We have around 500 servers in the same domain and IP network. Remaining servers are approx 70% W2K3 and 30% W2K8/R2. We're in the process of upgrading (replacing) all our DC's to (with) W2K8R2 servers - and are looking into a better way of ensuring proper DNS resolution. Today the IP-addresses of the DC's are specified as DNS servers on the domain servers, but has the unfortunate problem, that when one DC is down (for whatever reason), we get a delay on the servers using the server as primary DNS server until they failover to the next, fx. when accessing/brosing the \\domain\netlogon share - at least that is what we expect is happening, because the problem went away after the DC came back up. Maybe it was a problem with the domain DFS (?). Whatever! What we were thinking was to add an additional secondary IP-address (on the same subnet) to the NIC in the DC's - and specify these addresses as DNS server addresses on the domain servers. And if one DC is shut down (again, for any reason), we can move that IP address to one of the other DC's (DNS server) to avoid the delay / DNS timeout until the DC (DNS server) is back up. The DC's will not be multihomed, they will have 1 NIC with 2 IP-addresses on the same subnet. - Any thoughts to this setup? - Any thoughts to our "timeout/delay" problem with one DC / DNS server down? Thanks, Nicolaj

Hi Nicolaj, Thanks for posting here. > The DC's will not be multihomed, they will have 1 NIC with 2 IP-addresses on the same subnet. Actually we will not suggest to set networking entries for DC/DNS host with this configurations . We should join and setup one or several additional DC/DNS hosts into this active directory system and configure the DNS entries for all domain member with following the suggestions in the article below: Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003 http://support.microsoft.com/kb/825036 Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Nicolaj, Thanks for posting here. > The DC's will not be multihomed, they will have 1 NIC with 2 IP-addresses on the same subnet. Actually we will not suggest to set networking entries for DC/DNS host with this configurations . We should join and setup one or several additional DC/DNS hosts into this active directory system and configure the DNS entries for all domain member with following the suggestions in the article below: Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003 http://support.microsoft.com/kb/825036 Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Nicolaj, Thanks for posting here. > The DC's will not be multihomed, they will have 1 NIC with 2 IP-addresses on the same subnet. Actually we will not suggest to set networking entries for DC/DNS host with this configurations . We should join and setup one or several additional DC/DNS hosts into this active directory system and configure the DNS entries for all domain member with following the suggestions in the article below: Best practices for DNS client settings in Windows 2000 Server and in Windows Server 2003 http://support.microsoft.com/kb/825036 Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Tiger, We already have multiple(4) DC's (in the end we'll have 5) - and we configure mutiple DNS servers on all member servers, so it is not the number of DNS servers (DC's) that are the problem. The problem is the delay we experienced when the DC specified as primary DNS server on the member servers was unavailable, the delay that incurred - we suspect - while the DNS query on the member servers timed out and did a failover to the next DNS server specified. The idea with an additional IP-address on each DNS server (DC) was, that we could specify these addresses as DNS servers on the member servers - and easily move that particular IP-address from a failing DNS server (DC) to one of the others, without having all member servers timeout to the primary DNS server. So, with that in mind - we would like to minimize the chance of DNS clients (member servers) timing out (= experience a delay) on a DNS query if the primary DNS server is offline. We also thought about a NLB cluster, but that doesn't seem to be a very good idea either. Thanks, Nicolaj

Hi Tiger, We already have multiple(4) DC's (in the end we'll have 5) - and we configure mutiple DNS servers on all member servers, so it is not the number of DNS servers (DC's) that are the problem. The problem is the delay we experienced when the DC specified as primary DNS server on the member servers was unavailable, the delay that incurred - we suspect - while the DNS query on the member servers timed out and did a failover to the next DNS server specified. The idea with an additional IP-address on each DNS server (DC) was, that we could specify these addresses as DNS servers on the member servers - and easily move that particular IP-address from a failing DNS server (DC) to one of the others, without having all member servers timeout to the primary DNS server. So, with that in mind - we would like to minimize the chance of DNS clients (member servers) timing out (= experience a delay) on a DNS query if the primary DNS server is offline. We also thought about a NLB cluster, but that doesn't seem to be a very good idea either. Thanks, Nicolaj

Hi Tiger, We already have multiple(4) DC's (in the end we'll have 5) - and we configure mutiple DNS servers on all member servers, so it is not the number of DNS servers (DC's) that are the problem. The problem is the delay we experienced when the DC specified as primary DNS server on the member servers was unavailable, the delay that incurred - we suspect - while the DNS query on the member servers timed out and did a failover to the next DNS server specified. The idea with an additional IP-address on each DNS server (DC) was, that we could specify these addresses as DNS servers on the member servers - and easily move that particular IP-address from a failing DNS server (DC) to one of the others, without having all member servers timeout to the primary DNS server. So, with that in mind - we would like to minimize the chance of DNS clients (member servers) timing out (= experience a delay) on a DNS query if the primary DNS server is offline. We also thought about a NLB cluster, but that doesn't seem to be a very good idea either. Thanks, Nicolaj

Hi Nicolaj, Thanks for update. >The problem is the delay we experienced when the DC specified as primary DNS server on the member servers was unavailable, the delay that incurred - we suspect - while the DNS query on the member servers timed out and did a failover to the next DNS server specified. In this case, we may consider to decrease the time to failure of the query for clients by modifying registry key “DNSQueryTimeouts” if concern this could be the issue : DNSQueryTimeouts http://technet.microsoft.com/en-us/library/cc977482.aspx Meanwhile , we should also reduce the TTL value for records or disable the DNS cache feature on clients Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Nicolaj, Thanks for update. >The problem is the delay we experienced when the DC specified as primary DNS server on the member servers was unavailable, the delay that incurred - we suspect - while the DNS query on the member servers timed out and did a failover to the next DNS server specified. In this case, we may consider to decrease the time to failure of the query for clients by modifying registry key “DNSQueryTimeouts” if concern this could be the issue : DNSQueryTimeouts http://technet.microsoft.com/en-us/library/cc977482.aspx Meanwhile , we should also reduce the TTL value for records or disable the DNS cache feature on clients Thanks. Tiger Li Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.