Implementing 2nd DNS server...

  • Thread starter Thread starter Steve Thompson
  • Start date Start date
S

Steve Thompson

Have a very simple scenario and would like to know the best way to
accomplish.

An NT 4.0 domain was upgraded to Windows 2003 AD, single forest/domain. On
the PDC, we've implemented DNS, with a single namespace, let's call it:

mycompany.local

We've implemented dynamic dns, external dns servers are provided by the ISP.

I'd like to have a second DC running a copy of the same namespace
<mycompany.local> for fault tolerance and disaster recovery. What options do
I select in implementing the second DNS server?

Also, as a followup question, is it better to use the internal DNS server(s)
to forward name resolution requests that cannot be resolved internally, or
simply provide the external DNS IP addresses via DHCP?

Thanks,
Steve
 
addresses
Click to expand...
I would not provide the ISP's DNS servers via DHCP to your clients. The
only place you should have your ISP's DNS servers is in the forwarders
of your DNS Servers.

Windows 2000/2003 make adding additional DNS servers very easy. Simply
add the DNS service to a second domain controller and the records will
populate via normal replication. In windows 2000, they are actually
already there.

Point all your clients preferred and alternate to your internal DNS
servers (not your ISP). Also, point your DNS servers preferred and
alternate internally. For example, say your servers are DC1 and DC2. I
would configure them as such after installing on DNS on the second DC.

DC1 and DC2 and all clients:
=============================
Preferred DNS points to DC1
Alternate DNS points to DC2

On both DC1 and DC2 configure forwarders for your ISP

Configure both DNS servers to be Active Directory Integrated and only
allow secure updates.

HTH
 
Doug Gabbard said:
I would not provide the ISP's DNS servers via DHCP to your clients. The
only place you should have your ISP's DNS servers is in the forwarders
of your DNS Servers.

Windows 2000/2003 make adding additional DNS servers very easy. Simply
add the DNS service to a second domain controller and the records will
populate via normal replication. In windows 2000, they are actually
already there.

Point all your clients preferred and alternate to your internal DNS
servers (not your ISP). Also, point your DNS servers preferred and
alternate internally. For example, say your servers are DC1 and DC2. I
would configure them as such after installing on DNS on the second DC.

DC1 and DC2 and all clients:
=============================
Preferred DNS points to DC1
Alternate DNS points to DC2

On both DC1 and DC2 configure forwarders for your ISP

Configure both DNS servers to be Active Directory Integrated and only
allow secure updates.
Click to expand...

Thanks Doug -- exactly what I was looking for.

Steve
 
Back
Top