When we came to DNS Client settings on domain controller there is always a bit of confusion about what we should set as preferred DNS servers in to the network adapter configuration.
Here the common rules:
- Primary DNS: If possible a DC of the same domain on the same site. If not define a well connected DNS (use the same DNS server as not-site alternative on every DCs)
- Secondary DNS: PDCe
- Third DNS: 127.0.0.1 (if the DC is also a DNS)
- Clear the automatically added ::1 as the primary and only DNS server for the IPv6 stack unless you actively use IPv6.
- Use the loopback address, but not as the preferred server. Set it as the last server in the order. When referencing itself as DNS, you should always use a loopback address and not a real IP address.
- DCs should have at least two DNS client entries.
- all DCs in a domain should be running DNS and hosting at least their own DNS zone; all DCs in the forest should be hosting the _MSDCS zones.
- Use the server’s own IP as the primary. This to avoid various DNS islanding and performance issues that can occur.
- Disable IPv6 entirely.