No announcement yet.

Does a 2008 server really need to be a DNS server?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Does a 2008 server really need to be a DNS server?

    I have a small business network with about 8 computers. They've been peer to peer for some time and would like a server now. In the process of setting up DC/AD/GP, file server and reading more about server 2008 I recalled a recent issue at a friend's office where they were experience network issues with the 2003 server. For some reason, another tech had enabled DNS and DHCP but the Linksys router in place was already doing DNS/DHCP for the network. My question is, why and what does best practice say about this? Should the file/print server, which is also a domain controller with active directory provide all the DNS/DHCP for the network when the router is already configured to do this? My biggest concern in relying on one box to control every aspect, we have a single point of failure. Then the "what if's...?" come into play- and most small businesses can't afford really great backup programs capable of virtualization/BMR. Any thoughts on this? Thank you

  • #2
    Re: Does a 2008 server really need to be a DNS server?

    If you have a domain controller, you almost certainly have active directory integrated DNS already there, so it makes sense to use this for your clients (if not, AD will experience problems)

    Make your DC responsible for DNS and DHCP (perhaps set the router as a secondary DNS server IF AD fails) and it will all work out.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: Does a 2008 server really need to be a DNS server?


      Let your DC handle DNS and DHCP. keep regular backup using inbuilt backup functionality. You can configure it to take backup automatically. Use wbadmin to schedule systemstate backup and complete server data backup.

      With router you can keep it for fail back situation but make sure that network resources like file/printserver/dc there address is reserved. You need to test this failback before you can commit as there will be glitches for sure since this is not a best practice.
      Thanks & Regards

      MCTS 2008, MCTIP, MCSE 2003, MCSA+Messaging E2K3, MCP, E2K7
      Sr. Wintel Eng. (Investment Bank)
      Independent IT Consultant and Architect

      Show your appreciation for my help by giving reputation points


      • #4
        Re: Does a 2008 server really need to be a DNS server?

        Aggree with Ossian's post, Why wouldn't you use it? AD works better with it and takes care of everything i know one point of failure but in this environment you dont have many choices something has to be


        • #5
          Re: Does a 2008 server really need to be a DNS server?

          I think one of the main answers to your question is:

          If you plan on using Active Directory, then you DEFINITELY need DNS.
          And more so - your linksys or other router, in all likelihood, will not provide the sort of DNS service you need - so yes, you would need it on the 2008 server.
          (You could run it on a linux box if you wantd, but it's just easier to integrate it into AD)
          Please do show your appreciation to those who assist you by leaving Rep Point


          • #6
            Re: Does a 2008 server really need to be a DNS server?

            Routers that claim to "handle" DNS are actually almost always DNS proxies - they just pass the traffic off to your ISPs DNS servers. These servers will know nothing about your internal resources, so you need internal DNS for printers, NAS devices, intranet sites etc and not just for the internet. That's on top of the points already raised.

            The only time I ever don't make a DC a DNS server is in multi-domain forests. I keep all the DNS servers in the forest root domain, so that Domain Admins in the sub-domains can't make changes. IME letting developers mess with DNS is just about the quickest way possible to get a non-functioning network.
            BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
            Cruachan's Blog