Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!
Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!
Act now. This offer ends July 14, 2017.
Course Of The Month
5 days, 23 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Question about creating a DNS load balance between domain controllers
Posted on 2012-12-29
Hi,
A small background before my question :) -
I had a need to create a load balance service name between all the domain controllers, i know i could use the default domain name instead, but it had connections to other servers except for the domain controllers.
So....
since i can't create the same multiple dns host to multiple servers i created a new subdomain and had all the domain controller's IP name SAME AS PARENT...so all would get the same DNS name of the new subdomain, hence creating a DNS Load Balance.
Here's my question though, how does it work? is it round robin? who answers first? the dc the computer is connected to or the DNS the computer is connected to?
AND the most important factor what if one of the domain controllers isn't available, will the be a timeout? or will the query never reach it in the first place?
A small background before my question :) -
I had a need to create a load balance service name between all the domain controllers, i know i could use the default domain name instead, but it had connections to other servers except for the domain controllers.
So....
since i can't create the same multiple dns host to multiple servers i created a new subdomain and had all the domain controller's IP name SAME AS PARENT...so all would get the same DNS name of the new subdomain, hence creating a DNS Load Balance.
Here's my question though, how does it work? is it round robin? who answers first? the dc the computer is connected to or the DNS the computer is connected to?
AND the most important factor what if one of the domain controllers isn't available, will the be a timeout? or will the query never reach it in the first place?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
2
7 Comments
If all your DC's are running DNS then all you need to do is list all of he DC's IP addresses in the NIC cards DNS settings on all machines. Windows will take care of the rest. No need for ANY load balancing, round robbins or square ones.
I didn't understand how this will create a load balance?
my need is to ping a name for example (dns.company.com) and have a redundancy (perhaps i should have used that therm instead of the load balance since it explains my needs better) between all domain controllers.
my need is to ping a name for example (dns.company.com) and have a redundancy (perhaps i should have used that therm instead of the load balance since it explains my needs better) between all domain controllers.
I have several applications that connect to Active Directory using LDAP directly to a Domain controller server, i don't want to give them the name of 1 domain controller since if it's down then the service is down, so....i want to create a DNS alias name to hold behind it all available DC's
Active 1 day ago
I'll get the easy part out of the way first:
To answer the question, there's no true load-balancing mechanism built into DNS. Round-robin DNS does load balancing only on the most basic level; it doesn't care whether a given server is down and will return its IP address anyway. Network Load Balancing (NLB) is outage-aware, but I can't think of a way to make it work in this scenario. If those apps that you're running are AD-aware, they should be able to use AD's built-in mechanisms to locate a DC that's running. Have you actually experienced problems with them?
Here's my question though, how does it work? is it round robin? who answers first? the dc the computer is connected to or the DNS the computer is connected to?Yes, it's round-robin by default. You can disable round-robin in the properties pages of the DNS servers (under the Advanced tab, I believe), but there's typically no reason to do this. So the first time a DNS server is queried for that name, it'll return the IP address of the first corresponding host record. The second time it's queried, it'll return the second one, etc. It should be mentioned that you won't see this exact behavior on a client. Multiple queries for the same name from a single client will return the same IP address for a while, because the client will have that address in its resolver cache and won't actually query a DNS server until the cached record expires or the entire cache is flushed.
i know i could use the default domain name instead, but it had connections to other servers except for the domain controllers.Are you saying you've got blank host records in DNS (host records with the name "same as parent folder") referring to machines other than domain controllers? If so, that's a problem. Those records are used by domain members to locate a DC, and they shouldn't ever refer to anything but DCs.
To answer the question, there's no true load-balancing mechanism built into DNS. Round-robin DNS does load balancing only on the most basic level; it doesn't care whether a given server is down and will return its IP address anyway. Network Load Balancing (NLB) is outage-aware, but I can't think of a way to make it work in this scenario. If those apps that you're running are AD-aware, they should be able to use AD's built-in mechanisms to locate a DC that's running. Have you actually experienced problems with them?
Featured Post
Managing Active Directory can get complicated. Often, the native tools for managing AD are just not up to the task. The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory.
If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008.
Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month5 days, 23 hours left to enroll
Earn Certification
MCSA Configuring Windows 7 Exam 70-680
$49.00$44.10
705 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.