Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Win2003 with AD Integrated DNS/ DHCP 1

Status
Not open for further replies.
Wazzer

Wazzer

MIS
Aug 6, 2001
17
0
0
GB
I'm setting up a new Windows 2003 Domain and have a question regarding DNS and DHCP. I've set-up DNS on the first Win2003 Server when installing Active Directory and all works fine. I have made DNS on this server Active Directory Integrated. On a second Server (also a Domain Controller), I've installed DHCP, authorised it, and all works fine. I want to ensure resiliency for both services, so have installed DNS on the DHCP Server, and DHCP on the DNS Server. I have allocated seperate pools of IP addresses for DHCP on both servers so that if one server goes down, DHCP services are unaffected and there are more than enough addresses available on one server to service the entire domain. When I installed DNS on the second server, the installation again was fine. In DNSMGMT, both servers are Name Servers for the same zone which is what I want. However, I'm a little confused with the meanings of Primary and Secondary Name Servers and their fault tolerance. Looking in DNSMGMT, I can see that all the records for both servers are identical, apart from the SOA record (I assume they are being replicated because of Active Directory Integration.) Have I got two Primary Name Servers for the Domain and does that provide the best resiliency; or should one be a Secondary server? Does Active Directory Integration mean either of these servers can die and DNS/ DHCP Services will remain unaffected? Any help would be appreciated.
 
Sort by date Sort by votes
if you have 2 primary servers, the records are not shared, when you update data in zones, you will need to modify both DNS servers.

you can delete the primary zone on one of the servers, and recreate a new zone for the same domain, but specify that it is secondary and point to the other DNS server as the primary. you can then set up zone transfers to keep both zones in sync.

you might also want to put a hole in your firewall and work with your ISP and transfer your zones to their servers for redundancy. Keeping an off site copy is a good plaan in case of DNS corruption or server failure, then again, if your server fails, you've got bigger issues than DNS.

 
Upvote 0 Downvote
Your zones are AD integrated so all information is located in the AD DB. This setup is Multi master......so there is no need for "secondaries". It follows the same strategy of AD DC's.
 
Upvote 0 Downvote
to sum up...
"Does Active Directory Integration mean either of these servers can die and DNS/ DHCP Services will remain unaffected?"
For DNS & AD services, yes!
and as you have done the 80/20 rule for DHCP, yes as well...

unaffected? probably have a slowdown as clients that referenced the dead DC recontact the other one for dns etc...

for dns, primary and secondary servers work like NT4 DCs, only one could be writeable...
With Ad, you can integrate zones and like MTVW has explained, this makes them become multimaster, as the DNS data becomes part of the AD database.

Aftertaf
We shall prevail, and they shall not
 
Upvote 0 Downvote
Thanks chaps,

It was really the AD Multimaster idea I was confused about, so the answers really help.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
5K
KenMeans
KenMeans
herestone
  • Locked
  • Question
Core Switch DHCP Server Management 1
Replies
2
Views
5K
herestone
herestone
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
5K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
5K
tbright
tbright
Nick Ellson
  • Locked
  • Question
Bind9 with RPZ and local forwarding zones?
Replies
1
Views
5K
Nick Ellson
Nick Ellson

Part and Inventory Search

Sponsor

Back
Top