• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 852
  • Last Modified:

Setting Priority on MS Windows 2003 DNS

Hello,

I have a DC with DNS setup on a couple of my branches. I would like to know if it is possible to accomplish priority based name resolution.

I have right now a local web page set up using IIS that employees use on a daily basis. I would like to add mirror of that web page on a different site just in case of disaster.

What I would like to know is that can I accomplish DNS priority in this scenario ?


 
0
Ism
Asked:
Ism
1 Solution
 
Todd GerbertIT ConsultantCommented:
No priority based resolution with Microsoft's DNS server (you might be able to find that functionality in another vendors DNS services, but that's probably not worth the hassle in an Active Directory environment).

You do have a couple options...

Manually update the DNS records in the event of a failure. (I bet you could find a utility or script to automate this, but I don't know of any off the top of my head).

Put two host records in DNS with the same name, and different IP addresses (e.g. www.yourdomain.com => 192.168.1.10 and www.yourdomain.com => 192.168.15.60).  No guarantee which address will be used for any given query though, so may not be an option if you're running anything more than plain HTML files, like an interactive web application.

The third thing that comes to mind is something I've thought of, but haven't tested yet.  In a properly setup Active Directory with a DC at each Site, yourdomain.local (or whatever your AD domain name is) should always resolve to the nearest domain controller. Though you still might run into issues with multiple copies of the web site running simultaneously, and it's generally considered a security no-no to run web sites on domain controllers.
0
 
Krzysztof PytkoActive Directory EngineerCommented:
Please check this EE post I helped with
http://www.experts-exchange.com/Networking/Protocols/DNS/Q_26852882.html

Follow this idea and it would work fine.

Regards,
Krzysztof
0
 
Chris DentPowerShell DeveloperCommented:

Manual / scripted / programmatic change-over is the way to go, DNS is not service-aware, if you web site fails it'll happily carry on handing out the IP for the failed server.

NetMask Ordering, doesn't help because it doesn't care about the state of your web service either.

Chris
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now