I have recently walked into a company that has their DNS setup as follows. They have two W2K Doman Controllers serving an AD-integrated zone. They removed the root zone from the Windows DNS. They then have the two domain controllers' client DNS configs setup as follows: 1. the other DC, 2. Itself, 3. the DC of a trusted domain, 4, ISP's DNS, 5. Another ISP's DNS. Everything seems to be working fine, given it is a network of only about 150 users, but I always thought that you Never put your ISPs DNS in the client config of the DNS server. On the other hand, I'm not sure if it is really hurting anything. I would think though that each DNS server should have only itself as a DNS server and then setup the trusted domain as a forwarder, followed by the ISPs. Does this sound correct? And what, if any, are the ramifications of how they currently have their DNS setup?
June 16, 2006 9:18 AM
June 19, 2006 5:21 AM