Re: Primary + Secondary DNS

Tech-Archive recommends: Fix windows errors by optimizing your registry

Also, Within MS DNS on the secondary server, we've used an Internal IP to
obtain the zone data from the primary server. The zone record is identical
but it's getting its data from an Internal (private) IP. Should this be a
public IP?

Thanks

Chris

"Herb Martin" wrote:


"Chris" <Chris@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:15002ECD-5293-4174-AA4B-802D49203893@xxxxxxxxxxxxxxxx
Ok,

Allow me to describe this better for you.

There are two servers. Each has a public IP so they're directly accessed
from the Internet, but only allowing DNS traffic through.

On the primary server each forward lookup zone is setup as primary, and
each
zone record has a name server of the primary server and the secondary
server.
On the secondary server each forward lookup zone is setup as secondary
(from
the wizard) but only allowing notifications between these servers only as
per
the notify tab. The zone records are in sync and appear to be fine.

However, when the primary server goes offline each zone record is unable
to
be resolved from the Internet. Which tells me that the secondary server is
unable to resolve forward lookup zones if the primary server is offline.

Not true.

You have a problem either with REACHING the Secondary through
the Firewall OR you have failed to delegate the Secondary from the
parent zone and so no one even tries to find it.

Since this is public, what is the zone name?

Go to one of the web DNS checks try your zone name:
http://www.checkdns.net/quickcheckdomainf.aspx


Would I be correct saying that if the primary server goes offline I have
to
change the host(A) record for each lookup zone (the host that's set to
'same
as parent folder) or should this be more automatic? i.e. primary server
goes
off line but all the lookup zones remain and can be resolved with only the
one server running.

Thanks

Chris



"Herb Martin" wrote:


"Chris" <Chris@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:44068643-F156-43D8-8F2D-3C43154BC754@xxxxxxxxxxxxxxxx
Hi,

I have two server 2003 servers. One is hosting Primary DNS and one
secondary
DNS server using the primary for its zone records.

We did a test recently where the primary server was taken offline to
see
if
DNS still worked. It didnt!

Two concerns: Registration and Resolution.

When the ONLY Primary is offline not dynamic registration will be
possible,
so generally it is best to use multiple AD Integrated DNS Servers instead
of a single primary (single point of failure for dynamic registration).

You also get the advantage of being able to use "secure only updates" in
this case.

For RESOLUTION, every machine needs to be set with BOTH (all)
INTERNAL DNS Servers listed in the NIC->IP->Properties.

NO external DNS Servers (e.g., the ISP or an external firewall server)
may be listed -- only those which can resolve all internal (and external)
records needed by the internal DNS clients.

Our name servers for the domains we tested with
are the same as the external IPs for the two DNS servers. I would have
thought that if the primary was taken offline the 2nd nameserver would
be
used to check the host record and then access the host file on the
secondary
DNS server.

At this point would I need to change the host file on every zone record
for
the secondary DNS server to ensure each zone is then accessed?

What host file? Host files have nothing to do with DNS resolution --
and would be use prior to DNS if available on the client machines.

Host files would generally be a poor practice for AD domain machines
unless you use them for very specific purposes and understand the
implication clearly.

DNS clients can have multiple DNS servers listed on the NIC->IP
properties.






.

Relevant Pages

  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Event 4515 :another copy of zone has been found
    ... running on the old 2000 server. ... I then installed DNS on ... I seem to remember hearing that if you just delete/remove the zone it ... Container), the Configuration Partition, and the Schema Partition. ...
    (microsoft.public.windows.server.dns)
  • Re: Replication between parent child domains
    ... install dns before i run the dcpromo on the melbourne server. ... DNS server will forward any query it can't answer, Checks zone ...
    (microsoft.public.windows.server.active_directory)
  • Re: Replication between parent child domains
    ... DNS server will forward any query it can't answer, Checks zone ... DNS Servers) all queries will go to tld DNS server (including Internet ... Stub zones: Stub zones contain a read-only copy with specific records ...
    (microsoft.public.windows.server.active_directory)
  • Re: DNS Redesign Issue
    ... -Using DNS console you can right-click the zone and export to a File, ... -To export a Zone and import that Zone in another DNS Server you need to use ... Create a child zone dallas on the DNS server in the child domain ...
    (microsoft.public.windows.server.dns)