how the alternate DNS address is used.
              In the second example I presented a situation with two DCs and both have DNS service. No external DNS is configured, so in fact toot hints will be used - as you said. Let's drop DNS implementation possibilities around the globe - obviously, with both try to help and I give poor examples; I'll stick to plain answers.

              thuya, still waiting on more details about your situation.
              Regards,
              Leonid

              MCSE 2003, MCITP EA, VCP4.

              Comment

              Working...
              X