|
I meant to say, “no root/sub-root _msdcs
ISSUES to factor in” Deji From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Deji Akomolafe >>>Ok. Some conflicting
responses. You will always get that. I have yet to
see a consensus on this and many other issues. So, it ultimately ends up being
one of those “it depends” cases. >>>I am aware of the island issue Remember, the “ >>> Why would you point to
another site as primary if there is poor connectivity? If poor connectivity is an issue for you,
then again (in this scenario), primary to another server is a good way to
ameliorate the impact of the poor connectivity. “Poor
connectivity”, in this case, means that there is “intermittent”
connectivity, right? If the DC points to itself or to another and there is an
extended outage, then you are SOL in that you can’t find anything on the
other side anyway. Remember that this “to self or to another”
question is specific to the DNS server ITSELF, not relevant to what it does for
(or on behalf of) other clients. The configuration is only applicable to the
DNS server’s ability to publish and locate records for itself. If it can
NOT find the referenced DNS Server configured as PRIMARY (because of the poor
connectivity), it will flag that server as being unresponsive and then go to
the secondary, which is itself, in the meantime. >>> The AD-integrated DNS zones
should be complete at each site, no? I say yes. But, there is nothing in the
book (AFAIK) that says you can’t mix and match. >>>Should the SOA and the Name
Servers be the same at each site? “The same”, meaning that the
SOA on DNS1 and DNS2 should reference the same server? No. DNS1 will be
DNS1.whatever and DNS2 will be DNS2.whatever because they are each authoritative
for the zone and, therefore, consider themselves the “Start of
Authority” for that zone. HTH Deji From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Ok. Some conflicting responses. Just so I
can sort this out in my little brain: I am aware of the island issue and my practice
has been to point to another site to promote, then change it to point to
itself. Why would you point to another site as
primary if there is poor connectivity? The AD-integrated DNS zones should be
complete at each site, no? Should the SOA and the Name Servers be the same at
each site? -- nme From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Agreed From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] In this scenario,
I’d recommend Primary to another and secondary to self. Deji From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Hi – I have just been brought into a
situation where a client has several poorly connected (VPN and slow connections
to the Internet) sites in a single W2k domain. Each site has a single DC that
runs AD-integrated DNS. Previously, most of the DCs had tombstoned. Microsoft
walked the in-house guy through demoting and re-promoting everything. The question is this: where should
each DC’s DNS point? I have always thought they should point to
themselves and only themselves. The DNS server forwards to the Internet (as
everything is poorly connected). The in-house tech said Microsoft told him to
point each DC’s primary DNS to the FSMO-role holder and then to itself as
secondary. Any thoughts? -- nme |
- Re: [ActiveDir] DNS should point to...? chuckgaff
- RE: [ActiveDir] DNS should point to...? deji
- RE: [ActiveDir] DNS should point to...? Rocky Habeeb
- RE: [ActiveDir] DNS should point to...? deji
- RE: [ActiveDir] DNS should point to...? Noah Eiger
- RE: [ActiveDir] DNS should point to...? deji
- RE: [ActiveDir] DNS should point to...? Kern, Tom
- RE: [ActiveDir] DNS should point to...? deji
- Re: [ActiveDir] DNS should point to...? Tomasz Onyszko
- RE: [ActiveDir] DNS should point to...? Jorge de Almeida Pinto
