Best practice for adding a third Windows DNS server for backup (not AD Integrated)

Posted on 2005-04-06
Medium Priority
Last Modified: 2006-11-18
We are dusting off our Disaster Recovery plan and need some DNS advice. Our primary and secondary Win2003 DNS servers (stand alone, not AD) are located in a Co-Lo facility along with our web servers. If a major disaster were to occur at this facility, we can turn up and restore the web servers in a different location no problem, but we would be using a different block of IP addresses for all of our web sites, so there would be some DNS problems to resolve for sure.

In order to have the least amount of down time, our thinking was to install a 3rd dns server in a different location for all of the zones/domains we handle, which would just act as another secondary DNS server. But if a disaster were to occur at our main Co-Lo facility and knock out the 2 main dns servers, we could make this 3rd DNS server the primary (is this possible?) and load up the zones with the different block of IP addresses. Does this sound feasible?

How would you recommend we tackle this DNS issue? What logistics are we missing?


Question by:brian_summit
LVL 33

Accepted Solution

NJComputerNetworks earned 1000 total points
ID: 13726029
So, If I understand you correctly, the third DNS server will have the "different block of IP's" in its database (instead of the normal IP's).  This way if you lost everything, you could point your servers to use this third DNS server for resolution.  

Does your DNS servers support DDNS? (dynamic DNS) or do you turn this feature off?  

I think if you leave Dynamic DNS turned on (your server's new IP's will automatically register themselves) and you won't have to wait much time for these updates to occur. (http://support.microsoft.com/?kbid=246804)

If you have a static DNS database, then you might want to use the Third DNS server will the disaster recovery record mappings.  Then you will have to point your clients to use this DNS server in the event of disaster recovery.
LVL 104

Assisted Solution

Sembee earned 1000 total points
ID: 13735274
The only problem I see with this approach is that it doesn't gain you anything.

Changing DNS servers takes as long to replicate around the Internet as changing the IP addresses of the DNS servers. Therefore you don't really gain anything by having this machine there idle.
Personally I would simply setup the third server in to the existing DNS structure - but on a different site (which is good practise anyway). If the event of a failure all you need to do is change the IP addresses on this third server and you are back up and running. No need to wait for replication time.


Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
Integration Management Part 2

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question