What are the advantages and disadvantages of installing DNS on our domain controllers (DC) rather than having separate DNS servers? We currently run a Windows NT 4.0 domain with no DNS. We have three servers that we plan to use as domain controllers and/or DNS servers when we go to ADS. Thanks.
Advantages of DNS on DCs:
- DNS can be configured to allow dynamic secure updates, enhancing the security of your DNS infrastructure.
DNS will be Active Directory integrated -- all the DCs can update and replicate the DNS entries. This adds to fault tolerance and lowers your management efforts to maintain DNS.
Disadvantages of DNS on DCs:
- A change from the ordinary -– generally, legacy DNS solutions are Unix based. The Unix administrators may not like the MS DNS solution too much and will have to be trained, although this is not really a big deal.
- I wouldn't use a DC as an EXTERNAL DNS system. That is, if you have a DNS server that responds to requests from the Internet, I would definitely NOT use a DC. You can STILL use MS DNS, but just don't put a domain controller in a public realm. There are some concerns over speed, although the MS DNS will operate admirably for most cases, if you have a lot of entries, you could be a little disappointed with Windows 2000 DNS performance (Windows 2003 is another story!). But when I mean a lot of entries, I am talking about thousands like we have in our hosting solution.
This was first published in July 2003