| Author |
Message |
Steve Schofield
Guest
|
 Posted:
Thu Jan 06, 2005 8:56 pm Post subject:
NIC settings on DC/DNS server |
|
|
I have a forest with two domain controllers DomainController1,
DomainController2 running AD integrated DNS I'm looking for information on
how best to configure the DNS NIC settings on DomainController2. On
DomainController1, the Primary is listed 127.0.0.1 and then the IP of the
server in the secondary. What would be listed for Primary DNS server for
DomainController2 and what would the Secondary DNS? Currently I have the
Primary DNS on DomainController2 pointing to DomainController1 and itself as
Secondary DNS server. Should I make any domain controller2 running DNS the
Primary DNS server point to itself first before looking out for resolution?
Any articles, tip/tricks would be appreciated.
Steve |
|
| Back to top |
|
 |
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Thu Jan 06, 2005 9:30 pm Post subject:
Re: NIC settings on DC/DNS server |
|
|
In news:e9CBg$$8EHA.1524@TK2MSFTNGP09.phx.gbl,
Steve Schofield <steve@deviq.com> commented
Then Kevin replied below:
| Quote: | I have a forest with two domain controllers
DomainController1, DomainController2 running AD
integrated DNS I'm looking for information on how best
to configure the DNS NIC settings on DomainController2.
On DomainController1, the Primary is listed 127.0.0.1 and
then the IP of the server in the secondary. What would
be listed for Primary DNS server for DomainController2
and what would the Secondary DNS? Currently I have the
Primary DNS on DomainController2 pointing to
DomainController1 and itself as Secondary DNS server.
Should I make any domain controller2 running DNS the
Primary DNS server point to itself first before looking
out for resolution? Any articles, tip/tricks would be
appreciated.
|
First, you should not use the 127.0.0.1 loopback address for the DNS
address, use the IP address of the private interface.
That said, it really make no difference which is listed first, but it is
recommended by most of us to make Domain Controller 1 the preferred DNS on
all DCs including DC1. The alternate DNS can be any other DNS server that
supports the AD domain name. This insures that at startup there is a much
better chance of a DNS server being available.
The reason for using DC1 as preferred DNS on all DCs is in case of an AD
zone reinstall, it gives you a centralized DC that all DCs use for DNS and
can re-register their records in. This also prevents the DNS island issue in
Win2k that can cause replication to fail because all DC have not registered
their records.
Never use an ISP's or any external DNS in any position on any member of an
AD domain.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Steve Schofield
Guest
|
| Posted:
Thu Jan 06, 2005 9:51 pm Post subject:
Re: NIC settings on DC/DNS server |
|
|
Thanks Kevin,
I came from another shop where we used traditional BIND/Unix DNS and all
machines were pointed to one DNS primary server, that makes perfect sense,
Not sure what you mean by this "First, you should not use the 127.0.0.1
loopback address for the DNS address, use the IP address of the private
interface." When i did the DCPromo the process made the Primary DNS
127.0.0.1 on domain controller one, what your saying is on the
DomainController1, I should use the IP of that machine. Is this what you
mean? If the IP Address of the DomainController1 is 192.168.1.10, then make
the Primary DNS setting to 192.168.1.10 vs 127.0.0.1?
steve
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:#WwehSA9EHA.3640@tk2msftngp13.phx.gbl...
| Quote: | In news:e9CBg$$8EHA.1524@TK2MSFTNGP09.phx.gbl,
Steve Schofield <steve@deviq.com> commented
Then Kevin replied below:
I have a forest with two domain controllers
DomainController1, DomainController2 running AD
integrated DNS I'm looking for information on how best
to configure the DNS NIC settings on DomainController2.
On DomainController1, the Primary is listed 127.0.0.1 and
then the IP of the server in the secondary. What would
be listed for Primary DNS server for DomainController2
and what would the Secondary DNS? Currently I have the
Primary DNS on DomainController2 pointing to
DomainController1 and itself as Secondary DNS server.
