Link to home
Start Free TrialLog in
Avatar of valmatic
valmaticFlag for United States of America

asked on

DNS Config Windows Server with SAN connectivity

This is a Windows DNS Server question.

On the windows server that has the DNS role, this server connects to a SAN as well. So basically the server has 8 nic ports. 4 are teamed for the windows environment, and the other 4 ports are used for multipath to the SAN.

So in the dns config section i go to the properties tab of the dns server. On the interface tab it shows 5 ips. The 1 that entails my windows team, and then the 4 that go to the san. I unchecked all of the SAN ips since my clients were associating this san ip to the server when looking for a logon server etc.. However when i uncheck all my san ips that goofy self test it does on the monitoring tab always says it fails.

However when i put in this server to my laptops static dns list it seems to work fine for web, browsing pc names on the network. I even flushed all the caches locally and on the server to make sure.

Does it matter if the monitor tab fails? If i put all my san ips back in under interfaces it passes, but then the server advertises these address on my network as a way to get to it which is wrong obviously. I am content with not worrying about the monitoring tab if this is normal for people who have had a server running dns server which also connected to a san.

Any comments or suggestions welcome. Thanks!
Avatar of Adam Brown
Adam Brown
Flag of United States of America image

You'll want to make sure the server is pointing to itself or a secondary DC for DNS. This is an absolute necessity for an AD server. The monitoring tests run using the DNS settings of the NIC, and you will want to make sure the SAN NICs are not set to use DNS and that they are not registering themselves in the DNS Forward Lookup Zone (Look at your domain FLZ and see if the NIC IPs are associated with an A record that points to the DC. If the SAN NIC IPs show in there, you need to remove those records and reconfigure the NICs not to register themselves in DNS)

To configure the SAN NICs to not register, go to the Adapter Properties screen (go to adapter settings in Control Panel's Network and Sharing center) click on IPv4 and click properties, then click Advanced, then the DNS tab and remove the checkmark next to "Register this connection's addresses in DNS" to stop that from happening.
Avatar of valmatic


Thanks for the info Adam. So the server had the other AD DNS server as server1 and itself as server 2 on its own nic settings.

I did disable all that register this adapter in dns for the 4 san interfaces. The thing i noticed if the san interfaces are checked on the interfaces tab of the dns properites that they register static records into dns. At first i kept deleting them and boom they would come back. Once i unchecked them from the interfaces tab on the dns config those static entries have not come back yet.

The question is now do i care that the self test on the monitoring tab fails?
A DC will pretty much always register all of its IP addresses in DNS...unless you block that by deleting all of the dynamic DNS entries and put in a static DNS entry for the server in DNS. This prevents the additional addresses from getting dynamically registered in DNS. I do this for my Hyper-V hosts all the time. Very easy.
Yes i kept deleting the san ip entries and it said they were static entered, and as soon as i refreshed the server they came right back. The only thing that kept them from coming back was un-clicking them as i described on the interfaces tab on the dns config.

Can anyone expand on my main question - do i really need to be concerned about the monitor tab self tests not working?
No. But you do need to be concerned about the SAN ips registering in DNS as A records for the DC. That will break AD very fast.
Avatar of Sean Bravener
Sean Bravener

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial