locked
Dns configuration on Redundancy Isps RRS feed

  • Question

  • I have two internal dns on the same scope DNS1 192.168.1.100 AND DNS2 192.168.1.99, but i have no persistent route for the two Isps because all the clients are configured to use one or another dns, this is bad configuration? because i see on documentation that each isp need each dns persistent route, but i have no persistent because i have the two dns on the internal layer of forefront. Thants good?

    Thanks.

    Sunday, March 3, 2013 4:25 PM

Answers

  • I have two internal dns on the same scope DNS1 192.168.1.100 AND DNS2 192.168.1.99, but i have no persistent route for the two Isps because all the clients are configured to use one or another dns, this is bad configuration? because i see on documentation that each isp need each dns persistent route, but i have no persistent because i have the two dns on the internal layer of forefront. Thants good?

    There is no problem to have internal DNS servers. By having internal DNS servers, you will be able to cache external DNS resolutions and improve your DNS resolution performance.

    On your internal DNS servers, you should have set public DNS servers to be used for external DNS resolution. If these are your ISP DNS servers (Which is recommended for security reasons), you may think about having a persistent route for your ISP DNS servers: http://technet.microsoft.com/en-us/library/dd440984.aspx

    This is in order to be sure that DNS requests are forwarded to the correct ISP DNS server.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Sunday, March 3, 2013 4:30 PM
  • Hi,

    Thank you for the post.

    You do not need to configure the firewall to use external DNS servers from the ISP wizard. Just like Mr X said, it is recommend to configure internal DNS server and use forwarder.

    Regards,


    Nick Gu - MSFT

    • Marked as answer by xames_81 Monday, March 18, 2013 10:43 AM
    Wednesday, March 6, 2013 2:34 AM
    Moderator

All replies

  • I have two internal dns on the same scope DNS1 192.168.1.100 AND DNS2 192.168.1.99, but i have no persistent route for the two Isps because all the clients are configured to use one or another dns, this is bad configuration? because i see on documentation that each isp need each dns persistent route, but i have no persistent because i have the two dns on the internal layer of forefront. Thants good?

    There is no problem to have internal DNS servers. By having internal DNS servers, you will be able to cache external DNS resolutions and improve your DNS resolution performance.

    On your internal DNS servers, you should have set public DNS servers to be used for external DNS resolution. If these are your ISP DNS servers (Which is recommended for security reasons), you may think about having a persistent route for your ISP DNS servers: http://technet.microsoft.com/en-us/library/dd440984.aspx

    This is in order to be sure that DNS requests are forwarded to the correct ISP DNS server.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Sunday, March 3, 2013 4:30 PM
  • But i don't understand what happend if the requests go to one or another dns forwarded because are the two in the same layer. I think the phrase "This in order to be forwareded to the correct isp dns server" sense if the dns are external but not on the internal ones. I have on Isp with Dns1 192.168.1.100 and the other isp with dns2 192.168.1.99 but i have that because the implementation in redundancy installation forces me to put different ones. 
    Sunday, March 3, 2013 7:05 PM
  • Hi,

    Thank you for the post.

    You do not need to configure the firewall to use external DNS servers from the ISP wizard. Just like Mr X said, it is recommend to configure internal DNS server and use forwarder.

    Regards,


    Nick Gu - MSFT

    • Marked as answer by xames_81 Monday, March 18, 2013 10:43 AM
    Wednesday, March 6, 2013 2:34 AM
    Moderator