locked
branch office problem RRS feed

  • Question

  • I have two offices. On site 1 is where we have all of our servers and information. We use a watchguard firewall for each location and have a manual vpn setup so store 2 can have access to the servers. My problem is store 2 takes a while to load some of our programs. We have an 18 mb up and 6 mb down connection at each store. Store 2 uses the 2 dns servers at store #1. Would adding a third dns server and AD at store 2 make a difference? The database we access is not stored on a dns server however it is on it's own server.

    Thank you

    Friday, February 10, 2012 9:35 PM

Answers

  • Hello,

    Adding a DC / DNS server in your second store will increase the high-availability of AD / DNS services in store 2 especially when the VPN tunnel is down and minimize the traffic for AD authenticiation and DNS resolution / Updates.

    If you suspect that DNS resolution is the cause then make sure that client computers are pointing to an internal DNS server as primary DNS server.

    Personally, I think it will be better to see that with Watchguard Technical Support.



    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Saturday, February 11, 2012 10:16 AM
  • Hi John,

    Thanks for posting here.

    >When it came back up would anything out of the ordinary happen since it couldn't talk to the other 2 DC's?

    If the preferred DNS is unavailable then it will query with the other DNS servers that we specified in DNS servers list . However if it can’t locate and communicate with other DNS servers for zone replication then clients that point to use this server as DNS server then it will unable to get the updated DNS information .

    We can find the best practices of DNS setting for clients in branch office scenario form the link below:

    Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
    http://support.microsoft.com/kb/825036

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Wednesday, February 15, 2012 6:23 AM

All replies

  • Hello,

    Adding a DC / DNS server in your second store will increase the high-availability of AD / DNS services in store 2 especially when the VPN tunnel is down and minimize the traffic for AD authenticiation and DNS resolution / Updates.

    If you suspect that DNS resolution is the cause then make sure that client computers are pointing to an internal DNS server as primary DNS server.

    Personally, I think it will be better to see that with Watchguard Technical Support.



    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   

    Microsoft Student Partner 2010 / 2011
    Microsoft Certified Professional
    Microsoft Certified Systems Administrator: Security
    Microsoft Certified Systems Engineer: Security
    Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
    Microsoft Certified Technology Specialist: Windows 7, Configuring
    Microsoft Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
    Microsoft Certified IT Professional: Enterprise Administrator
    Microsoft Certified IT Professional: Server Administrator
    Microsoft Certified Trainer

    Saturday, February 11, 2012 10:16 AM
  • I do have the dns pointed at the primary servers on the client computers at store 2. Let's say I add a DNS AD server at store 2 and the vpn goes down. When it came back up would anything out of the ordinary happen since it couldn't talk to the other 2 DC's?

    Thanks,

    John

    Sunday, February 12, 2012 3:24 PM
  • Hi John,

    Thanks for posting here.

    >When it came back up would anything out of the ordinary happen since it couldn't talk to the other 2 DC's?

    If the preferred DNS is unavailable then it will query with the other DNS servers that we specified in DNS servers list . However if it can’t locate and communicate with other DNS servers for zone replication then clients that point to use this server as DNS server then it will unable to get the updated DNS information .

    We can find the best practices of DNS setting for clients in branch office scenario form the link below:

    Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003
    http://support.microsoft.com/kb/825036

    Thanks.

    Tiger Li


    Tiger Li

    TechNet Community Support

    Wednesday, February 15, 2012 6:23 AM