One or more DNS Server within same domain?

[Stefan Prugg]

Hi!

currently there are two servers. one of them is a DC.
the second one should be added as an additional DC within the same domain...
can both act as DNS server or is there only one DNS-Server allowed?

thx

 

[Ryan Hanisco]

Stefan,

In general, you will want to use active directory integrated DNS and have
both of them acting as DNS servers for redundancy. Make sure that the DNS
servers look to themselves for DNS and the clients to the two servers.

If you are not Integrating your DNS (or using a 3rd party), make sure you
are doing this with good reason and carefully plan out your DNS replication.

 

[Herb Martin]

Hi!

currently there are two servers. one of them is a DC.
the second one should be added as an additional DC within the same domain...
can both act as DNS server or

Yes, in fact that is the normal way..

is there only one DNS-Server allowed?

No, only one can be the traditional style Primary
DNS server, the other would be a Secondary and
pull it's zone file from that Primary.

The Primary is the only place to change you zone
file in traditional DNS.

Microsoft however offers "Active Directory Integrated
DNS" on DCs only (since it stores the records within
AD.)

In this case AD-Int-DNS any of these DC-DNS servers
can accept changes as DCs are multi-mastered.

You may still have ordinary Secondaries with these
as well, but there is seldom a reason unless you need
an NT, Unix, non-DC server, or other such machine
to also hold your zone.

 

[ptwilliams]

Stefan,

Listen to Ryan's advice:

...and the clients to the two servers...

This is very important. You can have all the DCs and GCs in the world, but
if everyone only points to one DNS server and it dies...


--

Paul Williams

http://www.msresource.net
http://forums.msresource.net


Stefan,

In general, you will want to use active directory integrated DNS and have
both of them acting as DNS servers for redundancy. Make sure that the DNS
servers look to themselves for DNS and the clients to the two servers.

If you are not Integrating your DNS (or using a 3rd party), make sure you
are doing this with good reason and carefully plan out your DNS replication.

 

[Enkidu]

currently there are two servers. one of them is a DC.
the second one should be added as an additional DC within the same domain...
can both act as DNS server or is there only one DNS-Server allowed?

It's always advisable to have more than one DNS server serving any
setup that requires DNS. Active Directory *requires* DNS. It is a
*consumer* of DNS services. It is in no way tied to Active Directory
or even Windows 2000. You could provide DNS services running in an AD
Domain to a non-AD or even non-Windows setup, and a non-Windows DNS
could provide naming services for an AD Domain.

Remember, DNS does NOT have to run on the Domain Controllers. During
conversion from NT4 to 2000 Active Directory, my first AD Domain ran
like that for several months. DNS was run on members servers.

Windows 2000 Active Directory provides for AD Integration of DNS. This
does not change anything I said above. The AD Integration means that
the DNS server resides in a DC and its data is replicated with AD data
in the normal way, but conceptually, it makes no difference.
Operationally, of course it does.

As someone once said here in this forum, the DNS that provides naming
services for your AD Domain *could* be on the moon. There would be no
functional difference.

I find it useful to consider DNS as totally separate from and
independent of Active Directory, which it is, even though the DNS may
run on servers in a Windows Domain.

Please remember that "Domain" as in DNS ("Domain Naming Services" ) is
not the same as "Domain" as in Active Directory Domain. There are
several uses of the word "Domain" that are used around computing and
IT that have slightly different meanings and which are generally
distinguished by the context.

Cheers,

Cliff