We help IT Professionals succeed at work.

DNS Config Windows Server with SAN connectivity

112 Views
Last Modified: 2019-03-04
This is a Windows DNS Server question.

On the windows server that has the DNS role, this server connects to a SAN as well. So basically the server has 8 nic ports. 4 are teamed for the windows environment, and the other 4 ports are used for multipath to the SAN.

So in the dns config section i go to the properties tab of the dns server. On the interface tab it shows 5 ips. The 1 that entails my windows team, and then the 4 that go to the san. I unchecked all of the SAN ips since my clients were associating this san ip to the server when looking for a logon server etc.. However when i uncheck all my san ips that goofy self test it does on the monitoring tab always says it fails.

However when i put in this server to my laptops static dns list it seems to work fine for web, browsing pc names on the network. I even flushed all the caches locally and on the server to make sure.

Does it matter if the monitor tab fails? If i put all my san ips back in under interfaces it passes, but then the server advertises these address on my network as a way to get to it which is wrong obviously. I am content with not worrying about the monitoring tab if this is normal for people who have had a server running dns server which also connected to a san.

Any comments or suggestions welcome. Thanks!
Comment
Watch Question

Adam BrownCloud Security Consultant
CERTIFIED EXPERT
Top Expert 2010

Commented:
You'll want to make sure the server is pointing to itself or a secondary DC for DNS. This is an absolute necessity for an AD server. The monitoring tests run using the DNS settings of the NIC, and you will want to make sure the SAN NICs are not set to use DNS and that they are not registering themselves in the DNS Forward Lookup Zone (Look at your domain FLZ and see if the NIC IPs are associated with an A record that points to the DC. If the SAN NIC IPs show in there, you need to remove those records and reconfigure the NICs not to register themselves in DNS)

To configure the SAN NICs to not register, go to the Adapter Properties screen (go to adapter settings in Control Panel's Network and Sharing center) click on IPv4 and click properties, then click Advanced, then the DNS tab and remove the checkmark next to "Register this connection's addresses in DNS" to stop that from happening.

Author

Commented:
Thanks for the info Adam. So the server had the other AD DNS server as server1 and itself as server 2 on its own nic settings.

I did disable all that register this adapter in dns for the 4 san interfaces. The thing i noticed if the san interfaces are checked on the interfaces tab of the dns properites that they register static records into dns. At first i kept deleting them and boom they would come back. Once i unchecked them from the interfaces tab on the dns config those static entries have not come back yet.

The question is now do i care that the self test on the monitoring tab fails?
kevinhsiehNetwork Engineer
CERTIFIED EXPERT

Commented:
A DC will pretty much always register all of its IP addresses in DNS...unless you block that by deleting all of the dynamic DNS entries and put in a static DNS entry for the server in DNS. This prevents the additional addresses from getting dynamically registered in DNS. I do this for my Hyper-V hosts all the time. Very easy.

Author

Commented:
Yes i kept deleting the san ip entries and it said they were static entered, and as soon as i refreshed the server they came right back. The only thing that kept them from coming back was un-clicking them as i described on the interfaces tab on the dns config.

Can anyone expand on my main question - do i really need to be concerned about the monitor tab self tests not working?
Adam BrownCloud Security Consultant
CERTIFIED EXPERT
Top Expert 2010

Commented:
No. But you do need to be concerned about the SAN ips registering in DNS as A records for the DC. That will break AD very fast.
Senior Information Technology Consultant
CERTIFIED EXPERT
Awarded 2019
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.