Colchester_Institute
asked on
Internal DNS Setup Advice
Hi,
I am looking into our internal DNS situation and I think it needs an overhaul. We have 11 sites and at the moment the DNS service is running on nearly all of the domain controllers on the network, there are a minimum of 2 per site.
I am wondering if I need to curb this down to possibly 1x DNS per site or less than that, maybe to 3 main sites?
With the DNS setup currently running within win2003 & win 2008 environment, I am at a loss of best practice on something like this.
I guess getting all the DNS setup in win2008 is the way to go.
The forward lookup zone would be for the domain. Is there a way to be site specific underneath this zone or is that not required? Also there are alot of different vlans, so would I need to set these up in DNS for reverse lookup?
Sorry for all the questions but trying to get a good solution to get this right, as i think it has been left and not looked after...........until now ;-)
Thanks
I am looking into our internal DNS situation and I think it needs an overhaul. We have 11 sites and at the moment the DNS service is running on nearly all of the domain controllers on the network, there are a minimum of 2 per site.
I am wondering if I need to curb this down to possibly 1x DNS per site or less than that, maybe to 3 main sites?
With the DNS setup currently running within win2003 & win 2008 environment, I am at a loss of best practice on something like this.
I guess getting all the DNS setup in win2008 is the way to go.
The forward lookup zone would be for the domain. Is there a way to be site specific underneath this zone or is that not required? Also there are alot of different vlans, so would I need to set these up in DNS for reverse lookup?
Sorry for all the questions but trying to get a good solution to get this right, as i think it has been left and not looked after...........until now ;-)
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi PaciB.
Thanks for that answer it is pro, site wise we on have more than 2 dcs at a couple of sites atm due to transition to 2008. Network link wise the lowers connection speed is 10mb LES circuit for smaller sites.
I have checked out the AD sites and services and that is all spot on with the sites we have and the subnets within, so thats good :-)
I have copied what the forward DNS looks like (changed the names for security)
So I can seet the msdcs and they are all in there, I guess the other ones like portal sats etc have been created manually? What could be the reason for that?
On the unique reverse lookup range you mentioned, would I use the reverse lookup zone name option to do this?
I guess I would need to setup scavenging to remove old pc's out of DNS. If I was to delete some "A records" out of DNS would it repopulate it ok, say if I did a blanket clear?
Thanks so far really appreciate the help.
Thanks for that answer it is pro, site wise we on have more than 2 dcs at a couple of sites atm due to transition to 2008. Network link wise the lowers connection speed is 10mb LES circuit for smaller sites.
I have checked out the AD sites and services and that is all spot on with the sites we have and the subnets within, so thats good :-)
I have copied what the forward DNS looks like (changed the names for security)
So I can seet the msdcs and they are all in there, I guess the other ones like portal sats etc have been created manually? What could be the reason for that?
On the unique reverse lookup range you mentioned, would I use the reverse lookup zone name option to do this?
I guess I would need to setup scavenging to remove old pc's out of DNS. If I was to delete some "A records" out of DNS would it repopulate it ok, say if I did a blanket clear?
Thanks so far really appreciate the help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
PaciB,
Cheers mate, your information is exactly what I have been after, I have a couple more question please,
On the screenshot above is the "local" folder part of DNS or has that been added manually?
Since I have 2 dc at each site, should the DCs DNS primary dns be set to pri 127.0.0.1? then have the dc on site as a secondary, with a different site as an alternative then possibly locked down external?
On the scavenging front, should I leave it at 7 days or should I change it to be shorter than that?
MANY MANY thanks so far.
Cheers mate, your information is exactly what I have been after, I have a couple more question please,
On the screenshot above is the "local" folder part of DNS or has that been added manually?
Since I have 2 dc at each site, should the DCs DNS primary dns be set to pri 127.0.0.1? then have the dc on site as a secondary, with a different site as an alternative then possibly locked down external?
On the scavenging front, should I leave it at 7 days or should I change it to be shorter than that?
MANY MANY thanks so far.
ASKER
also is there a way to get a server to add a static DNS entry automatically, or is this a manual process?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Brilliant Answered exactly what i needed, many thanks! Thumbs UP!
In an enterprise environment you need to have any service available at any site.
Any site should be auto sufficient, and if possible have the services redundant.
It's up to you if you want to centralize, but you should be very accurate at planning.