none
DNS problem

    Question

  • our environment requires out of band management network

    we have management nic and production nic on all servers

    we are trying to sort it so that production nic resolves to production dns and management to management dns

    you can only set dns suffixes on all adapters not individually

    how do i

    a) stop both nics registering on mangement DNS

    b) setup a useable solution to this problem?

    i have setup dns in production zone using a different zone name but A records are not dynamically added and duplicate entries appear in the management

    just need some advice really on how best to achieve my goal

    Thursday, April 25, 2013 7:14 AM

All replies

  • Hi,

    a) http://technet.microsoft.com/en-us/library/cc959739.aspx

    b) Disable registering like described in a. Use only one DNS, what is the reason to use two different DNS? You have more work to administer. The configuration is quite difficult. 

    regards,


    Philipp Halbedel

    MCP 2003,MCITP EA Server 2008,MCITP EA Windows 7,MCSA2008,MCSA2012 

    Meine Antwort war hilfreich? ich freu mich über eine Bewertung. If my answer was helpful, I'm glad about a rating! 

    I do not represent the organisation I work for, all the opinions expressed here are my own.

    Thursday, April 25, 2013 8:22 AM
  • Hello,

    multi-homed NICs are bad design for DCs, details in http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    Thursday, April 25, 2013 8:58 AM
  • thanks for the links. good reading

    one caveat being that our dcs only have one NIC and thats in the management zone. is multi homing member servers an equally bad move?

    my workaround is this:

    create another zone in management dns to host all the production A records

    disable dynamic updates for all adapters

    use a gpo to push out the 2 dns suffixes

    manually register all records on "prod" zone

    will this work as expected? im aware that to resolve "prod" dns the full fqdn will be required as the machine name remains the same only suffix and ip are different

    Tuesday, April 30, 2013 3:07 PM
  • the problem we have is we wanted to have complete out of band management network. if prod nics need to resolve using hostnames they cant because they cannot use the management route to resolve. im thinking just opening 53 from prod to management wont cause too many headaches for our over zealous security guys who were instrumental in orchestrating the out of band idea in the first place
    Tuesday, April 30, 2013 3:12 PM