northfieldwifi
asked on
Public DNS Question
Hello Ladies and Gents,
We have two public DNS servers. Both servers see each other and transfer between one another. What happens though, when we create new zones, the zones will not automatically replicate on the 2nd server, we have to create it manually. What does transfer automatically are the PTR records and etc for the respective zones....
Is there anyway to create these zones and have the zones replicate to the other server instead of manually creating the zones on both servers? Neither server is a part of the same domain, they are free standing servers that look to each other for updates. Let me know what you think.
Thanks all,
We have two public DNS servers. Both servers see each other and transfer between one another. What happens though, when we create new zones, the zones will not automatically replicate on the 2nd server, we have to create it manually. What does transfer automatically are the PTR records and etc for the respective zones....
Is there anyway to create these zones and have the zones replicate to the other server instead of manually creating the zones on both servers? Neither server is a part of the same domain, they are free standing servers that look to each other for updates. Let me know what you think.
Thanks all,
Justin Ellenbecker
As far as I know zones cannot be replicated across servers, I could be mistaken though. At least with windwows boxes that aren't AD integrated anyways. What is the DNS server running Windows, Linux etc...
ASKER
The two servers are running Win2k3. They are not domain controllers, just seperate servers that are stand alone. Zones do not transfer, but once the zones are created on both, the records do..... Would be great if there is a way to make the zones to transfer.
A DNS zone is either master (primary) or slave (secondary). If the zone is secondary, the DNS server must know the ip-address of the primary.
If you have multiple secondary zones on a DNS server, they could each be configured to have a primary zone on a different DNS server.
There can be many secondary zones pointing to the same primary zone on a single DNS server.
Secondary zones are therefore not automatically replicated when you create a new primary zone.
If you have multiple secondary zones on a DNS server, they could each be configured to have a primary zone on a different DNS server.
There can be many secondary zones pointing to the same primary zone on a single DNS server.
Secondary zones are therefore not automatically replicated when you create a new primary zone.
ASKER
Aw, that is the way we have things set up. We have the primary server with primary zones and the secondary server(s) with secondary zones. If we re-did things, (servers not technically in production yet) what would be a better configuration? Having primary servers across the board so they replicate automatically?
Well, if you have to do it manually then you can copy the .dns file from %SystemRoot%\System32\DNS\
The best way would be to use AD if the servers are reachable via local area or vpn.
I am not sure if copying the dns files to the other DNS server makes much sense.
The normal procedure would be:
1 - configure primary zone
2 - create secondary zone on a different server and configure the ip-address of DNS server that is running the primary zone
3 - All the contents of the primary zone are automatically replicated to the secondary zone (which is essentially equivalent to copying the dns files. However, changes to the primary are automatically replicated to the secondary, which is better than file copying).
If you do not want to perform step 2, how do you propose, would the primary know where to create secondary zones?
The normal procedure would be:
1 - configure primary zone
2 - create secondary zone on a different server and configure the ip-address of DNS server that is running the primary zone
3 - All the contents of the primary zone are automatically replicated to the secondary zone (which is essentially equivalent to copying the dns files. However, changes to the primary are automatically replicated to the secondary, which is better than file copying).
If you do not want to perform step 2, how do you propose, would the primary know where to create secondary zones?
Anneli your solution is of course the right way to do it when AD is not available. Mine was just a suggestion of how to do it faster if one had to do it all the way manually.
anneb's metod is what should be done with Windows DNS servers
For linux/bind I once wrote a package ("bindautoslave") that scans the error log for failed slave notifications and (if the source was an acceptable master) automatically added the corresponding slave zone. Unfortunately I don't know which logs and events to monitor on a Windows box to achieve similar automated behaviour.
For linux/bind I once wrote a package ("bindautoslave") that scans the error log for failed slave notifications and (if the source was an acceptable master) automatically added the corresponding slave zone. Unfortunately I don't know which logs and events to monitor on a Windows box to achieve similar automated behaviour.
ASKER
So is the best scenario is to create the main server as a domain controller. Are there any benefits to making the main server a domain controller VS having these DNS servers just two seperate boxes that can talk to one another? These servers will just be doing DNS, nothing more and nothing will be behind them....
Are these servers just best as stand alones that can talk to one another or would it be best to have them in an AD set up?
Are these servers just best as stand alones that can talk to one another or would it be best to have them in an AD set up?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.