DNS and DHCP server query

At the moment we only have DNS and DHCP set up on one of three DC's in 2000 domain.

I am looking at what would happen in different scenarios, including the failure of this server. There are 2 other DC's that will do the job of user logons, but what would happen to DHCP and DNS? and what should I do about it?

I know I could just split the IP scope onto another server, but if one was down we would be short of ip addresses, or can a server be set up to come on line automatically if the other fails? I could just set up DHCP when the failure happens, but it might happen out of hours and many of our users work late, so it would be better if it were automated.

The same goes for DNS, can I install DNS on another machine and just run 2? or is that too easy?

Any thoughts and advice would be welcome.

Ta

 

I dont see the value in most cases of using DHCP and DNS servers on a LAN. DNS is primarily needed for internet access, and usually i set the DNS on each PC as the ISPs Primary and Secondary DNS servers. Its faster. I also use static IPs on all machines on a LAN. I like static paths, it helps reliability and improves performance due to a more direct path and less overhead.

If a PC that is accessed by others goes down, its resources can be re-assigned easily to another PC and the clients can simply change 1 part of the IP path of the resource. By resources i mean data, printers, and other shared resources. If you lost a DHCP server and any PCs were off or reset, they would all end up assigning themselves IPs out fo your LANs range like 169.xxx.xxx.xxx With static IPs the whole network does not rely on 1 DHCP server to make the network work. With a DHCP server, if it fails, the network would not function very well at all. Not all PCs will auto assign themselves IPs in the same subnet range either.

OK Short answer is use static IPs and forget DHCP server. Use your ISPs DNS servers or the internet router for DNS.

 

Dez - your suggestions are fine for a small network but static addressing all workstations would be a headache for no good benefit on a large LAN and lack of DNS servers could cause major issues on a WAN.

Grunty - twould be a humongous help if you gave some specs on your network

LAN or WAN
IP range(s) and netmask(s) in use
# of machines you are dealing with

 

Thanks for your replies. I have a network of 75 workstations, 10 servers doing various tasks and 10 networked printers. There are also about 20 users who can dial in across VPN connecting to a Citrix server, although there is rarely more than 3 of those at any one time as they usually work from inside the LAN.

The domain is the only one in the forest and is a single class C subnet

Internet access is through a fixed IP / 2Mb pipe and is needed and used all the time.

The whole lot is windows 2000 and uses Active Directory, which I believe needs DNS to function correctly. The servers, printers and switches are all fixed IP, the rest is governed by DHCP.

I built the whole lot from the ground up (apart from the Citirx server for which I had to get help from outside) as it was an NT4 network when I started here with old machinery that needed replacing. DNS is not my strong point, so once I had it working I left it well alone.

Because DNS and DHCP is only on one DC, I am worried about the lack of redundancy. We had a succession of harware failures on other servers - one of them critical that brought the issue of redundancy into focus.

I have sorted the DHCP now, I had a tidy-up of the excluded addresses and have been able to spilt the scope onto another DC and still have enough addresses in each to cover the workstations.

I know for sure that using fixed IP's is out of the question. I have to rebuild every workstation from a ghost image once a year as we replace a proportion of new machines which get issued to the heaviest users, the rest being filtered down to others. DHCP, Active directory, group policies and roaming profiles make my life alot easier and I don't really want to meddle with any of it.

My only concern now is how I should put DNS on a second server - as I said I am not very good with DNS so any pointers on how to implement that would be very gratefully received.


Thanks

 

With all due respect I highly disagree with this statment.

If you point clients to the internet for DNS on a Domain enviroment the clients will struggle to find the DC.
Seen it many times, change the client to get DNS from local DC and logon will be many times faster.

Setting up a second server as a secondary DC is a pretty simple task.

As far as DHCP goes it gives the client a little more information than just ans IP address.
It tells the client where to get DNS, where the gateway is, and a wealth of other information that would be a nightmare to administrate in a network with more than 25 PCs.

Lets not forget that DHCP leases are ushally 8 days by default. If the DHCP server goes down the world doesnt come to an end. Everything will function as ushual unless a lease expires wich should give you atleast 4 days to get DHCP back up and running.

 

One other item to add.

Since you are using a private address range for the network (at least I assume you are), why not back out to a netmask of 255.255.248.0 which will greatly increase the IP address pool you can use without making the possible range so large you start seeing performance issues.

 

Dez makes some good points for a 10 machine network, but it doesnt scale well up to the 100 machine range


DHCP- I'm with newt. you fly out that mask to something with more range so you can split scope.This big ugly link is to the Optimizing DHCP Availability section of the Win2003 deployment guide. Personally, i like to split scope on small to middlin sized networks like yours. Read up and choose your poision

http://www.microsoft.com/resources/...ployguide/en-us/dnsbc_dhc_kzxp.asp?frame=true


ssmith10pn's got you on track for the DNS, just setup one of the other DCs as a DNS server, AD replicate and add it as your secondary to the DHCP, poof your done, instant fault tolerance. The clients will hit the secondary if the primary is toast.

 

Fair enough, i can see the high maintenance it would be on a large network to not use DHCP servers. I dont have many networks i deal with over 30 PCs, the largest being a site with 3 servers and 45 PCs. Maybe thats why i am not using DHCP mch myself.

I keep a table of who has what IP and assign all static IPs. But it is also a lot to do with my location. I live in a country town in Australia and my service area extends 300 KM top to bottom. It can be hard to get to some sites quickly, so i dont like too much dependancy on any one PC, so they can still work until i get there.

If you have time to put static IPs in each PC and have static paths to things like internet routers etc, the performance increase is quite noticeable. Too many things can go wrong when windows has to auto find things. Anyway these guys also replying to this thread probably knwo more about things like DHCP servers than i do, so listen to them. If i had seen in teh first post the size of his network (which isnt listed till later) i probably would not have answered this post at all.

 

Dez - if you are dealing with smaller and fairly stable networks with static addressing, you should also see performance improvements with the use of hosts or LMHosts files as well.

But please don't avoid answering posts. I don't know about you but I learn more from times I post something that isn't quite right (and get told in detail how I goofed) than from times when I posted exactly the right information. My face usually turns a little red when I read the responses but hey, no one but me can see that.

 

Phew, alot of replies makes for interesting reading.

DNS was easier than I thought in the end, just installed the files on a second DC and active directory replication did the rest. All I had to do then was list the second server in the DHCP scopes - did I do it right?

Anyway, thanks for all your help.

Dez, there are occasions when I have to build a small subnet (for testing or for visiting companies to use) and I always use fixed IP, so much easier to set up then, although I didn't realise it saved on network performance as wel

The number of computers we have is fairly static at the moment but if we ever expand I will have to think about subnetting then.

Ta