joeware - never stop exploring... :)

Information about joeware mixed with wild and crazy opinions...

About Damn Time Microsoft – Split Brain DNS on Windows Server DNS

by @ 8:23 am on 9/1/2015. Filed under tech

 

Suppose the career website of contoso.com is hosted at www.career.contoso.com . The site has two versions, one for the internal users where internal job postings are available and is available on a local IP 10.0.0.39. The public version of the same site is available on public IP 65.55.39.10. In absence of DNS policies, the administrator had to host these two zones on separate Windows DNS servers and manage them separately. Using DNS policies these zones can now be hosted on the same DNS server.

http://blogs.technet.com/b/networking/archive/2015/05/12/split-brain-dns-deployment-using-windows-dns-server-policies.aspx

 

In Windows Server 2016 Technical Preview 3, the DNS policies support has been extended to Active Directory backed zones. Active Directory integration inherently provides multi-master high availability capabilities to the DNS server. Inearlier blogs, we had seen how to configure DNS server policies for different scenarios on file backed DNS zones. But as many of our customers use Active Directory environment, it was needed that the traffic management capabilities of DNS policies were extended to the Active Directory integrated zones. In a previous blog, we discussed how DNS policies and zone scopes could be used to setup a split brain DNS system on a single Windows DNS server.  Split brain DNS deployment has been a long standing conundrum for DNS administrators. A DNS deployment is said to be split-brain (or split-horizon) when there are two versions of a single zone, one for the internal users and one for the external users – typically users on the public internet.

http://blogs.technet.com/b/teamdhcp/archive/2015/09/01/split-brain-dns-in-active-directory-environment-using-dns-policies.aspx

 

I have personally been asking Microsoft for a BIND VIEW like capability since probably 2002/3.

Rating 4.50 out of 5

One Response to “About Damn Time Microsoft – Split Brain DNS on Windows Server DNS”

  1. Wayne McGlinn says:

    Thinking about this Joe … this means a DC with DNS is available on the Internet? Security?

[joeware – never stop exploring… :) is proudly powered by WordPress.]