Solved

tcpip settings on a DNS server

Posted on 2014-11-13
6
321 Views
Last Modified: 2014-11-13
May I please have a definitive answer to something that confuses me?

When I am setting up a DNS server on an active directory network, and I assign it its static ip address, what should I put in the preferred and alternate DNS fields? I am fairly sure I need to put the DNS server's static ip in the preferred, but I've read conflicting information about what goes in the alternate
0
Comment
Question by:twinstead
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 500 total points
ID: 40440426
It depends on the number of servers you have.  The conflicting information most likely stems from this question, how does my DNS system work to ensure that if DNS is down, clients are able to successfully get current information.

This is where Active Directory plays it's part to ensure that DNS server don't *end up on an island*, so to speak.  With AD integrated DNS zones, DNS server get their updates from AD.  So the issue about have a DNS server reference a secondary/tertiary server as it's primary DNS sources is moot.

Microsoft recommends that DNS servers list, themselves as Primary and then a Secondary/Tertiary(/Quarnary if you want to be so bold) server as the Secondary server.  You can also fill out the list in the TCP/IP advanced settings with additional servers.

-saige-
0
 
LVL 3

Expert Comment

by:Wes Fields
ID: 40440432
The Microsoft way of doing things would be:

Main DNS: (the local host)
Second DNS: (WAN DNS)

This is how we setup static IP's on our corporate networks.  If the local DNS server goes down(server stops, etc) then you can still resolve externally from this server.

I have read many articles like you that flip flop back and forth but I haven't had any issues using the above method. I am sure other have used different methods but this is just my 2 cents!

Hope it helps!
0
 
LVL 43

Expert Comment

by:Amit
ID: 40440433
DNS is AD integrated? Best practice to give its own IP address ad Preferred and alternate you can give any nearest server. Could be in LAN.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 34

Expert Comment

by:it_saige
ID: 40440445
Sorry Amit, DNS *Zones* are (or at least have the functionality to be) AD integrated.  My fingers flew through that part.  LOL

Understanding DNS Zone Replication in Active Directory Domain Services

-saige-
0
 
LVL 43

Expert Comment

by:Amit
ID: 40440485
Keep server IP as preferred one.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 40440508
If you only have one DNS server leave the alternate empty.

ON NO ACCOUNT MUST YOU PLACE AN EXTERNAL DNS SERVER IN EITHER.

The reason for this is the way DNS works. Clients will query the preferred DNS server to resolve names on the local AD Domain, the DNS server will then provide the information to the client. If the name cannot be resolved internally then the DNS server will use forwarders or root hints. The alternate DNS server is never used if the preferred DNS server responds (even if the response is that the target cannot be resolved).

However, If the preferred DNS server fails to respond at all in a timely fashion, (DNS sever busy, peak network traffic, drop-out etc), then the client will switch allegiance to the alternate DNS server. The alternate DNS server then becomes the preferred.

If this happens and clients start using an external DNS server then all future requests for internal name resolution will fail as the external DNS server knows nothing about your AD Domain network.  Since DNS resolution is fundamental to AD, then AD will also ultimately fail.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Find out what you should include to make the best professional email signature for your organization.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question