Where to find workstation DNS settings documentation?

  • Thread starter Thread starter Per Hagstrom
  • Start date Start date
P

Per Hagstrom

Hey!

Can someone give me a link to an official documentation on how DNS is
supposed to be setup on a workstation in a Win 2003 domain?
Currently we have it setup where the workstations are using our internal DNS
servers as primary and secondary DNS servers, but they also have our ISP's
DNS server as the third DNS entry...

As far as I understand DNS, that is not a good solution. In our case the
reason is; if our workstations can't connect to one of the internal DNS
servers, they can at least get to the internet by themselves...

But how I understand DNS a workstation can fail over from primary to
secondary DNS just by "regular" network congestion, and if it fails over a
second time, to the third, in our case the ISP's DNS, then the workstation
will be stuck on there for who knows for how long, and in the mean time
won't be able to resolve any internal DNS addresses at all... !

To be able to back myself up I would really need some official documentation
explaining how it works in detail though...

Any help would be greatly appreciated!!

Thanks!

/ Per
 
In
Per Hagstrom said:
Hey!

Can someone give me a link to an official documentation on how DNS is
supposed to be setup on a workstation in a Win 2003 domain?
Currently we have it setup where the workstations are using our
internal DNS servers as primary and secondary DNS servers, but they
also have our ISP's DNS server as the third DNS entry...

As far as I understand DNS, that is not a good solution. In our case
the reason is; if our workstations can't connect to one of the
internal DNS servers, they can at least get to the internet by
themselves...
But how I understand DNS a workstation can fail over from primary to
secondary DNS just by "regular" network congestion, and if it fails
over a second time, to the third, in our case the ISP's DNS, then the
workstation will be stuck on there for who knows for how long, and in
the mean time won't be able to resolve any internal DNS addresses at
all... !
To be able to back myself up I would really need some official
documentation explaining how it works in detail though...

Any help would be greatly appreciated!!

Thanks!

/ Per

You said it. Just use your internal DNS only. Reason is the machines are
part of your AD infrastructure. That is a scenario that no one wants to deal
with if your DNS servers, which are also your DCs, go down. And if both of
them go down, then your production environment will just have failed and
will require a little DR.

Keep in mind AD uses DNS. With an AD network, all domain members (DCs,
clients and servers), need only use your internal DNS server(s) only.
Reason why, is AD stores it's resources and service locations in DNS in the
form of SRV records (those folders with the underscore in them). They are
used for a multitude of things, such as finding the domain when a client
logons, domain replication from one DC to another, authentication, and more.
To illustrate, if a client queried the external DNS server with a query such
as, "Where is my domain", will that server have the answer? NO.

Configure a forwarder for efficient Internet resolution. For Win2000, see
300202 below. For Win2003, see 323380.

Plus, as you've pointed out about the client side resolver service, if the
first doesn't answer and times out, it goes to the second one, if that times
out, it goes to the third, but it will nto go back to the first one until
after a certain time out period (that you can mess with in the reg on each
and every machine in the network), restart the machine or restart the DNS
client service and teh DHCP client service (yes, that is a required service,
whether the machine is set to DHCP or static).

825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003 (including how-to configure a forwarder):
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036

291382 - Frequently asked questions about Windows 2000 DNS and Windows
Server 2003 DNS
http://support.microsoft.com/default.aspx?scid=kb;en-us;291382

300202 - HOW TO Configure DNS for Internet Access in Windows Server 2000 :
http://support.microsoft.com/?id=300202

323380 - HOW TO: Configure DNS for Internet Access in Windows Server 2003
(How to configure a forwarder):
http://support.microsoft.com/d/id?=323380

No DNS Name Resolution If DHCP Client Service Is Not Running
http://support.microsoft.com/default.aspx?scid=kb;en-us;268674

--
Regards,
Ace

If this post is viewed at a non-Microsoft community website, and you were to
respond to it through that community's website, I may not see your reply.
Therefore, please direct all replies ONLY to the Microsoft public newsgroup
this thread originated in so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
 
Ace,

Thanks a lot!! :)
I'll take a look at the links you gave me!
Glad you confirmed our current setup is not the right way, all clients have
to have the internal DNS servers ONLY...

Thanks again!

/ Per




"Ace Fekay [MVP]"
 
In
Per Hagstrom said:
Ace,

Thanks a lot!! :)
I'll take a look at the links you gave me!
Glad you confirmed our current setup is not the right way, all
clients have to have the internal DNS servers ONLY...

Thanks again!

/ Per

My pleasure Per.

Keep in mind, not sure what else you have setup, but I suggest to use
Microsoft's DHCP as well. Some folks are using their router's DHCP, which
doesn't work hand in hand with Microsoft DNS (Option 081), and lacks many
other configurable options.

If you have any other questions, please post back. :-)

Ace
 
Back
Top