Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

recommended dns settings for domain controllers running 2008 server 2

Status
Not open for further replies.
bookouri

bookouri

IS-IT--Management
Feb 23, 2000
1,464
US
What is the current recommended way to configure the tcp/ip settings on domain controllers? We run 3 domain controllers and each one also runs dns. Should the DCs point to themselves for primary dns and then another server for secondary dns? or should their primary dns be one of the other servers?

thanks for any suggestions....
 
Sort by date Sort by votes
thanks thats the way they have always been run, but i had read or been told that NOW they recommended to make the primary a different server and not its self...

 
Upvote 0 Downvote
Primary is local first then any other DNS server second
Click to expand...

That is actually a very common misconfiguration in DNS servers. The first DNS server listed (aka, primary) should NOT be the server itself. The correct method is to list one or more DNS servers as the primary, secondary, and on the advanced tab, and then add the loopback IP address (127.0.0.1) as the last DNS server in the list. If you run the DNS Best Practice Analyzer it will confirm this.

The reason is pretty simple. If you set the DNS server to use itself for DNS lookups then it will never query another DNS server unless its own DNS service isn't running. That means that it is entirely possible for it to become isolated from the other DNS servers in your environment if it doesn't have the appropriate records to locate the replication partners, and you'll never know that anything is wrong until you run into name resolution issues.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCSE:Security 2003
MCITP:Server Administrator
MCITP:Enterprise Administrator
MCITP:Virtualization Administrator 2008 R2
Certified Quest vWorkspace Administrator
 
Upvote 0 Downvote
kmcferrin is correct. I've always used forwarders just in case one of my DNS servers could not resolve internal records. This is probably old habits from previous versions of Windows. :)

Best Practices Analyzer

_______________________________________
Great knowledge can be obtained by mastering the Google algorithm.
 
Upvote 0 Downvote
thanks for the update

I reconfigured the ip settings on my dc's to match the new configuration..

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
314
suncit
suncit
MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
216
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
266
Aquiles Vidal
Aquiles Vidal
Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
235
gbaughma
gbaughma
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
373
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top