Solved

2 subnet DNS Setup

Posted on 2006-07-07
2
335 Views
Last Modified: 2010-04-18
I have a windows 2003 network setup in two locations connected via WAN VPN.   What would be the correct DNS configuration for this setup?  I am starting to see a long logon time in the remote location.

Should I have a DNS Server on both sides and have the 2 servers replicate to each other?  

How should the DC's be setup? Normally I have all PC's / BDC's DNS Set for the DC, and the DC pointed to itself. Should the DC in each location be set to itself and the clients in each subnet set to that DC?  Have everyone pointed to the main DC in the primary location? Sorry rambling...


Thanks,
Scott


0
Comment
Question by:scott_thompson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 17060927
You should have DNS at both locations.  If the zones are AD Integrated, then simply installing DNS on the remote site's DC will create a populate the zones for you.

You should also run DHCP locally so you can hand out the local DNS server address as well as making the remote DC a Global Catalog server.

If you add another DC in the remote location you need to also setup Sites in AD Sites and Services to allow clients to talk with their local servers for authentication.
0
 
LVL 33

Accepted Solution

by:
NJComputerNetworks earned 500 total points
ID: 17061283
example of settings on clients and servers:

Server Name: SERVERDC1
IP: 10.10.10.5
Subnet: 255.255.255.0
Gateway: 10.10.10.1
DNS1: 127.0.0.1 or 10.10.10.5  <--- Make sure the DC points to itself for DNS resolution (Do NOT point to the ISP DNS servers)
DNS2: 20.20.20.6

Server Name: SERVERDC2
IP: 20.20.20.6
Subnet: 255.255.255.0
Gateway: 10.10.10.1
DNS1: 10.10.10.5  <--- Make sure the DC points to the first DC for DNS resolution (Do NOT point to the ISP DNS servers)
DNS2: 20.20.20.6 or 127.0.0.1

Client Name or Memberserver: Desktop1
IP: 10.10.10.51
Subnet: 255.255.255.0
Gateway: 10.10.10.1
DNS1: 10.10.10.5  <--- Make sure the client points to the closest DC for DNS resolution (Do NOT point to the ISP DNS servers)
DNS2: 20.20.20.6  <--- Make sure the client point to the second closest DC for DNS resolution



After you have verified that replication has completed successfully, DNS may be configured on each Domain Controller in either of two ways, depending on the requirements of the environment. The configuration options are:• Configure the Preferred DNS server in TCP/IP properties on each Domain Controller to use itself as Primary DNS Server. • Advantages:
Ensures that DNS queries originating from the Domain Controller will be resolved locally if possible. Will minimize impact of Domain Controller’s DNS queries on the network
• Disadvantages:
Dependant on Active Directory replication to ensure that DNS zone is up to date. Lengthy replication failures may result in an incomplete set of entries in the zone.  
 
• Configure all Domain Controllers to use a centralized DNS server as their Preferred DNS Server. • Advantages:• Minimizes the reliance on Active Directory replication for DNS zone updates of Domain Controller locator records. This includes faster discovery of new or updated Domain Controller locator records, as replication lag time is not an issue.
• Provides a single authoritative DNS server, which may be useful when troubleshooting Active Directory replication issues
 
• Disadvantages:• Will more heavily utilize the network to resolve DNS queries originating from the Domain Controller
• DNS name resolution may be dependant on network stability; loss of connectivity to the Preferred DNS server will result in failure to resolve DNS queries from the Domain Controller. This may result in apparent loss of connectivity, even to locations that are not across the lost network segment.
 
 
http://support.microsoft.com/?kbid=825036
0

Featured Post

Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question