Should I make any domain controller2 running DNS the
Primary DNS server point to itself first before looking
out for resolution? Any articles, tip/tricks would be
appreciated.
First, you should not use the 127.0.0.1 loopback address for the DNS
address, use the IP address of the private interface.
That said, it really make no difference which is listed first, but it is
recommended by most of us to make Domain Controller 1 the preferred DNS on
all DCs including DC1. The alternate DNS can be any other DNS server that
supports the AD domain name. This insures that at startup there is a much
better chance of a DNS server being available.
The reason for using DC1 as preferred DNS on all DCs is in case of an AD
zone reinstall, it gives you a centralized DC that all DCs use for DNS and
can re-register their records in. This also prevents the DNS island issue
in
Win2k that can cause replication to fail because all DC have not
registered
their records.
Never use an ISP's or any external DNS in any position on any member of an
AD domain.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Thu Jan 06, 2005 10:05 pm Post subject:
Re: NIC settings on DC/DNS server |
|
|
In news:uq%23OueA9EHA.3708@TK2MSFTNGP14.phx.gbl,
Steve Schofield <steve@deviq.com> commented
Then Kevin replied below:
| Quote: | Thanks Kevin,
I came from another shop where we used traditional
BIND/Unix DNS and all machines were pointed to one DNS
primary server, that makes perfect sense, Not sure what
you mean by this "First, you should not use the 127.0.0.1
loopback address for the DNS address, use the IP address
of the private interface." When i did the DCPromo the
process made the Primary DNS 127.0.0.1 on domain
controller one, what your saying is on the
DomainController1, I should use the IP of that machine.
Is this what you mean? If the IP Address of the
DomainController1 is 192.168.1.10, then make the Primary
DNS setting to 192.168.1.10 vs 127.0.0.1?
|
Exactly, use the IP of the interface, not the loopback address. I understand
that the loopback address will be put in by the system if you don't put in
an address. Best practice is to use the IP of the private interface, which
is the IP of the DC that will be registered in DNS using the interfaces tab
(DNS server properties). Only the host addresses listed on the interfaces
tab will be created.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Steve Schofield
Guest
|
| Posted:
Thu Jan 06, 2005 10:43 pm Post subject:
Re: NIC settings on DC/DNS server |
|
|
Thanks kevin, i have a good handle on dns just some quirky things on doing
AD/DNS integrated dns, all my background is in UNIX/BIND dns environment and
getting used to AD integrated is a bit of a trick. Things appeared ok in
dcdiag, netdiag but i think I was making dns work harder to find the answer
which isnt' good for performance. By fixing the NIC settings on both of my
DC's that has solved event log messages. Here is a couple of good articles
i found looking through the newsgroups that helped resolve my eventid 4005,
3000 errors.
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036&sd=RMVP
http://support.microsoft.com/?id=300202&sd=RMVP
Thanks again for your helpful tips
steve
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:us6JUmA9EHA.3416@TK2MSFTNGP09.phx.gbl...
| Quote: | In news:uq%23OueA9EHA.3708@TK2MSFTNGP14.phx.gbl,
Steve Schofield <steve@deviq.com> commented
Then Kevin replied below:
Thanks Kevin,
I came from another shop where we used traditional
BIND/Unix DNS and all machines were pointed to one DNS
primary server, that makes perfect sense, Not sure what
you mean by this "First, you should not use the 127.0.0.1
loopback address for the DNS address, use the IP address
of the private interface." When i did the DCPromo the
process made the Primary DNS 127.0.0.1 on domain
controller one, what your saying is on the
DomainController1, I should use the IP of that machine.
Is this what you mean? If the IP Address of the
DomainController1 is 192.168.1.10, then make the Primary
DNS setting to 192.168.1.10 vs 127.0.0.1?
Exactly, use the IP of the interface, not the loopback address. I
understand
that the loopback address will be put in by the system if you don't put in
an address. Best practice is to use the IP of the private interface, which
is the IP of the DC that will be registered in DNS using the interfaces
tab
(DNS server properties). Only the host addresses listed on the interfaces
tab will be created.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in