Albert Widjaja
asked on
Static DNS server setting best practice ?
Hi,
I’d like to know what is the best way to assign Primary and Secondary DNS server in a large enterprise?
Where the majority of the servers are located in Data Centre AD site and all of the workstations are in Head Office AD site. The AD topology is just single AD domain forest.
Note: There are some more DC/DNS server in both sites above but they are to be decommissioned due to old Win2003 box.
So what is the best recommended configuration for the Server DNS setting and the work station DNS settings based on three AD integrated DNS above on both AD sites ?
I’d like to know what is the best way to assign Primary and Secondary DNS server in a large enterprise?
Where the majority of the servers are located in Data Centre AD site and all of the workstations are in Head Office AD site. The AD topology is just single AD domain forest.
Data Center building (AD Site: Data_Center) ~ 350 Windows servers:
PRODDC01-VM (AD Domain Controller, DNS Server)
PRODDC03-VM (AD Domain Controller, DNS Server)
Head Quarter building (AD Site: HQ) ~ 250 Windows workstations:
HQDC01 (AD Domain Controller, DNS Server, DHCP Server)
Note: There are some more DC/DNS server in both sites above but they are to be decommissioned due to old Win2003 box.
So what is the best recommended configuration for the Server DNS setting and the work station DNS settings based on three AD integrated DNS above on both AD sites ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
is there any harm in mixing the DNS between the different AD sites ?
Harm? No.
You may be over-thinking this. The clients should just be getting their DNS settings from the DHCP service. DNS traffic is a relatively trivial fraction of the overall traffic that a client generates, so -- as long as your DNS servers are in agreement -- it's not all that important that some clients, some of the time, look across the WAN link to resolve names within your domain. You _do_ want to give the clients more than one DNS server address, since things will tend to grind to a halt if that one DNS server happens to go unavailable for some reason.
You may be over-thinking this. The clients should just be getting their DNS settings from the DHCP service. DNS traffic is a relatively trivial fraction of the overall traffic that a client generates, so -- as long as your DNS servers are in agreement -- it's not all that important that some clients, some of the time, look across the WAN link to resolve names within your domain. You _do_ want to give the clients more than one DNS server address, since things will tend to grind to a halt if that one DNS server happens to go unavailable for some reason.
ASKER
Ah ok, thanks for the clarification Jim !
ASKER