I love DNS, but hate it when things go wrong. So, I've taken a few steps to reduce the frequency of when it goes wrong. In my tip last year, I enumerated a few things that may be oversights in DNS configuration. That tip had a lot of positive feedback, and now I've lined up a few more tips to help prevent DNS issues. This time, I've specifically targeted DNS issues for Windows systems; as that is where I spend most of my time and have most of my issues.
#1 Limit the number of zonesNothing is more irritating to me than carryover things from the past. This could be a test project that had a separate area within DNS, or possibly another company that was acquired and was simply left as is for what seems to be a very long time. It may be worth taking the time to fully integrate, fully retire, or simply perform some housekeeping on these areas of DNS. This can include cleaning up any forwarders, removing stale zones, and limiting the amount of DNS servers active in the organization.
#2 Consolidate to Windows DNS and DHCPIf effectively every system in an environment is Windows, it doesn't seem to make much sense in having another operating system provide the DNS and DHCP services. Windows DNS is really straightforward to use, and is supported to communicate to other operating systems. Windows DHCP as well is an easy-to-use tool, and DHCP scope options can easily be deployed to Windows clients.
#3 Use Group Policy for every setting possibleOne of the best aspects of Windows technologies is the ability to perform centrally managed Group Policy tasks. There are a number of settings available for deployment through Group Policy such as setting the DNS suffixes. But sometimes the network settings need a little scripted intervention. One example is setting the DNS Servers through Group Policy. There is no direct way of doing this, but if a computer account is configured to run a script (very easy to do) through Group Policy; the script can configure the DNS servers for the computer account. See this TechNet page for deploying DNS server configuration through the netsh command.
#4 Take the time to remove all WINS dependenciesThe fact is, we don't need WINS anymore. Further, only Windows systems truly take advantage of WINS. If only Windows systems are in use; DNS is fully capable of providing all long and short name resolution services. If the DNS suffixes, search order, and server list are all correct; all client systems should resolve as provided by the DNS servers.
#5 Make sure DNS is highly available
One of the good things about Windows networking services like DNS is that it can be inherently made highly available. This is effectively done by using more than two DNS servers. The advanced tab of the networking configuration panel for Windows systems allows a tertiary or quaternary or higher DNS server to be entered. This can ensure that systems are able to resolve to all eligible systems if one is offline. Further, make sure that all systems use the same DNS servers where possible. The script resource above may help with that through Group Policy.
There are so many ways to prevent DNS issues in an environment, and these are just a few. What tips do you employ to avoid DNS issues in your Windows networking environments? Share your tips below.
Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.