Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

My DNS.  Is it set up correctly, looking for Errors and Ommisions

Posted on 2014-03-04
3
Medium Priority
?
159 Views
Last Modified: 2014-03-04
I have a Proxy Server that directs all of my traffic to the internet, it has its DNS set to 4 different numbers, two from my internet provider, and two from Google.  Works all the time.

I have three domain servers, none of them are DNS Servers, and all have their DNS supplied by the Proxy Above.  They get Internet, and can see workstations on their network.

My workstations have an IP address linking them to one of the Domains, and their gateway points to the Proxy above.

And their DNS is the Proxy above, and then the secondary DNS points to the Server of their Domain.

I am wondering, should I have them get their DNS from the Server of their domain, that in turn directs them to the Proxy for Internet resolution?  (making each domain server a DNS server), should I use host files to reduce usage of the DNS for internal connectivity?

So, I guess what I am really asking, What should the preferred DNS server, and the Alternate DNS server be on the following:

Domain Server (with an Internet Proxy Server)
Workstation (With a Domain Server, and an Internet Proxy Server)

And should I have an internal DNS server?
0
Comment
Question by:Eric_Where_am_I
  • 2
3 Comments
 
LVL 14

Expert Comment

by:luconsta
ID: 39903356
I assume that you "proxy server" is supplying the information to the clients because is also a DHCP server (this way it can supply clients along the IP address some other info as DNS server and gateway).

When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

Then you could configure that internal DNS server to send requests out to another DNS servers for the domains outside local network, and the client must point only to that local DNS server that will act as a "DNS proxy" for the client and ask whatever external DNS you'll configure (for example you could forward them to Google's DNS if that's you prefer, otherwise it will check for "root hints" to find the other domains).

If you have multiple internal DNS servers, is better to be AD integrated to benefit from the AD replication, you clients will connect only to this internal DNS servers that will query the world in their names. For more information see Using Forwarders.

There is no problem in setting the client with a single DNS server if the company is very small but is not recommended to rely on a single DC/DNS server.
0
 
LVL 1

Author Comment

by:Eric_Where_am_I
ID: 39903860
When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

First of all THANKS.   Regarding this line above, would having my clients use the AD DNS as primary OR secondary be ok?
0
 
LVL 14

Accepted Solution

by:
luconsta earned 2000 total points
ID: 39904065
If you don't have a second internal DNS server is ok to leave the "Secondary DNS" blank so the clients will have only one DNS server.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question