+ Post New Thread
Results 1 to 10 of 10
Windows Thread, DNS setting on DCs in Technical; Hello, Just what are the DNS settings on DCs (running AD integrated DNS) supposed to be? Are they supposed to ...
  1. #1
    OverWorked's Avatar
    Join Date
    Jul 2005
    Location
    N. Yorks
    Posts
    1,003
    Thank Post
    195
    Thanked 42 Times in 34 Posts
    Rep Power
    29

    DNS setting on DCs

    Hello,

    Just what are the DNS settings on DCs (running AD integrated DNS) supposed to be? Are they supposed to use themselves with no

    I have 2 DCs, each is also hosting AD integrated DNS. A few months ago, one of them had trouble: lots of Userenv 1030 and 1058 errors.

    I've tried the recomended practice of leaving the DCs DNS address blank, making them to use themselves for DNS. Then the problem appeared and I entered thier own addresses for DNS, essentially the same, but it cleared the problem for a while. Now it's back again.

    What's best: they use themselves for DNS, or each use the PDC for DNS, or should they use themselves as primary DNS with each other as secondary DNS?

    I'm working through MS KB 887303 now. I just wondered what everyone else did.
    Last edited by OverWorked; 22nd July 2008 at 11:49 AM. Reason: added a bit

  2. #2
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,185
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    I was told by an MS staffer that the best way is to have them all pointing to one DC on site for primary and then to themselves for secondary resolution. This way it is easier to avoid the DNS island issue when starting a DC with AD integrated DNS. This isn't supposed to be an issue on 2003 though.
    Last edited by cookie_monster; 22nd July 2008 at 12:17 PM.

  3. Thanks to cookie_monster from:

    OverWorked (23rd July 2008)

  4. #3
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,386
    Thank Post
    10
    Thanked 483 Times in 423 Posts
    Rep Power
    110
    but a local lookup will be much quicker. I still think it's best a primary as itself and secondary as another DC for use during boot.

  5. #4

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,144
    Thank Post
    113
    Thanked 518 Times in 447 Posts
    Blog Entries
    2
    Rep Power
    121
    Agree with @Cookie_Monster - I've always known this to be the way to do it.

    If you have 1 DC then you point it at itself (don't leave it blank; set it to 127.0.0.1 - this is what will happen when you set up a new domain and let the wizard configure DNS for you)

    If you have 2 then point them at each other for primary and themselves for secondary.

    When you have lots, point them at another DC on the same site for primary and a DC on another site for secondary.

    I think DNS island problems were mostly cleared up with Server 2003 but we had that problem years ago on 2000 Server and it was hard work getting it fixed!

  6. #5

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,144
    Thank Post
    113
    Thanked 518 Times in 447 Posts
    Blog Entries
    2
    Rep Power
    121
    Quote Originally Posted by DMcCoy View Post
    but a local lookup will be much quicker. I still think it's best a primary as itself and secondary as another DC for use during boot.
    Remember, the DC will actually do very little in the way of DNS lookups for itself.

    It will service lots of requests if it's hosting the DNS role but for itself it just needs to find info about where the other DCs etc are. Once that info has been found it will be cached.

    Even if it did need lots of lookups, DNS is a very lightweight protocol (watch it with Wireshark) so it's not going to mess up the network.

  7. #6
    Diello's Avatar
    Join Date
    Jun 2005
    Location
    Kent, England
    Posts
    1,063
    Thank Post
    111
    Thanked 228 Times in 128 Posts
    Rep Power
    73

  8. Thanks to Diello from:

    OverWorked (23rd July 2008)

  9. #7
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,185
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    Oddly i was told by the same MS staffer not to use the loopback adaptor 127.0.0.1 but to use it's actual IP address but as you say the wizard sometimes sets it as the loopback address.

  10. #8
    OverWorked's Avatar
    Join Date
    Jul 2005
    Location
    N. Yorks
    Posts
    1,003
    Thank Post
    195
    Thanked 42 Times in 34 Posts
    Rep Power
    29
    Thanks everyone. I'll set the problematic DC to use the other DC (the PDC) as primary DNS, and itself as secondary. I'm not convined it'll clear the problem, which I think is symptomatic of something else, though.

    I've been having a few other little problems with AD not replicating. Just occasionally, not always. I thought it may be DNS related.

  11. #9
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,185
    Thank Post
    392
    Thanked 278 Times in 239 Posts
    Rep Power
    74
    Have you run netdiag and dcdiag?

  12. #10
    OverWorked's Avatar
    Join Date
    Jul 2005
    Location
    N. Yorks
    Posts
    1,003
    Thank Post
    195
    Thanked 42 Times in 34 Posts
    Rep Power
    29
    @srochford: thanks. I'd already tried that, and it seemed to work for a while and the problems came back. This suggests that the problem may not be DNS related at all - I may be barking up the wrong tree.

    (Aside: Whenever I've had trouble with AD, the cause has alway been DNS related. A DC needs DNS to be able to find itself! Once I logged onto a 2003 PDC as domain admin, tried to access GPMC, and was told it couldn't find the DC - scary at the time. Fixed it by adding a root domain DNS entry).

    @cookie_monster: I've gone with the 'point them both to the PDC' option. I'll monitor it to see if the prob comes back.

    Thanks everyone. The problem's gone away now. netdiag and dcdiag showing no errors. I'm not convinced it won't come back, though!

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 8
    Last Post: 22nd February 2008, 12:34 PM
  2. DCs on VMWare Server guests
    By Norphy in forum Thin Client and Virtual Machines
    Replies: 3
    Last Post: 6th February 2007, 12:35 PM
  3. what is the ratio for DCs to PCs
    By timbo343 in forum Windows
    Replies: 6
    Last Post: 3rd January 2007, 05:16 PM
  4. replicationprob with old off 2k DCs
    By browolf in forum Windows
    Replies: 2
    Last Post: 18th October 2006, 11:06 AM
  5. Replies: 19
    Last Post: 10th August 2006, 09:12 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •