DNS settings for DNS servers

I am setting up a win2k3 server AD with 3 DCs 2 of them will also be DNS servers (we will call them DNS1 and DNS2. we have an old novell server running DNS currently (lets call it DNSnw. workstations will be configured to dns1 for the primary and dns 2 for the secondary.


on the 2 w2k3 dns servers what do i point there dns settings to?
do i point them at each other?
do i need to point both of them at my ISP?
do i need to point both of them at my old novell DNS or just one of them?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You can point them at each other and themselves.  You should configure them to forward unknown queries to your ISP DNS servers.  There is a forwarders tab under properties for server.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Hi branch-cs,

1.  If you are using AD integrated, you need to do nothing regarding this..
2.  See above
3.  Add your ISP DNS sservers to the Forwarders tab of both Windows DNS servers.
4.  Add the IP of DNSnw to the forwarders tab of both Windows DNS servers.

The above is good advice.  Let me just add that in most situations, you main a tiny increase in speed if the Domain Controllers point to themselves first, and then another DC as the secondary.  This will speed up resolution and precent un-nescessary DNS traffic.
branch-csAuthor Commented:
thank you all for your responses

let me make sure i have this straight in my mind

DNS1 under the tcp/ip properties tab should be set to DNS1 then DNS2
DNS2 under the tcp/ip properties tab should be set to DNS2 then DNS1
DNSnw under dns resolver configuration should be set to DNSnw then DNS1 then DNS2

under the forwarders tab DNS1 and DNS2 should be set to ISP-DNS and DNSnw (possible problem here would this create a loop between DNSnw and DNS1/DNS2?)

PCs tcp/ip properties for DNS should be set to DNS1 then DNS2

is there something in W2k3 that will show me what DNS is doing during a request?

i understand that in WinXp if the primary DNS server does not respond then it will go to the secondary DNS server
but what if the response from the primary DNS controller is unknown host does it then ask the secondary DNS?
or does it just give up?

Good questions.

First I would only put the ISP-DNS as the forwarders for DNS1 and DNS2.  You want everything traveling in one direction.  Actually, you don't even need forwarders technically.  If your DNS can't resolve a name, then it uses Root Hints if there is no forwarders and that works for alot of people.  But most people do use forwarders

Besides that I think you got everything right.  As far as what happens when DNS1 can't find something, I'm afraid that it will only utilize the secondary DNS if there is no response from the primary.  The timeout period is very short though.  Most of time, DNS servers will not respond with "unknown host" simply because the lookup info is not in its table.   Besides, if your Primary DNS and Secondary DNS are both DCs in the internal domain, then its very unlikely that either DC would results that differ from the other.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.