Correct basic default dns settings

08/08/2007, 07h05

Hi,

We have a small network with two DCs and around 50 users.

DC1 is at 192.168.50.10
GW: 192.168.50.1
DNS: 192.168.50.10

DC2 is at 192.168.50.11
GW: 192.168.50.1
DNS: 192.168.50.10

The firewall's LAN side is at 192.168.50.1 and this is also the DHCP
server. The DHCP server gives out data like this:

GW: 192.168.50.1
DNS1: 192.168.50.10
DNS2: <my ISP's name server>
WINS: 192.168.50.10

Should DC2's DNS actually be 192.168.50.11?

I have understood that it isn't good practice to add external name
servers as secondary DNS for clients. So where do I add references to
the external name servers in the DNS server props at DC1 and DC2 so
clients (and the servers) will be able to resolve external addresses?

Both DC1 and DC2 runs DNS servers. How do I check if they replicate
properly, and what is important in this scenario?

How do I run tests from clients to check that everything runs properly
and there is no unnecessary delays?

Thanks for comments and on this issue

regards

Jake

08/08/2007, 10h48

Qn.1) Configure DHCP to point to your internal DNS servers, remove the
reference to the external DNS server.
Qn.2) Configure your internal DNS servers to Forward to the external DNS
servers. To do this right click on your DNS Server, select properties and
should see a Forwarders Tab - enter your external DNS address here.
Qn.3) Run a utility like DNSLint - it will the version numbers of the
Domain DNS servers. Alternatively if you only have 2 DNS servers you can
opne the Properties of the DNS zone select the Start of Authority tab and
next to the serial number click the increment button, note the serial number
and give it a short while and compare it with the serial number version on
the other DNS Server
Qn.) Run NSLookups and perform pings to testing client resolution and speed.

Hope this s

Joe

"Jake" wrote:

> Hi,
>
> We have a small network with two DCs and around 50 users.
>
> DC1 is at 192.168.50.10
> GW: 192.168.50.1
> DNS: 192.168.50.10
>
> DC2 is at 192.168.50.11
> GW: 192.168.50.1
> DNS: 192.168.50.10
>
> The firewall's LAN side is at 192.168.50.1 and this is also the DHCP
> server. The DHCP server gives out data like this:
>
> GW: 192.168.50.1
> DNS1: 192.168.50.10
> DNS2: <my ISP's name server>
> WINS: 192.168.50.10
>
> Should DC2's DNS actually be 192.168.50.11?
>
> I have understood that it isn't good practice to add external name
> servers as secondary DNS for clients. So where do I add references to
> the external name servers in the DNS server props at DC1 and DC2 so
> clients (and the servers) will be able to resolve external addresses?
>
> Both DC1 and DC2 runs DNS servers. How do I check if they replicate
> properly, and what is important in this scenario?
>
> How do I run tests from clients to check that everything runs properly
> and there is no unnecessary delays?
>
> Thanks for comments and on this issue
>
> regards
>
> Jake
>

08/08/2007, 11h38

Joe skreiv:
> Qn.1) Configure DHCP to point to your internal DNS servers, remove the
> reference to the external DNS server.
> Qn.2) Configure your internal DNS servers to Forward to the external DNS
> servers. To do this right click on your DNS Server, select properties and
> should see a Forwarders Tab - enter your external DNS address here.
> Qn.3) Run a utility like DNSLint - it will the version numbers of the
> Domain DNS servers. Alternatively if you only have 2 DNS servers you can
> opne the Properties of the DNS zone select the Start of Authority tab and
> next to the serial number click the increment button, note the serial number
> and give it a short while and compare it with the serial number version on
> the other DNS Server
> Qn.) Run NSLookups and perform pings to testing client resolution and speed.
>
> Hope this s
>
> Joe

Thanks Joe!

Two more questions:

I wrote:
>> DC2 is at 192.168.50.11
>> GW: 192.168.50.1
>> DNS: 192.168.50.10

Should DC2 have its own IP as DNS (in the case if DC1 breaks down)? Or
is it correct as I wrote it?

Also I noticed when checking the DNS properties of DC2 that 'Primary DNS
server = DC2.mydomain.local' Shouldn't it state that DC1 is the primary
dns server? Or it is ok that the secondary DC's DNS server is its own
primary DNS server?

Thanks for comments on this too..

