Re: Primary + Secondary DNS


"Chris" <Chris@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:44068643-F156-43D8-8F2D-3C43154BC754@xxxxxxxxxxxxxxxx
Hi,

I have two server 2003 servers. One is hosting Primary DNS and one
secondary
DNS server using the primary for its zone records.

We did a test recently where the primary server was taken offline to see
if
DNS still worked. It didnt!

Two concerns: Registration and Resolution.

When the ONLY Primary is offline not dynamic registration will be possible,
so generally it is best to use multiple AD Integrated DNS Servers instead
of a single primary (single point of failure for dynamic registration).

You also get the advantage of being able to use "secure only updates" in
this case.

For RESOLUTION, every machine needs to be set with BOTH (all)
INTERNAL DNS Servers listed in the NIC->IP->Properties.

NO external DNS Servers (e.g., the ISP or an external firewall server)
may be listed -- only those which can resolve all internal (and external)
records needed by the internal DNS clients.

Our name servers for the domains we tested with
are the same as the external IPs for the two DNS servers. I would have
thought that if the primary was taken offline the 2nd nameserver would be
used to check the host record and then access the host file on the
secondary
DNS server.

At this point would I need to change the host file on every zone record
for
the secondary DNS server to ensure each zone is then accessed?

What host file? Host files have nothing to do with DNS resolution --
and would be use prior to DNS if available on the client machines.

Host files would generally be a poor practice for AD domain machines
unless you use them for very specific purposes and understand the
implication clearly.

DNS clients can have multiple DNS servers listed on the NIC->IP
properties.


.

Relevant Pages

  • Re: LSASS.EXE Outbound on Port 53?
    ... LSASS.EXE has no legitimate purpose outside of our ... > External DNS servers should not be specified in the DC's ... Even more true that #1 -- internal DNS clients must ... It has a need to register by contacting the DNS server ...
    (microsoft.public.win2000.security)
  • Re: Reverse Lookup on a local HOST file
    ... > PN> The local HOST file is used to map an IP address to host... ... > PN> How would I create a reverse lookup file...? ... this is a newsgroup for people with DNS servers. ... And ftp'ing the master host file from UCB was an invention ...
    (microsoft.public.windows.server.dns)
  • Re: companyweb will not display on server
    ... Default Gateway: 192.168.0.1 ... Per your recommendation, we should change the DNS Server IP to the server IP ... >> Try adding companyweb to the server's host file at ... > the DNS Servers in the IP configuration are not set to point to the SBS ...
    (microsoft.public.windows.server.sbs)