• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 617
  • Last Modified:

Which DNS server IP address comes first?

I have been told that a Windows DNS server should have itself as a DNS server, and another DNS server on the network should also be entered as a DNS server. So if you have two Windows 2008 DNS servers on your network, lets say they are



for DNS-A, which of the above IP addresses should be set as DNS server#1 and which should be DNS server #2? If you have web links, please post. Thanks much.
5 Solutions
Best practice is to set a DIFFERENT server for your primary DNS and then the actual IP of the server itself as secondary (or however many other DNS servers you have, put the local one last).

However, that hasn't ACTUALLY been an issue since Windows 2000 (it was originally to prevent DNS as an island). I would still do it like that if you have no reason to do otherwise. Simply because anyone else looking at it will probably go off the original best practices as well.

More here:

Mike KlineCommented:
So DNS A would have DNSB first then DNSA second.  and vice versa for DNSB.

See this question I helped with...I didn't want to type's Ned's excellent quote again



Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
1.If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers.
2.If at all possible on a DC, client DNS should point to another DNS server as primary and itself as secondary or tertiary. It should not point to self as primary due to various DNS islanding and performance issues that can occur. (This is where the arguments usually start)
3.When referencing a DNS server on itself, a DNS client should always use a loopback address and not a real IP address.

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Recently we had an engagement with Microsoft for Active Directory health check (ADRAP) and Microsoft now recommends that the DC should have the primary DNS pointing to itself and secondary to another DC.  When Windows Server 2000 was released, it was the reverse and there was no real recommendation with Windows Server 2003.  With the release of 2008, they have changed their recommendation to have DC pointing to itself for primary DNS.
SandeshdubeySenior Server EngineerCommented:
Best practices for DNS client settings on DC and domain members.
bobox00Author Commented:
There seems to be no fixed answer, but I find the information below, useful:

"You’ll find much shorter system start-up times when the DNS client (configured in the NIC properties) is set to use DNS servers other than itself. If you only have two domain controllers, you really have no choice but to use yourself for DNS, but do that as the secondary DNS server, and use the other DC as the primary. As long as you do not reboot them both at the same time, you should be just fine."


The primary reason to configure a different DNS server first on each network adapter is to avoid delays when booting up.

bobox00Author Commented:
Thanks everyone!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now