Windows DNS best practice

Dashrender

I've never supported a multi-domain forest in production before so I'm curious what you all think is a Best Practice for DNS settings of your servers?

Due to the nature of a Forest, all AD should replicate with all other DCs in the forest for DNS (but again, it's been so long since I read about it, I could be wrong).

So with that in mind I would setup each DC in a domain to point to same domain DNS servers for Primary DNS (in IP settings) and possibly to the root domain for the secondary or tertiary.

Then set all workstations in the domain to DNS servers in the same domain only.

This should keep most DNS queries local to the domain.

Thoughts?

scottalanmiller

Seems fine to me.

Mike Davis

How are you setting up DHCP? Is each Domain on its own subnet?

wirestyle22

@Mike-Davis He is actually asking this in regards to my network. We have one root domain with two subdomains, all on their own subnets. How mine differs from the OP is both the primary and secondary DNS are in the main building attached to the root domain. We only use static IP's. There is no DHCP here. We don not even use wireless, although that will change in the near future.

Dashrender

@Mike-Davis said in Windows DNS best practice:

How are you setting up DHCP? Is each Domain on its own subnet?

That would depend on the requirements. There are a few options.

a) deploy DHCP in each network
b) deploy DHCP in one network and setup IP Helper addresses in routers

I dont' really think one is better than the other, unless the WAN links are really that slow or unreliable.

Dashrender

@wirestyle22 said in Windows DNS best practice:

@Mike-Davis He is actually asking this in regards to my network. We have one root domain with two subdomains, all on their own subnets. How mine differs from the OP is both the primary and secondary DNS are in the main building attached to the root domain. We only use static IP's. There is no DHCP here. We don not even use wireless, although that will change in the near future.

What Wire didn't mention is that all servers and all clients in the entire organization use those two DNS servers at headquarters. That seems very odd to me.

FYI - Wire just came on with that client, so he didn't set this up.

Dashrender

@wirestyle22 said in Windows DNS best practice:

We don not even use wireless, although that will change in the near future.

While not a requirement for wireless, but DHCP will definitely make life a LOT easier here.

wirestyle22

@Dashrender said in Windows DNS best practice:

@wirestyle22 said in Windows DNS best practice:

@Mike-Davis He is actually asking this in regards to my network. We have one root domain with two subdomains, all on their own subnets. How mine differs from the OP is both the primary and secondary DNS are in the main building attached to the root domain. We only use static IP's. There is no DHCP here. We don not even use wireless, although that will change in the near future.

What Wire didn't mention is that all servers and all clients in the entire organization use those two DNS servers at headquarters. That seems very odd to me.

FYI - Wire just came on with that client, so he didn't set this up.

This is correct