our environment requires out of band management network
we have management nic and production nic on all servers
we are trying to sort it so that production nic resolves to production dns and management to management dns
you can only set dns suffixes on all adapters not individually
how do i
a) stop both nics registering on mangement DNS
b) setup a useable solution to this problem?
i have setup dns in production zone using a different zone name but A records are not dynamically added and duplicate entries appear in the management
just need some advice really on how best to achieve my goal
MCP 2003,MCITP EA Server 2008,MCITP EA Windows 7,MCSA2008,MCSA2012
Meine Antwort war hilfreich? ich freu mich über eine Bewertung. If my answer was helpful, I'm glad about a rating!
I do not represent the organisation I work for, all the opinions expressed here are my own.
multi-homed NICs are bad design for DCs, details in http://msmvps.com/blogs/acefekay/archive/2009/08/17/multihomed-dcs-with-dns-rras-and-or-pppoe-adapters.aspx
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
thanks for the links. good reading
one caveat being that our dcs only have one NIC and thats in the management zone. is multi homing member servers an equally bad move?
my workaround is this:
create another zone in management dns to host all the production A records
disable dynamic updates for all adapters
use a gpo to push out the 2 dns suffixes
manually register all records on "prod" zone
will this work as expected? im aware that to resolve "prod" dns the full fqdn will be required as the machine name remains the same only suffix and ip are different
the problem we have is we wanted to have complete out of band management network. if prod nics need to resolve using hostnames they cant because they cannot use the management route to resolve. im thinking just opening 53 from prod to management wont cause too many headaches for our over zealous security guys who were instrumental in orchestrating the out of band idea in the first place