Alex said:
Can any one confirm for me if the following is correct behaviour:
2 Win2k DCs in the same win2k domain. Both host DNS. DNS is set on both to
active directory integrated. On both servers the start of authority record
is itself ( i.e. DC1 thinks it is the SOA for the domain and DC2 thinks it
is the SOA for the domain).
Should this be set up with DC2 hosting a standard secondary zone,
receiving updates from DC1, or am I missing something here.
Your missing something (minor) here. <grin>
The problem likely starts by thinking of the SOA as "DC2 thinks it is the
SOA",
rather than "DC2 is listed IN the SOA" -- minor point but the slight change
in
semantics will guide your thinking perhaps.
Traditional DNS didn't know about multi-mastering so there is only
one place to name the primary in the SOA.
Think instead of the SOA as being the header record for a zone.
Also consider that there is little practical issues from this with
one MAJOR exception: The secondaries who (might) later pull
from each master, will think of the DNS server listed in the SOA
as "master" for editing purposes and to will refer clients who must
do dynamic registration to THIS particular DC.
Makes sense, right? If you need to register with DNS, then your first
shot is the DNS server you are using. It it is not dynamic, then you
can either work your way up the "master chain" (in theory at least
a seconary can pull from a seconary from a primary -- true master)
OR you can use the SOA to jump to the "master" listed there.
If your secondary can pull (directly or indirectly) from that master
then you stand a better chance of reaching that same one (efficiently)
than you would from another (random) DC-DNS server --that
other random DNS master server might be behind a firewall or just
across the planet.
