Link to home
Start Free TrialLog in
Avatar of Tiras25
Tiras25Flag for United States of America

asked on

Separate DNS zone for wifi network?

I have an idea to create a separate DNS zone for the wifi network.  Segregation would help with administration and management.
 Does anyone do that already and does it help?  Has any benefits?
My concern is the lag maybe longer when moving laptops from wired to wifi network I think. Any other concerns?
 Please advice.  Thank you!
Avatar of John
John
Flag of Canada image

For corporate wireless machines we use the same setup as wired. This does not cause any issue. We keep most phones on a separate guest network. Again no issues.

This is for small to medium size businesses
Avatar of Tiras25

ASKER

Thanks for sharing.

Concerns I have is a connectivity between networks.  If all computers roaming the Wi-Fi are on the same network, then having them on separate DNS zones will cause confusion in the network, and possible lagging from wired to wifi network.  
I want to see other network gents opinions and how they avoid these issues.  Along with benefits and drawback for such design.
then having them on separate DNS zones will cause confusion in the network, and possible lagging from wired to WIFI network.

I have not seen that. Some computers (like my own) do not conveniently have a wired connection and work the same way as wired counterparts.  

Let's see what others say.
Avatar of Steve
Not sure we understand your reasons for splitting DNS between wired and wireless.
Do they both access the same systems/servers or are you hoping to restrict the WIFI users' access by limiting their DNS?
In my case, and as noted above, wireless-only computers access the same systems/servers and cannot be restricted by DNS because they perform the same corporate functions as their wired counterparts.
Avatar of Tiras25

ASKER

Hi Steve, there was a case where a mobile device (phone)and a wired computer were stealing each other's host name.  I think it might be just a one-off.  But the idea is to create DNS suffix to make sure that if two devices have the same hostname one on wired one on wireless that it wouldn't affect the wired one.
there was a case where a mobile device (phone)and a wired computer were stealing each other's host name.  I think it might be just a one-off.

Did you change the mobile device name?   I haven't seen this, so I expect what you saw was just one event.
this does seem a little odd. hostname duplicates are very rare and even more so with a mobile.
It is theoretically possible though if your hostnames are words that could be used elsewhere.

It seems having separate DNS zones is a workaround rather than a solution and a pretty complicated one at that. Cosider if having a separateDNS zone would stop WIFI devices resolve/access systems on your network that the need to contact?

if your PCs have hostnames that could easily be used by another device, i'd say your hostname convention is the thing to look at and fix.

E.G. if your PCs are all named using a convention EEDSK001 for example (EE for Experts Exchange, DSK for desktop, 001 for the last 3 digits of the serial number) it's very very unlikely anyone's phone would have the same name.
Avatar of Tiras25

ASKER

Thanks Steve.  I think besides the phones the users have a liberty changing their own hostnames on macs and ubuntus.  
Any way to restrict that?  This is what happened.
ASKER CERTIFIED SOLUTION
Avatar of Steve
Steve
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I have an idea to create a separate DNS zone for the Wi-Fi network.

I think you have excluded high powered computers like mine that only use wireless.  These will become ever more common

Steve wrote:  "A separate DHCP scope for WIFI is fairly standard"

Even isolating regular users like this does not seem to be a good idea.

it's a user issue. you may need a policy stating users shouldn't do it     <-- Agree