Solved

DNS config question: does a server that is outside of my domain have any business being listed as a nameserver?

Posted on 2008-06-18
3
236 Views
Last Modified: 2010-05-18
I am in the process of configuring three DCs to serve several load-balanced IIS boxes.  

I first started this config two years ago. My config was only partially successful. I'm finally fixing things, but I'm having to clean up my old work, some of which were stopgap measures.

My three DCs are replicating their zones to one another. Looking at the forward lookup zones I notice that there is an instutional machine listed as a nameserver. This is outside of my domain. We probably did this as some stopgap DNS redundancy way back when. Probably doesn't matter one way or another, but I doubt it is even a Windows machine.

I am wondering if it has any business being there or if I should delete this external Nameserver.
WIll it cause harm/misconfiguration? Will it help?
Is there anything "tricky" to know about deleting it, or can I just kill the extra nameserver using the DNS GUI?

Thanks.


0
Comment
Question by:kennethfine
  • 2
3 Comments
 
LVL 38

Accepted Solution

by:
ChiefIT earned 250 total points
ID: 21819032
There are places to check for outside servers that you probably don't want in your configurations.

1) each server and NICs list of prefered DNS servers
2) the router's list of internal DNS servers.

The only place that is really a good practice to configure outside servers is DNS forwarders. Even then, that's only if you use recursion. Root hints comes pre conigured with public DNS servers. So, you don't have to configure root hints.

The link below will tell you the chronology of a DNS query: This might help you see why forwarders would be the only real good spot for outside servers.

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_23204162.html
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21819035
Oh yes, add to the list:

3) DHCP configuration.
0
 
LVL 55

Expert Comment

by:andyalder
ID: 21822765
RFC2182 says you should have geographically and topoligically dispersed secondary nameservers, not that it really matters for small domains.

What the DNS GUI lists may be immaterial, you need to check your DNS from the root-servers using NSlookup (or get www.checkdns.net to do it for you).
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration, of the HP EVA 4400 SAN Storage. The name , IP and the WWN ID’s used here are not the real ones. ABOUT THE STORAGE For most of you reading this, you …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now