Domain and dns over VPN

Posted on 2011-05-06
Last Modified: 2012-05-11
I have 11 offices that connect through a VPN to a Windows Server 2003 domain controller running Active Directory in our headquarters.

This may be a stupid question for someone who has been running this domain for several years to finally ask but I have all of the computers in the remote offices DNS pointing back to the domain controller. Am I correct in doing this? I was always under the impression I had to in order for them to connect to the domain but the problem is when the internet service is slow in headquarters if affects service in the branch offices because their DNS points to headquarters. Also, if the remote offices are using a lot of bandwidth (streaming video, etc...) and their DNS is pointing back to headquarters are they in fact taking bandwidth away from headquarters? Am I making any sense? Thanks for any light you can shed. I have always been confused by DNS.
Question by:clifford_m71
    LVL 38

    Expert Comment

    by:Adam Brown
    If you have Domain Controllers in each site, it's usually best to use the site's DC as a DNS server for clients. DNS will use some of your bandwidth, and the time required to send a request to a remote DC will cause latency in DNS lookups. The DNS zone for the domain is the same on all Domain Controllers, as it is replicated automatically if it's AD Integrated.
    LVL 38

    Accepted Solution

    To add, if you don't have a domain controller in the other sites, it is a good idea to point to the Domain Controller in the main site.

    Author Comment

    Should I set up the secondary DNS with the local DNS or leave it blank? The issue then is, being on the VPN, when the main office looses internet service not only is the VPN down at the remote offices but so is the internet?

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Introduction This article explores the design of a cache system that can improve the performance of a web site or web application.  The assumption is that the web site has many more “read” operations than “write” operations (this is commonly the ca…
    This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now