Configuring DNS client on DNS servers.

  • Thread starter Thread starter Bill
  • Start date Start date
B

Bill

I just finished reading an post on the MS site that seemed
to contradict what I read in an article in Windows Server
magazine.


Scenario: A Forest with two domains. Two MS-DNS servers
serve entire forest and are located in the USER (not
root) domain. The USER domain also contains an Exchange
organization. The Forest zones are Active Directory
integrated, but these DNS servers also serve some legacy
static DNS zones.

Question: How should the DNS client service be configured
on each of those two DNS servers.

One article says MS-DNS servers serving a forest should
point only to THEMSELVES within their DNS client
configuration (no other entries).

Another says first entry points to themselves, but the
second (or more) to an alternate DNS server(s).

Which is it, or is either right?
 
Bill said:
I just finished reading an post on the MS site that seemed
to contradict what I read in an article in Windows Server
magazine.


Scenario: A Forest with two domains. Two MS-DNS servers
serve entire forest and are located in the USER (not
root) domain. The USER domain also contains an Exchange
organization. The Forest zones are Active Directory
integrated, but these DNS servers also serve some legacy
static DNS zones.

Question: How should the DNS client service be configured
on each of those two DNS servers.
Click to expand...

Generally to point to themselves (only or first.)

One article says MS-DNS servers serving a forest should
point only to THEMSELVES within their DNS client
configuration (no other entries).
Click to expand...

There is nothing particularly wrong with including other
DNS servers AFTERWARDS as long as they all return
the same information.

DNS clients assume that all DNS servers will return the
same info so it is ineffective (or even counterproductive)
to try to have the client settings point to different DNS
server sets.

If you have distinct zones, then the DNS servers themselves
must handle the cross resolution.
Another says first entry points to themselves, but the
second (or more) to an alternate DNS server(s).

Which is it, or is either right?
Click to expand...

Point to themselves first, other DNS servers with the
SAME answers are optional as alternates.

There are occasionally TEMPORARY exceptions when
first setting up DNS servers to support AD or when fixing
problems created by broken replication.
[/QUOTE]
 
Scenario: A Forest with two domains. Two MS-DNS servers
Generally to point to themselves (only or first.)
Click to expand...

One follow-up question, please.

When pointing to themselves, should you use the regular IP
address configured on the nic (a 10-dot address in this
case) or the loopback address of (127.0.0.1)

Again, I've seen both mentioned as possible choices.
Which is preferred, or is either OK.
 
Bill said:
One follow-up question, please.

When pointing to themselves, should you use the regular IP
address configured on the nic (a 10-dot address in this
case) or the loopback address of (127.0.0.1)
Click to expand...

I think both work -- but I always use the real IP address.

There are others that prefer the 127 address but if I remember
correctly there are one or two (almost trivial) cases where that
doesn't work perfectly.

The real address always works and is only an issue if you
change the machine address but I find no problem just typing
it back in (even on my demo DNS server that are traveling
laptops.)
Again, I've seen both mentioned as possible choices.
Which is preferred, or is either OK.
Click to expand...

Opinions differ; I normally use the real one, but the case is
not exceptionally strong. (I just know I don't have problems
that way.)
[/QUOTE]
 
Herb,

Don't know if you'll come back to this thread, but if you
do, I just wanted you to know I appreciate your answers.

They are both clear and helpful (which is not often the
case with news group answers).

take care. - bill.
 
Don't know if you'll come back to this thread, but if you
do, I just wanted you to know I appreciate your answers.

They are both clear and helpful (which is not often the
case with news group answers).
Click to expand...

I appreciate you kind words also.

(I only came back to the thread late because I have been
off "news" for more than a week.)
 
Back
Top