none
Multi-homed DC / DNS server, Can server 2016 DNS policies be used to serve _msdcs to different sub-nets? RRS feed

  • Question

  • I support an application that currently requires DCs with an isolated subnet as well as access to other networks (see Purdue Enterprise Reference Architecture). The isolated subnet (lower numbered levels in the Purdue model) will have domain members in all deployments, so we usually only have DNS listening on the lowest level isolated subnet.  There will be many nodes that only have access to the lowest level, but the DC will typically be multi-homed on adjacent levels.  But in some cases, our customers would like domain members on the other levels as well.  In the past we've set up separate AD integrated DNS servers for the other networks and while this works OK, not all deployments will have the extra servers available for another couple of DNS servers. 

    I've been reading up on the DNS policies in Server 2016 and the split brain scenarios look like a nice solution to serve DNS on adjacent levels in the architecture. I've been experimenting with various policy settings for the split brain type scenario, but haven't been able to come up with a working solution to serve _msdcs to separate networks.  

    I'd appreciate any pointers to reading material, advice, etc.  Perhaps I'm just missing something basic or can this just not be done?

     
    Tuesday, May 9, 2017 1:31 PM

All replies

  • Hi Randy 1 Pratt,

    >>Multi-homed DC / DNS server, Can server 2016 DNS policies be used to serve _msdcs to different sub-nets?

    Thank you for posting.

    I didn't found any related information about it in Microsoft official documents.I will continue to research in the future.

    If we have any updates about this issue, we will keep you posted as soon as possible. Your kind understanding is appreciated.

    Best Regards,

    Candy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, May 10, 2017 6:19 AM