Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.
Basic Networking DNS Question
Howdy Experts:
Just inherited a 4 server setup -- 1 DC (2008 R2), 1 Terminal Server, 1 App server and 1 SQL server. Only the DC has an outside IP address, plus and inside (192.168.1.50). The other servers are all addressed locally, 192.168.1.110 - 112. The Router address is 192.168.1.1.
My question -- this was previously set up so the three inside servers had a DNS 1 pointing to the router (192.x.x.1) and DNS 2 pointing to the DC, which is hosting DNS (192.x.x.50). In the past, I would only use DNS1 pointing to the router on all servers and workstations -- is there an advantage to setting up my DNS to read both IP addresses? If so, what order?
Thanks!
Just inherited a 4 server setup -- 1 DC (2008 R2), 1 Terminal Server, 1 App server and 1 SQL server. Only the DC has an outside IP address, plus and inside (192.168.1.50). The other servers are all addressed locally, 192.168.1.110 - 112. The Router address is 192.168.1.1.
My question -- this was previously set up so the three inside servers had a DNS 1 pointing to the router (192.x.x.1) and DNS 2 pointing to the DC, which is hosting DNS (192.x.x.50). In the past, I would only use DNS1 pointing to the router on all servers and workstations -- is there an advantage to setting up my DNS to read both IP addresses? If so, what order?
Thanks!
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I would have them all pointing to the DNS server then the router (2nd DNS to router is debatable). Then on the DNS server have a dns forwarders set to googles DNS (8.8.8.8 and 8.8.4.4), your ISP's DNS, or another.
DNS forwarder:
http://technet.microsoft.com/en-us/library/cc754941.aspx
DNS forwarder:
http://technet.microsoft.com/en-us/library/cc754941.aspx
You would think the router would have the outside address, acting like a gateway. What kind of router? I would just use the DC for DNS.
Thanks for the comments guys -- Bill I was using the word router and meant gateway. Our gateway has the leased IP plus outside DNS servers on the WAN and 192.168.1.1 for the LAN.
JR -- am i right in saying you think I should have my workstation and servers point to the inside address of the DC hosting DNS rather than pointing it to the GW?
JR -- am i right in saying you think I should have my workstation and servers point to the inside address of the DC hosting DNS rather than pointing it to the GW?
Windows does not use the second DNS server, unless the first does not respond at all. If the first DNS server is the router, and if it fails no Internet connection will be available. A secondary DNS does not make sense (in regard of Internet).
In a Domain you should always use a DC as DNS server. This also has the advantage that the DC can act as a DNS proxy, caching resolved names. In that setup the secondary DNS might be the router, to still allow for (delayed) DNS resolution of Internet addresses even if the DC is offline for some reason. If another DC were available, I would use that as secondary DNS.
In a Domain you should always use a DC as DNS server. This also has the advantage that the DC can act as a DNS proxy, caching resolved names. In that setup the secondary DNS might be the router, to still allow for (delayed) DNS resolution of Internet addresses even if the DC is offline for some reason. If another DC were available, I would use that as secondary DNS.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial