Preferred and Secondary DNS servers on single 2012r2 DC with AD,DNS and DHCP
Hello All, I hope this isn't too easy or a repetitive question. One weak area I have is understanding how to configure DNS on a domain controller -the only DC on a network. It has the AD and DNS and we made it the DHCP server. OS is 2012r2. Let me explain what configurations I have on the server and router... We have a static IP address on a SonicWALL router, configured with the ISP DNS servers. Now - here's one possible fault... I have teamed the NICs on the server (2), just the standard options.... I think I have read somewhere that may not be a good idea on a DNS server... not sure... So the teamed NICs have the servers IP address on the LAN assigned. I have server set up to use root hint servers and no forwarders and the root hint servers are resolving. I am using the ISP primary DNS as preferred DNS server on the DC NIC (teamed), for the secondary I am using the DC's LAN IP address - versus the loopback address... I am away from the site at the moment but will go onsite soon. I have read a lot of stuff lately and its pretty diverse... meaning different opinions for similar circumstances others have had. Do I need to get rid of the ISP's DNS server in the DC LAN properties altogether? Using root hints, if it matters to next question, what would use for the Primary and Secondary DNS servers in the DC's NIC properties then? I have read - use the DC's IP address as the first (primary).... I just need an answer I can feel good about - and I will wait to be at the server before I make a change so I don't knock down the network from afar.
Errors - I run the BPA on AD and DNS and I get errors in both - the DNS seems easy to interpret - complains about the ISP external DNS server unable to resolve internal records etc... and AD is reporting issues with advertising and registering DNS records and other advertisement such as LDAP and PDC for the domain.... I think if I can get the DNS sorted out on preferred / secondary on the DC then some of this will clear up. I ran dcdiag /test:dns and got a lot of the same DNS errors reported. We migrated a Server 2003 DC to this one a couple years ago and I also have my concerns about all the stuff I still see in AD that belonged to the old 2003 server, like old SQL version entries etc... and that's another topic for later perhaps...
As for Internet access for the computers on the domain and the server - I don't see any real issues there but I do see where access shares over the network - has become spotty and I am starting with the server - clean it up and then see how shares are across the LAN. Again.... thank you for your time and assistance.
Errors - I run the BPA on AD and DNS and I get errors in both - the DNS seems easy to interpret - complains about the ISP external DNS server unable to resolve internal records etc... and AD is reporting issues with advertising and registering DNS records and other advertisement such as LDAP and PDC for the domain.... I think if I can get the DNS sorted out on preferred / secondary on the DC then some of this will clear up. I ran dcdiag /test:dns and got a lot of the same DNS errors reported. We migrated a Server 2003 DC to this one a couple years ago and I also have my concerns about all the stuff I still see in AD that belonged to the old 2003 server, like old SQL version entries etc... and that's another topic for later perhaps...
As for Internet access for the computers on the domain and the server - I don't see any real issues there but I do see where access shares over the network - has become spotty and I am starting with the server - clean it up and then see how shares are across the LAN. Again.... thank you for your time and assistance.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Put the ISP DNS entries in as forwarders, not in DNS settings
Also, use the attached file as a guide
ADDNS.xlsx
Also, use the attached file as a guide
ADDNS.xlsx
There is no use of a secondary DNS server on the DC if it isn't in the same domain, so just leave that empty. The primary is the loopback address, as you have nothing else available.
ASKER
Thanks Guys! I will try within a couple days and let you know.
ASKER
Shaun Vermaak, what am I looking at in the guide you posted?
Name IP PDCe AD Site Link Speed DNS Settings
fqf 10.0.0.1 Yes Site A Fast
qfwwf 10.0.0.2 No Site A Fast
qfwwf 10.0.0.3 No Site B Slow
wq 10.0.0.4 No Site B Slow
Name IP PDCe AD Site Link Speed DNS Settings
fqf 10.0.0.1 Yes Site A Fast
qfwwf 10.0.0.2 No Site A Fast
qfwwf 10.0.0.3 No Site B Slow
wq 10.0.0.4 No Site B Slow
ASKER
Qlemo,
My BPA results are much better. I used OpenDNS and the ISP DNS servers as forwarders. It seems browsing to external sites 'IS' quicker as well as accessing shares on the network... thanks for clearing up the mystery for me.
My BPA results are much better. I used OpenDNS and the ISP DNS servers as forwarders. It seems browsing to external sites 'IS' quicker as well as accessing shares on the network... thanks for clearing up the mystery for me.
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
Thank You!