DNS Config Windows Server with SAN connectivity

This is a Windows DNS Server question.

On the windows server that has the DNS role, this server connects to a SAN as well. So basically the server has 8 nic ports. 4 are teamed for the windows environment, and the other 4 ports are used for multipath to the SAN.

So in the dns config section i go to the properties tab of the dns server. On the interface tab it shows 5 ips. The 1 that entails my windows team, and then the 4 that go to the san. I unchecked all of the SAN ips since my clients were associating this san ip to the server when looking for a logon server etc.. However when i uncheck all my san ips that goofy self test it does on the monitoring tab always says it fails.

However when i put in this server to my laptops static dns list it seems to work fine for web, browsing pc names on the network. I even flushed all the caches locally and on the server to make sure.

Does it matter if the monitor tab fails? If i put all my san ips back in under interfaces it passes, but then the server advertises these address on my network as a way to get to it which is wrong obviously. I am content with not worrying about the monitoring tab if this is normal for people who have had a server running dns server which also connected to a san.

Any comments or suggestions welcome. Thanks!
LVL 7
valmaticAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Adam BrownSenior Systems AdminCommented:
You'll want to make sure the server is pointing to itself or a secondary DC for DNS. This is an absolute necessity for an AD server. The monitoring tests run using the DNS settings of the NIC, and you will want to make sure the SAN NICs are not set to use DNS and that they are not registering themselves in the DNS Forward Lookup Zone (Look at your domain FLZ and see if the NIC IPs are associated with an A record that points to the DC. If the SAN NIC IPs show in there, you need to remove those records and reconfigure the NICs not to register themselves in DNS)

To configure the SAN NICs to not register, go to the Adapter Properties screen (go to adapter settings in Control Panel's Network and Sharing center) click on IPv4 and click properties, then click Advanced, then the DNS tab and remove the checkmark next to "Register this connection's addresses in DNS" to stop that from happening.
valmaticAuthor Commented:
Thanks for the info Adam. So the server had the other AD DNS server as server1 and itself as server 2 on its own nic settings.

I did disable all that register this adapter in dns for the 4 san interfaces. The thing i noticed if the san interfaces are checked on the interfaces tab of the dns properites that they register static records into dns. At first i kept deleting them and boom they would come back. Once i unchecked them from the interfaces tab on the dns config those static entries have not come back yet.

The question is now do i care that the self test on the monitoring tab fails?
kevinhsiehCommented:
A DC will pretty much always register all of its IP addresses in DNS...unless you block that by deleting all of the dynamic DNS entries and put in a static DNS entry for the server in DNS. This prevents the additional addresses from getting dynamically registered in DNS. I do this for my Hyper-V hosts all the time. Very easy.
Get a highly available system for cyber protection

The Acronis SDI Appliance is a new plug-n-play solution with pre-configured Acronis Software-Defined Infrastructure software that gives service providers and enterprises ready access to a fault-tolerant system, which combines universal storage and high-performance virtualization.

valmaticAuthor Commented:
Yes i kept deleting the san ip entries and it said they were static entered, and as soon as i refreshed the server they came right back. The only thing that kept them from coming back was un-clicking them as i described on the interfaces tab on the dns config.

Can anyone expand on my main question - do i really need to be concerned about the monitor tab self tests not working?
Adam BrownSenior Systems AdminCommented:
No. But you do need to be concerned about the SAN ips registering in DNS as A records for the DC. That will break AD very fast.
Sean BravenerSenior Information Technology ConsultantCommented:
to answer your original question, no you don't really need to worry about the self test.

to stop the nics from registering themselves in DNS, open up the IPv4 properties in the nic control panel.  click advanced then click the DNS tab.
down at the bottom there is a checkbox you need to clear titled "register this connection's address in DNS"  that should prevent re registering of the nic.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.