Best practice for Pri and Alt DNS settings for multiple site with ADI
Hi
Just wanted to know the best configuration for DNS Primary and Alternate DNS settings in DCs in second/third logical site
Set up:
One local Domain, 3 physical sites, 2 Domain controllers in each site (All Domain controllers set as Global Catalogues, & DNS (Active Directory integrated zone))
Active Directory subnetted into 3 logical sites.
Site one:
Server 1 192.168.0.1 DNS Pri 192.168.0.2 Alt DNS 127.0.0.1
Server 2 192.168.0.2 DNS Pri 192.168.0.1 Alt DNS 127.0.0.1
Site two:
Server 1 192.168.1.1 DNS Pri 192.168.1.2 or 192.168.0.1 Alt DNS 127.0.0.1
Server 2 192.168.1.2 DNS Pri 192.168.1.1 or 192.168.0.1 Alt DNS 127.0.0.1
Site three:
Server 1 192.168.2.1 DNS Pri 192.168.2.2 or 192.168.0.1 Alt DNS 127.0.0.1
Server 2 192.168.2.2 DNS Pri 192.168.2.1 or 192.168.0.1 Alt DNS 127.0.0.1
Question:
For site Two, Would I set the Pri DNS on the first domain controller to site Two's second domain controller, or would I set it to site one's first DC?
Same applies for site Three
Just wanted to know the best configuration for DNS Primary and Alternate DNS settings in DCs in second/third logical site
Set up:
One local Domain, 3 physical sites, 2 Domain controllers in each site (All Domain controllers set as Global Catalogues, & DNS (Active Directory integrated zone))
Active Directory subnetted into 3 logical sites.
Site one:
Server 1 192.168.0.1 DNS Pri 192.168.0.2 Alt DNS 127.0.0.1
Server 2 192.168.0.2 DNS Pri 192.168.0.1 Alt DNS 127.0.0.1
Site two:
Server 1 192.168.1.1 DNS Pri 192.168.1.2 or 192.168.0.1 Alt DNS 127.0.0.1
Server 2 192.168.1.2 DNS Pri 192.168.1.1 or 192.168.0.1 Alt DNS 127.0.0.1
Site three:
Server 1 192.168.2.1 DNS Pri 192.168.2.2 or 192.168.0.1 Alt DNS 127.0.0.1
Server 2 192.168.2.2 DNS Pri 192.168.2.1 or 192.168.0.1 Alt DNS 127.0.0.1
Question:
For site Two, Would I set the Pri DNS on the first domain controller to site Two's second domain controller, or would I set it to site one's first DC?
Same applies for site Three
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Assuming all DC's are also DNS and you're running AD Integrated, DC's should point to themselves for primary DNS lookups. Secondary can be the other DC in the site.... butttt I cannot think of a scenario where having a secondary DNS server specified actually be of some benefit. The loopback address on the DC should be sufficient and if the DNS service fails, then you're going to have issues that you need to deal with. Not sure what you gain by having the DC able to failover to another DNS server.
First off never point the loopback address as primary on a DC to itself. Always use the IP address. If you have 2 DC's per site then it should look like this....
It really comes down to personal perference when you are pointing DNS Primary to itself or another DC in the site. There are benefits to both. However I would recommending using the IP Address of the local DC as primary and secondary use the Other DC in the site.
In your case you have 3 sites total so what I would do is have a one DC from each site as 3rd and 4th DNS entries on the DC's in Site and. (the same concept goes for the DC's in sites 2 and 3).
Example below...
Site 1
DC1 - DNS = Pri 192.168.0.1, Sec 192.168.0.2, 3rd 192.168.1.1, 4th 192.168.2.1
DC2 - DNS = Pri 192.168.0.2, Sec 192.168.0.1, 3rd 192.168.1.1, 4th 192.168.2.1
Site 2
DC3 - DNS = Pri 192.168.1.1, Sec 192.168.1.2, 3rd 192.168.0.1, 4th 192.168.2.1
DC4 - DNS = Pri 192.168.1.2, Sec 192.168.1.1, 3rd 192.168.0.1, 4th 192.168.2.1
etc....
Most importantly you are going to want to setup your DHCP clients in the same fasion. This way if the both DC's are not online at all they will query DNS against the DC's using the 3rd and 4th DNS entries which will allow the clients to configure to authenticate and operate on the domain.
Will.
It really comes down to personal perference when you are pointing DNS Primary to itself or another DC in the site. There are benefits to both. However I would recommending using the IP Address of the local DC as primary and secondary use the Other DC in the site.
In your case you have 3 sites total so what I would do is have a one DC from each site as 3rd and 4th DNS entries on the DC's in Site and. (the same concept goes for the DC's in sites 2 and 3).
Example below...
Site 1
DC1 - DNS = Pri 192.168.0.1, Sec 192.168.0.2, 3rd 192.168.1.1, 4th 192.168.2.1
DC2 - DNS = Pri 192.168.0.2, Sec 192.168.0.1, 3rd 192.168.1.1, 4th 192.168.2.1
Site 2
DC3 - DNS = Pri 192.168.1.1, Sec 192.168.1.2, 3rd 192.168.0.1, 4th 192.168.2.1
DC4 - DNS = Pri 192.168.1.2, Sec 192.168.1.1, 3rd 192.168.0.1, 4th 192.168.2.1
etc....
Most importantly you are going to want to setup your DHCP clients in the same fasion. This way if the both DC's are not online at all they will query DNS against the DC's using the 3rd and 4th DNS entries which will allow the clients to configure to authenticate and operate on the domain.
Will.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial