2

Best practices indicate that one should list 127.0.0.1 in the DNS list for the network adapter configuration for a Domain Controller, but not as the first one. With that said, what is the best place to put it in a list with more than two DNS servers listed? Second, last, or it doesn't matter? Also helpful would be an explanation as to why.

Related question: What should the order of DNS servers be for an AD Domain Controller and Why?

Community
  • 1
Bigbio2002
  • 2,763
  • 11
  • 34
  • 51
  • I take it that you intend this to be aimed at windows domain controller setups but you might want to clarify your question to reflect that. – Tim Brigham Jun 06 '12 at 18:47
  • Your machine runs own DNS server ? – Sandman4 Jun 07 '12 at 12:19
  • @Sandman: Umm... it's a domain controller with DNS. – Bigbio2002 Jun 07 '12 at 16:19
  • possible duplicate of [What should the order of DNS servers be for the network adapter of a domain controller?](http://serverfault.com/questions/394804/what-should-the-order-of-dns-servers-be-for-the-network-adapter-of-a-domain-cont) – Shane Madden Jun 08 '12 at 03:18

3 Answers3

1

In Windows 2000 era, typically you would criss cross them:

DC/DNS Server A: Primary DNS points to Server B Secondary DNS points to Loopback

DC/DNS Server B: Primary DNS points to Server A Secondary DNS points to Loopback

That was how I last understood it to be at least, and I believe it was someone on here who even corrected me about it.

EDIT: It looks like that best practices link in the other question linked above indicates the above to be correct. I suggest you follow that. I have removed my other lines as I do not want to confuse anybody!

Your primary nameserver should be another server with low latency, preferably in the same site in AD Sites and Services. That way replication partners can be quickly discovered and if something is wrong with the DNS service starting you can still perform resolution. You can also specify tertiary servers, but the order past the primary is for the most part irrelevant.

SpacemanSpiff
  • 8,733
  • 1
  • 23
  • 35
  • Yes, there is a MSFT help article that goes along with that answer. You can create problems on the network if the loopback address is listed first in the list, it should never be the first record unless you have a single DC. – Brent Pabst Jun 07 '12 at 16:57
  • Thanks, but this doesn't answer my question. It has already been established that it should not be first. The question is, what is the most optimal position to put it in if you have multiple DNS servers listed? It's a nitpicky question, but I'm curious about it. – Bigbio2002 Jun 07 '12 at 18:42
  • It doesn't matter, as long as it's not first. – SpacemanSpiff Jun 07 '12 at 19:54
  • Thanks. Go ahead and add it as part of your answer (an explanation why would be great too), and I'll accept. – Bigbio2002 Jun 07 '12 at 19:57
1

You aren't limited to two DNS entries per network adapter, that's just the default view.

If you go into IPv4 properties > Advanced > DNS tab, you can configure as many DNS servers as your heart desires. Just make 127.0.0.1 last.

MDMarra
  • 100,183
  • 32
  • 195
  • 326
0

My understanding is that you should lists other dns servers as primary and secondary, then the 3rd one would be your loopback.

Although you can list additional dns servers "till your hearts desire, it will cause additional overhead.

Your computer will put a request out to every single dns server in the list and then accept the first response back. If you have a list of 10 dns servers on every computer you can see how much "traffic" this potentially might create. Use only the closest dns servers.

artifex
  • 1,634
  • 1
  • 17
  • 22
Shelly
  • 9
  • 3
  • 1
    The local list of resolvers are used in the order they are listed. It will not query all servers at the same time and then use the first response. This behavior is default in both Windows and Linux. http://manpages.ubuntu.com/manpages/jaunty/man5/resolv.conf.5.html http://technet.microsoft.com/en-us/library/cc754152.aspx – artifex May 29 '13 at 23:06