Best practice for Pri and Alt DNS settings for multiple site with ADI

Rick_Penney used Ask the Experts™
Just wanted to know the best configuration for DNS Primary and Alternate  DNS settings in DCs in second/third logical site
Set up:
One local Domain, 3 physical sites, 2 Domain controllers in each site (All Domain controllers set as Global Catalogues, & DNS (Active Directory integrated zone))
Active Directory subnetted into 3 logical sites.

Site one:
Server 1      DNS Pri        Alt DNS
Server 2      DNS Pri       Alt DNS

Site two:
Server 1      DNS Pri  or       Alt DNS
Server 2      DNS Pri  or    Alt DNS

Site three:
Server 1      DNS Pri  or       Alt DNS      
Server 2      DNS Pri  or      Alt DNS

For site Two, Would I set the Pri DNS on the first domain controller to site Two's second domain controller, or would I set it to site one's first DC?
Same applies for site Three
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jeremy WeisingerSenior Network Consultant / Engineer

Assuming all DC's are also DNS and you're running AD Integrated, DC's should point to themselves for primary DNS lookups. Secondary can be the other DC in the site.... butttt I cannot think of a scenario where having a secondary DNS server specified actually be of some benefit. The loopback address on the DC should be sufficient and if the DNS service fails, then you're going to have issues that you need to deal with. Not sure what you gain by having the DC able to failover to another DNS server.
Senior Solution Architect
Most Valuable Expert 2015
Top Expert 2015
First off never point the loopback address as primary on a DC to itself. Always use the IP address. If you have 2 DC's per site then it should look like this....

It really comes down to personal perference when you are pointing DNS Primary to itself or another DC in the site. There are benefits to both. However I would recommending using the IP Address of the local DC as primary and secondary use the Other DC in the site.

In your case you have 3 sites total so what I would do is have a one DC from each site as 3rd and 4th DNS entries on the DC's in Site and. (the same concept goes for the DC's in sites 2 and 3).

Example below...

Site 1
DC1 - DNS = Pri, Sec, 3rd, 4th
DC2 - DNS = Pri, Sec, 3rd, 4th

Site 2
DC3 - DNS = Pri, Sec, 3rd, 4th
DC4 - DNS = Pri, Sec, 3rd, 4th


Most importantly you are going to want to setup your DHCP clients in the same fasion. This way if the both DC's are not online at all they will query DNS against the DC's using the 3rd and 4th DNS entries which will allow the clients to configure to authenticate and operate on the domain.



Many thanks for the information, very clear and easy to understand.
Much appreciated.
(Thank you also Jeremy for your reply)

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial