Solved

Caching Only DNS and DHCP

Posted on 2008-06-11
10
557 Views
Last Modified: 2012-05-05
Can you point internal DHCP clients at a caching-only internal DNS server and expect the DNS records to dynamically update on the primary domain DNS servers?  

If this is possible then is there any special setup which must be performed?  If not, what is the recommendation?

All internal Windows 2003 R2 Servers and Windows XP/Vista clients on a single domain.
0
Comment
Question by:Nyah247
  • 5
  • 5
10 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 21767384
Why do you want to use a caching only server? What are you trying to acheive?
It would make fare more sense in most cases just to us a standard AD Integrated DNS solution.
0
 
LVL 6

Author Comment

by:Nyah247
ID: 21768007
I don't want to use a caching only DNS server but others in my group do.  I think they want to use this to off load responsibility from the primary DNS and provide some security.  Anyway...that is not my call.  I just need to make this thing work the best it can or prove it is not a good solution with some MS article or something.  Any ideas that may help or gotchas that I may be able to prove with some documentation?
0
 
LVL 70

Expert Comment

by:KCTS
ID: 21768196
The best option would be to install another DC and then install DNS on that. With AD Integrated DNS then in effect you have two primary DNS servers that will replicate with each other without the need to set up caching or zone transfers. Ad the DNS in incorporated within AD replication happens with AD replication and with all the AD security so its very efficient and has almost zero overhead. If you also toak the opportunity to make the addintional machine a Global Catalog then you also gain by having complete resilliance as in the case of one DC/DNS server failing, users will be able to authenticate with the other. This makes for a much more sensible, resilliant and practical solution that a caching only server.
0
 
LVL 6

Author Comment

by:Nyah247
ID: 21769344
We currently have 2 DCs with AD integrated DNS but our DNS guy would like me to point everything at the caching only servers to off load responsibility from the DCs and provide extra security.  The caching only servers are configured to forward all internal requests to the appropriate AD DNS server and all external requests to a DMZ caching only server which uses root hints.  

Nevertheless I seem to be having some issues with DHCP not updating records properly when the leases expire.  I am curious whether it is the setup or a configuration problem with either DNS or DHCP.  

So in a nut shell...  Is the configuration I mentioned supported when used with DHCP?  Is there any documentation you are aware of which would help me support any change justification?
0
 
LVL 70

Expert Comment

by:KCTS
ID: 21769548
OK I see what you are trying to do. You can have a caching only server, but remember it is read only, it simply caches previsous requests based on the TLL of the DNS record in DNS.

When you start out the caching server will have no entries, if it gets a DNS query from a client it forwards that request to the "real" DNS server, caches the reply and passes it back to the client. Subsequent requests for the same query are then served from the cache until the TTL for the record expires.

I would maintain two seperate DNS severs - one private and one public for security, you don't want the public server forwarding to your internal DNS
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 6

Author Comment

by:Nyah247
ID: 21770586
So are you saying that because the caching DNS servers are read-only they would not be a good to configuration for DHCP?

Currently my DHCP servers are configured to point at the caching-only servers (in their nic configuration) and the DHCP clients are assigned the caching only servers when they pull a lease.  So...with that in mind, is there something wrong with this config?
0
 
LVL 6

Author Comment

by:Nyah247
ID: 21778433
Thanks for your comments KCTS...  Any additional information you can provide pertaining to my questions above would be greatly appreciated.  
0
 
LVL 70

Expert Comment

by:KCTS
ID: 21778471
What I'm saying is that if you are trying to provide DNS resolution for external clients to access you public servers, then this should be a compltely different DNS setup to your internal DNS, otherwise you will compromise security - "split DNS" would be more appropriate
http://www.windowsnetworking.com/articles_tutorials/Split-DNS-Small-Business-Remote-Access-Connections.html
0
 
LVL 6

Author Comment

by:Nyah247
ID: 21778526
No external DNS or clients using the DNS we maintain...  All external DNS to our public servers is maintained by a third-party.  Anyway, I am most concerned about the internal DHCP pointing at the internal caching-only servers in regards to DNS record updates.  Is this a supported practice?

I think I may have misdirected you a bit on one of my comments.  Sorry and thanks a bunch for your patience.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 400 total points
ID: 21778586
OK I seem to have got confused (easily done), in that case I'll go back to my previous stance. Caching only servers are really designed for use where you have a remote site on the end of a slow link and cleints on that site need to resolve DNS as locally as possible without incurring the overheads which result from DNS zone transfer of AD replication.

If you have no bandwidth issues and/or this is a single site then multiple DCs with AD integrated DNS would offer a much more reliable solution without the latancy issues
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 20011 to Office 365 7 86
File Server Migration from 2003 to 2008R2 3 63
AD Replications issues 12 87
DNS CName is not working properly? 11 63
I wrote this article to explain some important DNS concepts that should be known to avoid some typical configuration errors I often see in forums. I assume that what is described here is the typical behavior of Microsoft DNS client. I don't know …
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now