Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Replacing Windows2003 DNS Server

Status
Not open for further replies.

zoeythecat

Technical User
May 2, 2002
1,666
US
Hi All,

We have 3 domain controllers in a single Windows2003 domain. Our main domain controller(DNS,DHCP,WINS,GC) has been crashing because of a disk controller error. We plan on replacing this domain controller this coming Monday. The other 2 Domain Controllers are low end processors and not robust enough to handle active directory traffic if we transferred all the roles, etc. I have a few questions I was hoping someone could offer some insight on:

(1)It appears that when this server goes down, no one can connect, because all the FSMO roles, dns and dhcp and all the clients and servers are pointed to this server. What can I do to provide a failover, so when this server goes down, users would still be able to connect?
(2) What should be my best strategy replacing this server? I assume I promote a server to be a domain controller, transfer all the FSMO roles, make this a GC, transfer the DHCP database.

Any tips or suggestions would be greatly appreciated.

Thanks in advance
 
All of your DCs should be GCs. Period. Generally, if you're using AD integrated DNS, then make your DCs also DNS servers.

You can split DHCP by following the recommended 80/20 rule (Google it).

Pat Richard MVP

Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Pat,

What if the other Domain Controllers are low end. Will they be able to handle the extra traffic? The other domain controllers are low on disk space on the C drive, so this is why I have been hesitant doing this.

We are working on resolving this situation this summer. We have implemented just this week 2 SANS and we plan on virtualizing the other domain controllers soon. I'm more concerned with our main DNS server. This has been crashing, and thus preventing our users from connecting until I get this server up.

Thanks for your thoughts.



 
Being a domain controller is a pretty lax job for even a low end server, its doubtful your other servers aren't up to the job. DNS and DHCP is also pretty insignificant as loads go.

The database also dosen't have to be on C drive you can configure that.

I would configure dns and dhcp on one of the other servers. DNS will self configure any ad zones but you will need to set any global options. Add the extra dns server as a secondary.

Just configure the other dhcp identical using netsh which takes about a minute to do and don't forget to add a second ip helper address or change the existing one. Make sure the dhcp server is configured with lookahead, a figure of 3 is usually used to prevent ip conflicts.

 
The database is not on the C drive. So I guess I could have these other 2 DCs as GCs.

I do have a secondary DNS.

The problem is we have multiple subnets, so I have to research the best DHCP solution. Eventually all our DC's will be virtualized and on a SAN.

My main question (original) is how to replace my existing DNS, DHCP, GC server.

Thanks for your thoughts.
 
DNS and GC on all DCs. 80/20 split for DHCP between 2 DCs. Simple enough.

Pat Richard MVP

Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Pat,

I think my situation is more involved than that. I understand what you are saying when all DCs are up and running, have DNS and GCs on all servers and do the 80/20 split, but we have several subnets. From what I read I would have to have server servers serving DHCP. If I just had a couple subnets, then the 80/20 split would work. I guess I could configure a dhcp relay agent to make this work for a multiple subnet environment. I am also talking about a server that has 4 of the FSMO roles, so when I build a new server I have to take this into consideration. The main issue here is replacing a server, not how I should have dns and GCs on all dcs . I understand your point regarding that, and I will do that, so thanks for your tips on that. Perhaps i'm reading the wrong articles and you could provide an article for me?

Thanks
 
Sorry about this typo "From what I read I would have to have server servers serving DHCP". What I meant to say was, from what I have read I would need a server for each subnet doing DHCP using the 80/20 scenario.And even in this instance, it's not fully fault tolerant, you would need a cluster to make this a failover option I believe.

Thanks again for everyone's thoughts on this
 
You do not need a dedicated DHCP server for each subnet. You can set your Router(If it has this functionality) to forward all DHCP requests to a single DHCP server. This DHCP server will be able to recognize which subnet the request can from and handle it appropriately.

Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
Bdintegrations,

Thanks for the info and the link. I think this is probably the way I should go on this. The server that is failing, is the DHCP server. Can you confirm for me, if I setup my router to forward all DHCP requests to a single DHCP server, if this DHCP server goes down will dhcp clients still be able to connect to the network? What are my options to make sure if this DHCP server goes down, our end users will still be able to connect to the network?

 
Pat,

Regarding GCs, I checked out this link: and there a little note at the end that states it is recommended not to have a GC on the same domain controller that holds the Infrastructure master role. I just wanted to add this note to the forum for everyone's knowledge.
 
That really comes into play if you have enough DCs to not have the GC role on that box. Usually, you can make ALL of the DCs a GC.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Pat,

I will definitely take your advice and make 2 of our domain controllers GCs (we have 3 DCs) and the DC that has the infrastructure master role I will not make a GC.

Thanks everyone for the posts. I appreciate all the feedback
 
They will still be able to connect to the network even if the DHCP server goes down.

You may be able to use the router itself as a backup DHCP server.


Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
Bdintegrations,

That's what I thought. I'm looking into a clustering solution so we can have an active/passive server so when one goes down there will be a failover.



 
They will still be able to connect to the network even if the DHCP server goes down.
That's partially true. But if a machine is booted when DHCP is down, you've got a problem.

Use the 80/20 split between two servers, and you reap the benefits of having the correct info sent to DNS as well - something that won't happen if you use a router for DHCP.

Pat Richard MVP
Plan for performance, and capacity takes care of itself. Plan for capacity, and suffer poor performance.
 
Bdntegration,

I did not read your post close enough. I have about 20 subnets that get DHCP addresses. I'm looking for a complete fail over solution which is what a cluster would provide. I'm not sure how an 80/20 split could work in an environment that has over 20 subnets. It's not a complete redundant solution.

Pat,
I have about 20 subnets. I don't belielve Your solution would work in my environment. I was looking for a complete redundant (high availability) solution. Sorry I did not post that clearly in my original post. I think i'm ok with what I need to do now. I'll post back when our solution is in place.

Thanks again for everyone's feedback.

 
Pat,

No disrespect, but help me understand what you are saying. What should my solution be? I've read up on DHCP and the 80/20 and your solution I don't think would work in my situaton.I've run this by a few network people here at work, and they tell me this is not a redundant solution. Can you provide a link that would prove your point? I've googled and researched many DHCP links and I have not been able to find this solution to be redundant. And, if we have over 20 subnets, I think I would have to install DHCP servers on several subnets, but still if one server goes down then users would not be able to connect to whatever subnet is down. I'm looking for a redundant/high availability solution. Is your 80/20 solution a redundant solution?
 
Why couldn't you set up 2 DHCP servers? One DHCP server that serves 80% of the all IP addreses in each subnet. The other DHCP server serves 20% of all the IP addresses in each subnet. Both serve all 20 subnets. Have the router forward the DHCP requests to both servers; which ever one is faster will be the one that leases the address to the client. For example, the 2 DHCP servers below are serving 4 different subnets:

DHCPServer1:
10.0.1.1-10.0.1.200
10.0.2.1-10.0.2.200
10.0.3.1-10.0.3.200
10.0.4.1-10.0.4.200

DHCPServer2:
10.0.1.201-10.0.1.254
10.0.2.201-10.0.2.254
10.0.3.201-10.0.3.254
10.0.4.201-10.0.4.254


Business and Data Integrations
A Northern Virginia IT Service and Consulting Company
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top