My organization has a SonicWALL TZ600 firewall and two Server 2016 servers with the DNS role that handle DNS for our organization.
A previous IT administrator setup the SonicWALL TZ600 firewall so that it dynamincally assigns IP addresses to the Windows 10 client computers and assigns the following DNS server addresses:
172.16.0.26 (the static IP address of one of the Server 2016 domain controllers)
Two other IP addresses are also assigned:
The reason that these public DNS server addresses are being used and we aren't using the DNS server IP addresses associated with our ISP is because we have a primary ISP and a fail over ISP connected to our firewall. That way if the primary ISP goes down then the secondary ISP will pick up in its place until the primary ISP comes back online. This is important since we have had several times where our primary ISP has gone offline.
However, I have been told in other postings here
that the two DNS server addresses of 220.127.116.11 & 18.104.22.168 shouldn't be assigned to the Windows 10 client computers.
We need to make sure that our network is completely self sufficient so that if either one of the Server 2016 domain controllers/DNS servers go offline then the Windows 10 client computers will still be able to connect to websites on the internet even while the two servers are down.
So what is the right way to properly setup or organization's internal DNS?
Please let me know if any further information is needed.