Multi-site DNS

Jeff Brooks-Manas · Feb 8, 2004

Hello,

My company has five offices, which are all connected via VPN. We have one
domain - no parent or child domains - and a DC at each office. Should DNS on
each server be configured as Active Directory Integrated for both forward
and reverse lookup zones?

Also, each office has its own subnet. The forward lookup zone for all of the
DCs is our domain name, but the reverse lookup zone on each server lists the
subnet of the zone that the first DC is in (192.168.1.x). Is this a problem?
If so, how do I fix it?

Thanks!

Jeff

Rob Elder, MVP-Networking · Feb 9, 2004

I always recommend AD integrated zones. That way the zone database is part
of AD replication. No need to worry about zone transfers or the extra
traffic they create.

Nothing wrong with your setup. One forward lookup zone for the domain. A
reverse zone for each of the IP subnets.

Jeff Brooks-Manas · Feb 9, 2004

Thanks for your reply.

What's strange to me is that the reverse lookup zone on each DC lists the
data for the subnet of the first DC. It's not a reverse zone for each
subnet, it's one duplicated five times. I'm using Active Directory
Integrated for the reverse zones, too.

Thanks again!

Jeff

Danny Slye - [MSFT} · Feb 9, 2004

You have to create the reverse lookup zone for each subnet although you
probably don't need them
--------------------

From: "Jeff Brooks-Manas" <[email protected]>
References: <[email protected]>

Subject: Re: Multi-site DNS
Date: Sun, 8 Feb 2004 20:20:15 -0800
Lines: 50
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-ID: <#[email protected]>
Newsgroups: microsoft.public.win2000.setup,microsoft.public.win2000.networking
NNTP-Posting-Host: 66-7-255-234.cust.telepacific.net 66.7.255.234
Path: cpmsftngxa07.phx.gbl!cpmsftngxa10.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08
.phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: cpmsftngxa07.phx.gbl microsoft.public.win2000.networking:54067 microsoft.public.win2000.setup:24418
X-Tomcat-NG: microsoft.public.win2000.networking

Thanks for your reply.

What's strange to me is that the reverse lookup zone on each DC lists the
data for the subnet of the first DC. It's not a reverse zone for each
subnet, it's one duplicated five times. I'm using Active Directory
Integrated for the reverse zones, too.

Thanks again!

Jeff

__
Danny Slye
Microsoft Support Professional
MCSE

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

Jeff Brooks-Manas · Feb 11, 2004

So should I turn off Zone transfers since I'm using AD integrated DNS?

Thanks!

Jeff

Danny Slye - [MSFT} · Feb 11, 2004

Yes, you can turn off zone transfers.
--------------------

So should I turn off Zone transfers since I'm using AD integrated DNS?

Thanks!

Jeff

__
Danny Slye
Microsoft Support Professional
MCSE

This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!

Multi-site DNS

Jeff Brooks-Manas

Rob Elder, MVP-Networking

Jeff Brooks-Manas

Danny Slye - [MSFT}

Jeff Brooks-Manas

Danny Slye - [MSFT}