|
what version OS are we talking about? and are
these the only domains in your forest - i.e. this domain is also the forest
root?
and I guess we are assuming that you're using AD
integrated DNS for this domain only (and as such the DNS zone data exists on all
DCs) - right?
In Win2k it is best practice not to
point a root DC to itself for
resolving DNS queries - the safest thing is to point it to the next closest DNS
server in another site (primary) and to point the
seconday to a DC in another site. This is to prevent replication island
(really only an issue if you'd ever change the IP address of any of your
DCs). This safety step is only required for the root domain, as it holds
the enterprise-wide _msdcs zone containing the domain's and DC's GUID references
used to build the replication connections. If you'd change the IP
address of a root DC and it points to itself as a DNS resolver, it would
only update the IP address on it's own DNS zone data, effectively hindering it
to replicate out this change to the other DCs (which would want to poll
the data using the old IP address of the root DC)... thus creating a
replication island (which no other DC can replicate
from).
As a result, the
safest thing to do for your "root DCs" (assuming that's what they are) is
to point DNS for Site 1 DCs to DCs in Site 2 and Site 3 and so on... I
always configure the DC itself as the third resolver (go to "Advanced"), just to
make sure.
Child Domain DCs
should always use themselves as the primary DNS resolver and then some other DC
as the
secondary. For Win2k3, this
"non-local" DNS config is no longer required, as MS fixed the island problem in
this version of DNS. So here you can configure the root servers just like
the child servers (pointing to themselves + some other DC as a secondary DNS
server) /Guido
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Montano, Greg Sent: Montag, 9. Februar 2004 17:06 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] multiple sites DNS question private line T1 connecting all sites
I mean for the DCs themselves.
thanks From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Santhosh Sivarajan Sent: Monday, February 09, 2004 10:59 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] multiple sites DNS question Are you talking about
the client computers or DC itself? For workstation:
Primary: Local DNS
server For DC4 and
DC5: Where are they located
and what is the connection speed? I would prefer to use
DC1 or DC2 as primary and local DNS server as
secondary! From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Montano,
Greg Hi all, I have 1 AD domain spread over 3
sites Site 1 - DC1,
DC2 Site 2 -
DC3 Site 3- DC4,
DC5 all DCs are global
catalogs DC1 holds FSMO roles
What is the prefered way to set up
local computers primary and secondary DNS for site 3
DCs? should they all point back to
DC1? or to each other? Thanks |
RE: [ActiveDir] multiple sites DNS question
GRILLENMEIER,GUIDO (HP-Germany,ex1) Tue, 10 Feb 2004 09:47:54 -0800
Title: Message
- [ActiveDir] multiple sites DNS questio... Montano, Greg
- RE: [ActiveDir] multiple sites DN... Santhosh Sivarajan
- RE: [ActiveDir] multiple sites DN... Montano, Greg
- RE: [ActiveDir] multiple sites DN... mathif
- RE: [ActiveDir] multiple site... Santhosh Sivarajan
- RE: [ActiveDir] multiple sites DN... Roger Seielstad
- RE: [ActiveDir] multiple sites DN... mathif
- RE: [ActiveDir] multiple sites DN... mathif
- RE: [ActiveDir] multiple sites DN... Roger Seielstad
- GRILLENMEIER,GUIDO (HP-Germany,ex1)
