I appreciate the feedback on your experience with QIP and MS DNS. It will all help
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Schofield Sent: Tuesday, December 06, 2005 8:52 PM To: [email protected] Subject: Re: [ActiveDir] Moving 3rd party DNS to AD probably not needed but here is a script I used and deployed with SMS to all my member servers to update the DNS order. The script was used to add a third DNS server for 'just in-case' lookups but was effective in updating the member servers w/o having to manually do it. Probably won't be useful but thought I would pass along. You could easily make this accept command line switches but by default only runs on the local machine. Hope that helps. Sub Main() SetDNSServerSearchOrder() End Sub Sub SetDNSServerSearchOrder() ' On Error Resume Next Err.clear dim aDNS(1) 'Primary DNS server aDNS(0) = "x.x.x.x" 'Alternate DNS server aDNS(1) = "x.x.x.x" 'Set Networking Managing Objects strComputer = "." set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = 1") For Each objItem in colItems errDNS = objItem.SetDNSServerSearchOrder() wscript.sleep 500 errDNS = objItem.SetDNSServerSearchOrder(aDNS) Next set objWMIService = Nothing set colItems = Nothing End Sub Steve Schofield Microsoft MVP - ASP/ASP.NET ASPInsider Member - MCP http://www.orcsweb.com/ Managed Complex Hosting #1 in Service and Support ----- Original Message ----- From: "Steve Schofield" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, December 06, 2005 10:39 PM Subject: Re: [ActiveDir] Moving 3rd party DNS to AD > Boy that is a real toughie! I have experience both with AD using QIP (6.x > version) which was really good and now for the past year getting used to > MS DNS with integrated zones on DC's which was ok but has been rock solid > with w2k3 sp1 (lots of DNS fixes in w2k3 sp1). What would I do, boy not > sure but here is an attempt. If your goal is have AD/DNS hosted on MS to > quickly cutover one brainstorm is to have your DNS servers in AD be > secondary's and ability to *import* the QIP zones so you could have > real-time updates up to and just before cutover. Not sure off-hand if > that is possible but believe so. > > Then for cutover, unplug QIP network cable, change the IP on the MS dns > servers, convert to a primary zone to allow dynamic updates if you are > supporting that. You can also setup the QIP to be the forwarders for the > AD ones but would suggest to stay away from that if possible and just use > the ROOT servers. As far as performance, DNS is not a very intensive > process for a standard type setup. I would suggest RAID 1 for redundancy > with 1 or 2 gig of ram. A dual proc machine would be more than > sufficient. The RAID should use a hardware based controller with some > cache for added boost. One benefit if these were DC's vs. standard DNS > servers is the multi-master replication being integrated into AD database > providing redundancy. Depending on your AD database size and DC's size, > the entire database is loaded into memory could provide a pretty good > boost. The ISP I work for (orcsweb.com) our internal AD servers take a > lot of requests and those machines sit idle regarding DNS (we send lots of > emails a day pretty DNS lookup intensive and works well). The QIP > experience I didn't directly manage so I can't provide any stats there > sorry. Hope that provides some ideas, the UI management tool in QIP is > better than AD but the MMC is ok for a few domains.. Good luck, feel free > to contact me [EMAIL PROTECTED] > > Steve Schofield > Microsoft MVP - ASP/ASP.NET > ASPInsider Member - MCP > > http://www.orcsweb.com/ > Managed Complex Hosting > #1 in Service and Support > > > ----- Original Message ----- > From: "Figueroa, Johnny" <[EMAIL PROTECTED]> > To: <[email protected]> > Sent: Tuesday, December 06, 2005 3:18 PM > Subject: [ActiveDir] Moving 3rd party DNS to AD > > > > I will be removing a couple of Lucent QIP DNS servers running on Sun > Solaris with Microsoft DNS. > > We already have our AD infrastructure. The _zones in the QIP DNS servers > were delegated to AD DNS/DCs so the domain controllers could update > their SRV records. > > We debated if we should integrate the zones owned by the QIP solution > into AD (DC/DNS Servers) or create a couple of standalone DNS servers in > AD, which will not be domain controllers. We chose to go with the > standalone DNS servers mainly so that the testing, cutover and potential > roll back could be done with minimal changes. I.e. turn off QIP DNS > servers, change IP on the MS DNS servers to that of the old QIP servers > and we are done. Roll back would be something like turn off MS DNS > servers and turn QIP back on. The _zones in question are in our empty > root domain, the clients and the AD resource records are in a child > domain/zone already in AD. > > Feel free to comments or make suggestions about that approach, but my > real question is around performance. I am trying to get performance data > from the folks that support the QIP DNS servers but that may not be an > option at this time. Those servers connect via firewall to the internet > for root servers and do not forward to anybody else at this point and so > will the MS replacements. The AD DNS servers currently forward to the > QIP servers mentioned for Internet address resolution and cache it for > the clients. There are some mainframe systems that point to the QIP > servers directly but that's the exception not the rule, our clients > point to AD DNS servers. > > The performance documents I found so far talk about memory being the > real issue with DNS servers and they give me a formula, something like > 100K for every 1000 records. My questions are: 1) No sure if I need to > go with anything else other than dual processors, quads seem like > overkill. 2) I am not reading anything that would tell me how I may > setup the disks for the server. The zones themselves are in the > megabytes range so they will not take a lot of space. I will probably > mirror the OS as that is our standard, but then is there a way to have > the zones on different disk drives and perhaps set those up as RAID 5? > > I realize performance are tough questions without knowing the > environment but it has been my experience that you always get useful > replies from this group. > > Thanks > > Johnny Figueroa > Enterprise Network Consultant/Integrator > Network Services Banner Health Voice (602) > 495-4195 Fax (602) 495-4406 > > WARNING: This message, and any attachments, are intended only for the > use of the individual or entity to which it is addressed and may contain > information that is privileged, confidential and exempt from disclosure > under applicable law. If the reader of this message is not the intended > recipient or employee/agent responsible for delivering the message to > the intended recipient, you are hereby notified that any dissemination, > distribution or copying of the communication is strictly prohibited. If > you receive this communication in error, please notify us immediately > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
