Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS config question: does a server that is outside of my domain have any business being listed as a nameserver?

Posted on 2008-06-18
3
Medium Priority
?
281 Views
Last Modified: 2010-05-18
I am in the process of configuring three DCs to serve several load-balanced IIS boxes.  

I first started this config two years ago. My config was only partially successful. I'm finally fixing things, but I'm having to clean up my old work, some of which were stopgap measures.

My three DCs are replicating their zones to one another. Looking at the forward lookup zones I notice that there is an instutional machine listed as a nameserver. This is outside of my domain. We probably did this as some stopgap DNS redundancy way back when. Probably doesn't matter one way or another, but I doubt it is even a Windows machine.

I am wondering if it has any business being there or if I should delete this external Nameserver.
WIll it cause harm/misconfiguration? Will it help?
Is there anything "tricky" to know about deleting it, or can I just kill the extra nameserver using the DNS GUI?

Thanks.


0
Comment
Question by:kennethfine
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
ChiefIT earned 1000 total points
ID: 21819032
There are places to check for outside servers that you probably don't want in your configurations.

1) each server and NICs list of prefered DNS servers
2) the router's list of internal DNS servers.

The only place that is really a good practice to configure outside servers is DNS forwarders. Even then, that's only if you use recursion. Root hints comes pre conigured with public DNS servers. So, you don't have to configure root hints.

The link below will tell you the chronology of a DNS query: This might help you see why forwarders would be the only real good spot for outside servers.

http://www.experts-exchange.com/Networking/Protocols/DNS/Q_23204162.html
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21819035
Oh yes, add to the list:

3) DHCP configuration.
0
 
LVL 56

Expert Comment

by:andyalder
ID: 21822765
RFC2182 says you should have geographically and topoligically dispersed secondary nameservers, not that it really matters for small domains.

What the DNS GUI lists may be immaterial, you need to check your DNS from the root-servers using NSlookup (or get www.checkdns.net to do it for you).
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question