valmatic
asked on
DNS Config Windows Server with SAN connectivity
This is a Windows DNS Server question.
On the windows server that has the DNS role, this server connects to a SAN as well. So basically the server has 8 nic ports. 4 are teamed for the windows environment, and the other 4 ports are used for multipath to the SAN.
So in the dns config section i go to the properties tab of the dns server. On the interface tab it shows 5 ips. The 1 that entails my windows team, and then the 4 that go to the san. I unchecked all of the SAN ips since my clients were associating this san ip to the server when looking for a logon server etc.. However when i uncheck all my san ips that goofy self test it does on the monitoring tab always says it fails.
However when i put in this server to my laptops static dns list it seems to work fine for web, browsing pc names on the network. I even flushed all the caches locally and on the server to make sure.
Does it matter if the monitor tab fails? If i put all my san ips back in under interfaces it passes, but then the server advertises these address on my network as a way to get to it which is wrong obviously. I am content with not worrying about the monitoring tab if this is normal for people who have had a server running dns server which also connected to a san.
Any comments or suggestions welcome. Thanks!
On the windows server that has the DNS role, this server connects to a SAN as well. So basically the server has 8 nic ports. 4 are teamed for the windows environment, and the other 4 ports are used for multipath to the SAN.
So in the dns config section i go to the properties tab of the dns server. On the interface tab it shows 5 ips. The 1 that entails my windows team, and then the 4 that go to the san. I unchecked all of the SAN ips since my clients were associating this san ip to the server when looking for a logon server etc.. However when i uncheck all my san ips that goofy self test it does on the monitoring tab always says it fails.
However when i put in this server to my laptops static dns list it seems to work fine for web, browsing pc names on the network. I even flushed all the caches locally and on the server to make sure.
Does it matter if the monitor tab fails? If i put all my san ips back in under interfaces it passes, but then the server advertises these address on my network as a way to get to it which is wrong obviously. I am content with not worrying about the monitoring tab if this is normal for people who have had a server running dns server which also connected to a san.
Any comments or suggestions welcome. Thanks!
ASKER
Thanks for the info Adam. So the server had the other AD DNS server as server1 and itself as server 2 on its own nic settings.
I did disable all that register this adapter in dns for the 4 san interfaces. The thing i noticed if the san interfaces are checked on the interfaces tab of the dns properites that they register static records into dns. At first i kept deleting them and boom they would come back. Once i unchecked them from the interfaces tab on the dns config those static entries have not come back yet.
The question is now do i care that the self test on the monitoring tab fails?
I did disable all that register this adapter in dns for the 4 san interfaces. The thing i noticed if the san interfaces are checked on the interfaces tab of the dns properites that they register static records into dns. At first i kept deleting them and boom they would come back. Once i unchecked them from the interfaces tab on the dns config those static entries have not come back yet.
The question is now do i care that the self test on the monitoring tab fails?
A DC will pretty much always register all of its IP addresses in DNS...unless you block that by deleting all of the dynamic DNS entries and put in a static DNS entry for the server in DNS. This prevents the additional addresses from getting dynamically registered in DNS. I do this for my Hyper-V hosts all the time. Very easy.
ASKER
Yes i kept deleting the san ip entries and it said they were static entered, and as soon as i refreshed the server they came right back. The only thing that kept them from coming back was un-clicking them as i described on the interfaces tab on the dns config.
Can anyone expand on my main question - do i really need to be concerned about the monitor tab self tests not working?
Can anyone expand on my main question - do i really need to be concerned about the monitor tab self tests not working?
No. But you do need to be concerned about the SAN ips registering in DNS as A records for the DC. That will break AD very fast.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
To configure the SAN NICs to not register, go to the Adapter Properties screen (go to adapter settings in Control Panel's Network and Sharing center) click on IPv4 and click properties, then click Advanced, then the DNS tab and remove the checkmark next to "Register this connection's addresses in DNS" to stop that from happening.