AD - DNS

[Guest]

I have a single domain with two AD/DNS servers, plus an external linux DNS
server.
The two internal AD/DNS have their own IP addresses as primary and the linux
DNS as secondary, on the TCP\IP properties page.

Is this correct or do i have to point them to each other in the TCP/IP
properties.

In the DNS snap-in, i have each forwarding to the linux DNS for external
sites.
thanx

 

[Kurt]

Having the Linux servers as the secondary in your tcp/ip properties will not
force resolution to that server unless the primary server fals to respond.
You are correct to forward requests from the AD DNS server to the Linux box
for off-site name resolution.

....kurt

 

[Paul Bergson]

You should have the dns client on both dc's pointing to the other as primary
and themselves as a secondary (as long as they are in the same site and not
limited by bandwidth), with forwarding going to the Linux box for external
resolution.

--


Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.

 

[Herb Martin]

I have a single domain with two AD/DNS servers, plus an external linux DNS
server.
The two internal AD/DNS have their own IP addresses as primary and the
linux DNS as secondary, on the TCP\IP properties page.

Is this correct or do i have to point them to each other in the TCP/IP
properties.

No, it is wrong. It is unreliable. It will not do what you (almost
certainly) intend, even.

In the DNS snap-in, i have each forwarding to the linux DNS for external
sites.

That is likely correct.

thanx

Each internal DNS server should point to itself as PREFERRED and
it's INTERNAL partner as ALTERNATE (except in rare troubleshooting
cases where you do the opposite.)

All internal DNS clients MUST point STRICTLY at intenral DNS
servers which can resolve ALL answers the client needs.

They must NOT point at a mixture of DNS servers which include
external DNS which can resolve all internal (or other) needed
queries.

DNS servers and DCs are also "internal DNS clients."

Forwarding should be used (as one choice) for the internal DNS
servers to resolve external names.
[/QUOTE]

 

[Guest]

Thanks for all your help, I changed the DNS servers to point to each other
for secondary DNS, and forwatd to the linux box, in the DNS snap-in.

No, it is wrong. It is unreliable. It will not do what you (almost
certainly) intend, even.


That is likely correct.


Each internal DNS server should point to itself as PREFERRED and
it's INTERNAL partner as ALTERNATE (except in rare troubleshooting
cases where you do the opposite.)

All internal DNS clients MUST point STRICTLY at intenral DNS
servers which can resolve ALL answers the client needs.

They must NOT point at a mixture of DNS servers which include
external DNS which can resolve all internal (or other) needed
queries.

DNS servers and DCs are also "internal DNS clients."

Forwarding should be used (as one choice) for the internal DNS
servers to resolve external names.

[/QUOTE]

 

[Ace Fekay [MVP]]

In

Thanks for all your help, I changed the DNS servers to point to each
other for secondary DNS, and forwatd to the linux box, in the DNS
snap-in.

Just to add, make sure ALL clients and member servers are ONLY using the
DC/DNS servers in their properties too. If not, unusual errors will occur,
such as inability to find domain, can't logon, can't authenticate to access
resources, GPOs fail, and about 20 (or more) other errors. Adjust your DHCP
scope for your clients if need be, so Option 006 only shows the DC/DNS Ip
addresses.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply
unless that website posts replies back to the original Microsoft forum.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit or ensure the web community
posts it back to the original forum.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Windows Server Directory Services
Microsoft Certified Trainer
Infinite Diversities in Infinite Combinations.
=================================