Solved

My DNS.  Is it set up correctly, looking for Errors and Ommisions

Posted on 2014-03-04
3
153 Views
Last Modified: 2014-03-04
I have a Proxy Server that directs all of my traffic to the internet, it has its DNS set to 4 different numbers, two from my internet provider, and two from Google.  Works all the time.

I have three domain servers, none of them are DNS Servers, and all have their DNS supplied by the Proxy Above.  They get Internet, and can see workstations on their network.

My workstations have an IP address linking them to one of the Domains, and their gateway points to the Proxy above.

And their DNS is the Proxy above, and then the secondary DNS points to the Server of their Domain.

I am wondering, should I have them get their DNS from the Server of their domain, that in turn directs them to the Proxy for Internet resolution?  (making each domain server a DNS server), should I use host files to reduce usage of the DNS for internal connectivity?

So, I guess what I am really asking, What should the preferred DNS server, and the Alternate DNS server be on the following:

Domain Server (with an Internet Proxy Server)
Workstation (With a Domain Server, and an Internet Proxy Server)

And should I have an internal DNS server?
0
Comment
Question by:Eric_Where_am_I
  • 2
3 Comments
 
LVL 14

Expert Comment

by:luconsta
ID: 39903356
I assume that you "proxy server" is supplying the information to the clients because is also a DHCP server (this way it can supply clients along the IP address some other info as DNS server and gateway).

When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

Then you could configure that internal DNS server to send requests out to another DNS servers for the domains outside local network, and the client must point only to that local DNS server that will act as a "DNS proxy" for the client and ask whatever external DNS you'll configure (for example you could forward them to Google's DNS if that's you prefer, otherwise it will check for "root hints" to find the other domains).

If you have multiple internal DNS servers, is better to be AD integrated to benefit from the AD replication, you clients will connect only to this internal DNS servers that will query the world in their names. For more information see Using Forwarders.

There is no problem in setting the client with a single DNS server if the company is very small but is not recommended to rely on a single DC/DNS server.
0
 
LVL 1

Author Comment

by:Eric_Where_am_I
ID: 39903860
When talking about an active directory infrastructure, there ALWAYS be an internal DNS in place and clients MUST connect only to the internal DNS server to avoid AD problems.

First of all THANKS.   Regarding this line above, would having my clients use the AD DNS as primary OR secondary be ok?
0
 
LVL 14

Accepted Solution

by:
luconsta earned 500 total points
ID: 39904065
If you don't have a second internal DNS server is ok to leave the "Secondary DNS" blank so the clients will have only one DNS server.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question