Solved

DNS - use Internal or External (performance)

Posted on 2016-10-14
6
44 Views
Last Modified: 2016-10-25
Hi
Can someone help me gauge whether or not its best to use internal DNS servers or use say the ISP DNS servers?
We are using internal, 4x DCs with DNS on over two sites recently performance of internet has dropped.  Not sure if this is o365 related or not either, however when a DC goes offline it causes much issue and takes a lot of time for logons to work etc.
Wondered if pointing DNS externally will help with the above or anything else?
thanks
0
Comment
Question by:CHI-LTD
  • 3
  • 2
6 Comments
 
LVL 20

Accepted Solution

by:
CompProbSolv earned 250 total points
ID: 41843369
Are you asking if local workstations should use the local DCs or your ISP DNS servers for DNS?  Definitely the local DCs.  The primary reason is that your ISPs DNS servers won't know how to resolve local addresses which will cause you no end of problems.

You can configure the DNS servers in your local DCs to use the ISP DNS servers for forwarding if those servers seem reasonable.
0
 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41843378
Logon problems means issues with your dc's.  What kind of problems do you have when a particular dc goes offline? How many sites do you have and how are the dc's distributed amongst the sites. Are sites properly defined and have you checked dc and replication health.
0
 
LVL 1

Author Comment

by:CHI-LTD
ID: 41843394
ok will leave clients pointing to local dcs.
will give server dns changes some more thought.

So if one DC was offline for maintenance other servers (not sure about clients) would say there are no logon servers to process account (or similar) but there is still one other DC available.  

I have 4x DCs.  2x at site a and 2 at site b.

The clients point to site a and also have the site b in the tcpip settings, but down the list.

dcdiag reports fine
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 
LVL 6

Expert Comment

by:Niten Kumar
ID: 41843400
Can you type set at command prompt on the machines that cause logon problems and check what is displayed under logon server
0
 
LVL 6

Assisted Solution

by:Niten Kumar
Niten Kumar earned 250 total points
ID: 41843401
The computers at site b should output the one of the dcs at site b as the logon server. Likewise for site a.
0
 
LVL 1

Author Closing Comment

by:CHI-LTD
ID: 41858303
let using local, but may look at pointing internal DNS servers to Google.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This article runs through the process of deploying a single EXE application selectively to a group of user.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question