Jake

08/08/2007, 12h06

Jake

There is a distinction between a DNS server being a Primary server and the
zones it is hosting being primary and secondary zones. So in this case both
DNS server may refer to themselves as primary, however one might have a
primary zone file mycompany.com which is replicated as a secondary zone to
the other DNS server.

If you are running windows, I would make your DNS zones Active Directory
Integrated Zones. There are several advantages, it allows you the redundancy
you have made reference to if DC01 becomes unavailable - it is more secure,
it replicates with Active Directory and in theory should take up less of your
admin time.

When you ask should DC02 have its own IP address, I'd configure DHCP
settings like this

Preferred DNS: 192.168.50.10
Alternative DNS: 192.168.50.11

Joe

"Jake" wrote:

> Joe skreiv:
> > Qn.1) Configure DHCP to point to your internal DNS servers, remove the
> > reference to the external DNS server.
> > Qn.2) Configure your internal DNS servers to Forward to the external DNS
> > servers. To do this right click on your DNS Server, select properties and
> > should see a Forwarders Tab - enter your external DNS address here.
> > Qn.3) Run a utility like DNSLint - it will the version numbers of the
> > Domain DNS servers. Alternatively if you only have 2 DNS servers you can
> > opne the Properties of the DNS zone select the Start of Authority tab and
> > next to the serial number click the increment button, note the serial number
> > and give it a short while and compare it with the serial number version on
> > the other DNS Server
> > Qn.) Run NSLookups and perform pings to testing client resolution and speed.
> >
> > Hope this s
> >
> > Joe
>
> Thanks Joe!
>
> Two more questions:
>
> I wrote:
> >> DC2 is at 192.168.50.11
> >> GW: 192.168.50.1
> >> DNS: 192.168.50.10
>
> Should DC2 have its own IP as DNS (in the case if DC1 breaks down)? Or
> is it correct as I wrote it?
>
> Also I noticed when checking the DNS properties of DC2 that 'Primary DNS
> server = DC2.mydomain.local' Shouldn't it state that DC1 is the primary
> dns server? Or it is ok that the secondary DC's DNS server is its own
> primary DNS server?
>
> Thanks for comments on this too..
>
> Jake
>

08/08/2007, 07h05	#1
Jake Messages: n/a Hébergeur:	Correct basic default dns settings Hi, We have a small network with two DCs and around 50 users. DC1 is at 192.168.50.10 GW: 192.168.50.1 DNS: 192.168.50.10 DC2 is at 192.168.50.11 GW: 192.168.50.1 DNS: 192.168.50.10 The firewall's LAN side is at 192.168.50.1 and this is also the DHCP server. The DHCP server gives out data like this: GW: 192.168.50.1 DNS1: 192.168.50.10 DNS2: <my ISP's name server> WINS: 192.168.50.10 Should DC2's DNS actually be 192.168.50.11? I have understood that it isn't good practice to add external name servers as secondary DNS for clients. So where do I add references to the external name servers in the DNS server props at DC1 and DC2 so clients (and the servers) will be able to resolve external addresses? Both DC1 and DC2 runs DNS servers. How do I check if they replicate properly, and what is important in this scenario? How do I run tests from clients to check that everything runs properly and there is no unnecessary delays? Thanks for comments and on this issue regards Jake

08/08/2007, 10h48	#2
Joe Messages: n/a Hébergeur:	RE: Correct basic default dns settings Qn.1) Configure DHCP to point to your internal DNS servers, remove the reference to the external DNS server. Qn.2) Configure your internal DNS servers to Forward to the external DNS servers. To do this right click on your DNS Server, select properties and should see a Forwarders Tab - enter your external DNS address here. Qn.3) Run a utility like DNSLint - it will the version numbers of the Domain DNS servers. Alternatively if you only have 2 DNS servers you can opne the Properties of the DNS zone select the Start of Authority tab and next to the serial number click the increment button, note the serial number and give it a short while and compare it with the serial number version on the other DNS Server Qn.) Run NSLookups and perform pings to testing client resolution and speed. Hope this s Joe "Jake" wrote: > Hi, > > We have a small network with two DCs and around 50 users. > > DC1 is at 192.168.50.10 > GW: 192.168.50.1 > DNS: 192.168.50.10 > > DC2 is at 192.168.50.11 > GW: 192.168.50.1 > DNS: 192.168.50.10 > > The firewall's LAN side is at 192.168.50.1 and this is also the DHCP > server. The DHCP server gives out data like this: > > GW: 192.168.50.1 > DNS1: 192.168.50.10 > DNS2: <my ISP's name server> > WINS: 192.168.50.10 > > Should DC2's DNS actually be 192.168.50.11? > > I have understood that it isn't good practice to add external name > servers as secondary DNS for clients. So where do I add references to > the external name servers in the DNS server props at DC1 and DC2 so > clients (and the servers) will be able to resolve external addresses? > > Both DC1 and DC2 runs DNS servers. How do I check if they replicate > properly, and what is important in this scenario? > > How do I run tests from clients to check that everything runs properly > and there is no unnecessary delays? > > Thanks for comments and on this issue > > regards > > Jake >

08/08/2007, 11h38	#3
Jake Messages: n/a Hébergeur:	Re: Correct basic default dns settings Joe skreiv: > Qn.1) Configure DHCP to point to your internal DNS servers, remove the > reference to the external DNS server. > Qn.2) Configure your internal DNS servers to Forward to the external DNS > servers. To do this right click on your DNS Server, select properties and > should see a Forwarders Tab - enter your external DNS address here. > Qn.3) Run a utility like DNSLint - it will the version numbers of the > Domain DNS servers. Alternatively if you only have 2 DNS servers you can > opne the Properties of the DNS zone select the Start of Authority tab and > next to the serial number click the increment button, note the serial number > and give it a short while and compare it with the serial number version on > the other DNS Server > Qn.) Run NSLookups and perform pings to testing client resolution and speed. > > Hope this s > > Joe Thanks Joe! Two more questions: I wrote: >> DC2 is at 192.168.50.11 >> GW: 192.168.50.1 >> DNS: 192.168.50.10 Should DC2 have its own IP as DNS (in the case if DC1 breaks down)? Or is it correct as I wrote it? Also I noticed when checking the DNS properties of DC2 that 'Primary DNS server = DC2.mydomain.local' Shouldn't it state that DC1 is the primary dns server? Or it is ok that the secondary DC's DNS server is its own primary DNS server? Thanks for comments on this too.. Jake

08/08/2007, 12h06	#4
Joe Messages: n/a Hébergeur:	Re: Correct basic default dns settings Jake There is a distinction between a DNS server being a Primary server and the zones it is hosting being primary and secondary zones. So in this case both DNS server may refer to themselves as primary, however one might have a primary zone file mycompany.com which is replicated as a secondary zone to the other DNS server. If you are running windows, I would make your DNS zones Active Directory Integrated Zones. There are several advantages, it allows you the redundancy you have made reference to if DC01 becomes unavailable - it is more secure, it replicates with Active Directory and in theory should take up less of your admin time. When you ask should DC02 have its own IP address, I'd configure DHCP settings like this Preferred DNS: 192.168.50.10 Alternative DNS: 192.168.50.11 Joe "Jake" wrote: > Joe skreiv: > > Qn.1) Configure DHCP to point to your internal DNS servers, remove the > > reference to the external DNS server. > > Qn.2) Configure your internal DNS servers to Forward to the external DNS > > servers. To do this right click on your DNS Server, select properties and > > should see a Forwarders Tab - enter your external DNS address here. > > Qn.3) Run a utility like DNSLint - it will the version numbers of the > > Domain DNS servers. Alternatively if you only have 2 DNS servers you can > > opne the Properties of the DNS zone select the Start of Authority tab and > > next to the serial number click the increment button, note the serial number > > and give it a short while and compare it with the serial number version on > > the other DNS Server > > Qn.) Run NSLookups and perform pings to testing client resolution and speed. > > > > Hope this s > > > > Joe > > Thanks Joe! > > Two more questions: > > I wrote: > >> DC2 is at 192.168.50.11 > >> GW: 192.168.50.1 > >> DNS: 192.168.50.10 > > Should DC2 have its own IP as DNS (in the case if DC1 breaks down)? Or > is it correct as I wrote it? > > Also I noticed when checking the DNS properties of DC2 that 'Primary DNS > server = DC2.mydomain.local' Shouldn't it state that DC1 is the primary > dns server? Or it is ok that the secondary DC's DNS server is its own > primary DNS server? > > Thanks for comments on this too.. > > Jake >

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email