Server 2016 DNS setting

[Ish]

Hi

In the NIC settings on the server what should the DNS setting be set to.

I have read conflicting advice.

1) Use the IP address of the server and 127.0.0.1
2) Use 127.0.0.1 and the IP address of the server
3) Use the IP address of the server and an 8.8.8.8
4) Use 127.0.0.1 and 8.8.8.8

Which one is correct?

 

[Mujja]

I use 4.

 

[Armageus]

I'm assuming the DNS role is actually installed.

The recommendations have changed over the years, but I believe the recommended setting now is:

Preferred: IP Address of another DNS Server in the network
Alternate: 127.0.0.1

If running a single DNS server then preferred should be 127.0.0.1 and alternate left blank.

1) and 2) have never been recommendations - there is no need to put the same server in as alternate - just leave it blank (although using 127.0.0.1 is better practice, as it means that server will always be able to reach itself even if there is a network configuration issue)
3) and 4) 8.8.8.8 shouldn't be needed if you are running DNS locally, as it will query root hints, or if you would prefer to forward to google (or elsewhere), then you would add 8.8.8.8 as a forwarder within the DNS Server settings.

 

[Ish]

DNS role is installed and it is a single DNS server.

Thanks for the advice.

 

[Ish]

Just a thought, would the router be classed as a DNS server?

 

[Armageus]

Just a thought, would the router be classed as a DNS server?

Yes Routers can be DNS servers, but they are in no way comparable to Windows DNS and arguably not something you would use as an alternate on a Windows Server imo.

 

[Mujja]

Just a thought, would the router be classed as a DNS server?

Just checked my setup at home with Server 2016 setup as DC with DNS role.

DNS1 - 127.0.0.1
DNS2 - gateway IP (router)

All DHCP clients

DNS1 - IP of DC\DNS server
DNS2 - gateway IP (router)

On router

DNS1 - 8.8.8.8
DNS2 - 8.8.4.4


I've configured DHCP on clients to use the router as secondary DNS for when the DC is down for updates etc, single DC for home network.

 

[nightmare99]

The gateway should be in the forwarders list shouldn't it, not as a secondary on the net interfaces?

 

[katana6434]

I wouldn't put the gateway as a forwarder on DNS. I would set it up as Mujja has. The DNS server will use its root hints to forward any query.
If the DNS server is down (for updates as he said), then the clients will need to use its secondary DNS settings to resolve anything, which in this case is the router (which is only forwarding requests to google anyway).

 

[Mujja]

The gateway should be in the forwarders list shouldn't it, not as a secondary on the net interfaces?

In my setup the router\gateway is the secondary DNS server. This is the config I use for labs and my home network where there is a single Windows DNS server.

I'm not a DNS expert but in a live environment you would configure two DNS servers and setup the forwarding.

 

[Armageus]

The gateway should be in the forwarders list shouldn't it, not as a secondary on the net interfaces?

No - generally you want to use root hints rather than forwarders anyway - forwarders are generally for specific situations e.g. to forward to another dns server to allow dns resolution between 2 separate windows domains.

In my setup the router\gateway is the secondary DNS server. This is the config I use for labs and my home network where there is a single Windows DNS server.

Which is fine for home use or a single server, but for anything bigger you can run into issues, as router DNS doesn't handle any Active Directory DNS information.

Even on smaller networks it can be beneficial to just leave the alternate blank, purely so you know there is a problem when the primary Windows DNS has failed, rather than trying to troubleshoot when it starts using the Router DNS and is not working as intended.