DNS Forwarders at different sites? Same Domain though?

Posted on 2010-01-05
Last Modified: 2012-05-08
I was doing a quick inventory on my 8 DCs DNS Forwarders.

All are MS Server 2003 Domain Controllers.

I basically have 4 physical sites, each has 2 DCs. What is the common practise for setting up DNS Forwarders in this scenario? Would it make sense to have them all pointing to the same public DNS servers? How many DNS Forwarding server IPs are recommended?

I have two at each site as I would like to have DNS available to users should a DC go down at that site...

Please advise o'wise ones. :) Thanks in advance.
Question by:OdyChris
    LVL 2

    Assisted Solution

    Configure your workstations to get its Primary DNS from DC1 in the same site, and the Secondary DNS from DC2 in the same site.

    Then if 1 of your DC's fail, users can still get DNS records resolved, becuase they will just ask the other DC that is still available in the site.

    If both DC's go down in your site, then you have bigger issues than DNS not working!

    Set each of your DC's to forward requests to an external DNS server, you can add as few, or as many as you like. I would add more if the external DNS server is unreliable.

    LVL 57

    Accepted Solution

    Are all four sites using the same ISP?  Are all four sites in the same country?  If the answer is yes to both, then they all can use the same forwarders.

    However if the answer is no to either one, then they should not use the same forwarders.

    If you have different ISP's or the sites are in different countries, then use the forwarders the ISP provided.  This should allow each site to get responses a bit faster.  Of course you could load the helper file and not use the forwarders the ISP provided.  The disadvantage of using the helper file is you will not gain the advantage of your ISP caching entries for you.


    Featured Post

    6 Surprising Benefits of Threat Intelligence

    All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

    Join & Write a Comment

    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now