My DNS. Is it set up correctly, looking for Errors and Ommisions

Eric DeLong
Eric DeLong used Ask the Experts™
on
I have a Proxy Server that directs all of my traffic to the internet, it has its DNS set to 4 different numbers, two from my internet provider, and two from Google.  Works all the time.

I have three domain servers, none of them are DNS Servers, and all have their DNS supplied by the Proxy Above.  They get Internet, and can see workstations on their network.

My workstations have an IP address linking them to one of the Domains, and their gateway points to the Proxy above.

And their DNS is the Proxy above, and then the secondary DNS points to the Server of their Domain.

I am wondering, should I have them get their DNS from the Server of their domain, that in turn directs them to the Proxy for Internet resolution?  (making each domain server a DNS server), should I use host files to reduce usage of the DNS for internal connectivity?

So, I guess what I am really asking, What should the preferred DNS server, and the Alternate DNS server be on the following:

Domain Server (with an Internet Proxy Server)
Workstation (With a Domain Server, and an Internet Proxy Server)

And should I have an internal DNS server?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
I assume that you "proxy server" is supplying the information to the clients because is also a DHCP server (this way it can supply clients along the IP address some other info as DNS server and gateway).

When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

Then you could configure that internal DNS server to send requests out to another DNS servers for the domains outside local network, and the client must point only to that local DNS server that will act as a "DNS proxy" for the client and ask whatever external DNS you'll configure (for example you could forward them to Google's DNS if that's you prefer, otherwise it will check for "root hints" to find the other domains).

If you have multiple internal DNS servers, is better to be AD integrated to benefit from the AD replication, you clients will connect only to this internal DNS servers that will query the world in their names. For more information see Using Forwarders.

There is no problem in setting the client with a single DNS server if the company is very small but is not recommended to rely on a single DC/DNS server.
Eric DeLongDirector of Information Tech

Author

Commented:
When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

First of all THANKS.   Regarding this line above, would having my clients use the AD DNS as primary OR secondary be ok?
If you don't have a second internal DNS server is ok to leave the "Secondary DNS" blank so the clients will have only one DNS server.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial