DNS & Server Down

J

justalfe

Member
Reaction score
0
Location
las vegas
I've always wondered what is the best practice when it comes to small business who don't have on site IT staff and are running a server such a sbs 2011 with dns and dhcp on the server instead of a router. In the event that the server goes down, in ex;mb,hdd,power supply go bad all clients on that network cant even access the internet do basic work in which will lead to some people being awfully mad.

Whats the best thing to do in this case of small business who can only afford one server and are on budget? Do we leave dhcp and dns enabled on the router, and setup static ips on the clients or is there another method thats more robust and secure?
 
Failover to OpenDNS or GoogleDNS...that's what I'd do, anyway. I don't currently handle any small businesses with their own DNS---I honestly think in many cases these systems were set up by techs to make the system NOT user-serviceable.
 
If you are running a Windows domain, you must have the clients pointed to the windows DNS server, or AD will not work properly.

Best to have windows do DHCP as well.


I am in the process of cleaning up a lot of networks because my predecessor didn't know what he was doing.
 
The server should do DHCP....thus DNS.

It's a "server"....it should running on server grade hardware, and properly setup...thus it really shouldn't be down.

99% of our clients are SMBs...we have about 400 active clients. Many of them on SBS. Simple put...the server stays running. Maintenance on the server (such as Microsoft updates thus reboots) are done outside of production hours. it's not installed on cheap home grown cloner PC parts....they're installed on Tier-1 server grade servers...RAID controllers, etc. This is one of the many many reasons you install servers on solid server grade hardware, and not wobbly cheap desktop stuff.

On the very rare chance that the server is crashed/down...and staff at the office need internet...it takes about..oh...what, 45 seconds to log into their edge firewall and flip on DHCP to keep the staff happy for a few hours while server is on the operating table. When you bring the server back up...of course quickly log into the router to disable its DHCP..so the server can take back that function.

With active directory...workstations (and other server) MUST use the domain controllers IP for their DNS. Nothing else, period. If you have a secondard DNS server..such as the ISPs, or the routers LAN IP, or OpenDNS..or whatever...sometimes the servers DNS service may be a bit "busy"...and workstations will stop waiting for an answer from it and query the secondary DNS server..thus getting the incorrect answer. I forget what that time period is where they query their primary DNS..and if no reply they query their secondary DNS. Not having a secondary DNS means they will wait for an answer from the primary DNS.
 
Last edited:
YeOldeStonecat said:
The server should do DHCP....thus DNS.

It's a "server"....it should running on server grade hardware, and properly setup...thus it really shouldn't be down.

99% of our clients are SMBs...we have about 400 active clients. Many of them on SBS. Simple put...the server stays running. Maintenance on the server (such as Microsoft updates thus reboots) are done outside of production hours. it's not installed on cheap home grown cloner PC parts....they're installed on Tier-1 server grade servers...RAID controllers, etc. This is one of the many many reasons you install servers on solid server grade hardware, and not wobbly cheap desktop stuff.

On the very rare chance that the server is crashed/down...and staff at the office need internet...it takes about..oh...what, 45 seconds to log into their edge firewall and flip on DHCP to keep the staff happy for a few hours while server is on the operating table. When you bring the server back up...of course quickly log into the router to disable its DHCP..so the server can take back that function.

With active directory...workstations (and other server) MUST use the domain controllers IP for their DNS. Nothing else, period. If you have a secondard DNS server..such as the ISPs, or the routers LAN IP, or OpenDNS..or whatever...sometimes the servers DNS service may be a bit "busy"...and workstations will stop waiting for an answer from it and query the secondary DNS server..thus getting the incorrect answer. I forget what that time period is where they query their primary DNS..and if no reply they query their secondary DNS. Not having a secondary DNS means they will wait for an answer from the primary DNS.
Click to expand...

StoneCat always says it some much better than I could.....
 
when it comes to that, then what do you recommend for a medical office that all they do is save files to file share on windows 7, everything else they do is on a cloud based crm called Practice Fusion which handles appointments and so forth,

I dont know what route to go either a Synolgy Nas rs812rp+ and redudnt power with Raid 1 or 5
or Windows Server 2012 setup with filesharing , he already has a Dell PowerEde 240

what do you guys recommend in this enviroment since they dont need all the bells and whistes that server 2012 has, My thinking is the less services/servers the less that go wrong right?

Also they dont have any in house IT, im soley the consultant and they dont want a full time personal
 
Personally I'd prefer a proper server with a proper RAID card but that's just me. A Synology NAS is about a reliable as you can get if you don't want to go the server router - but since he has one already .... A server running just AD and file sharing on good hardware does not require much input. Stick on some monitoring with GFI or whatever and keep it updated and backed up.

Easy...
 
justalfe said:
when it comes to that, then what do you recommend for a medical office that all they do is save files to file share on windows 7, everything else they do is on a cloud based crm called Practice Fusion which handles appointments and so forth,

I dont know what route to go either a Synolgy Nas rs812rp+ and redudnt power with Raid 1 or 5
or Windows Server 2012 setup with filesharing , he already has a Dell PowerEde 240

what do you guys recommend in this enviroment since they dont need all the bells and whistes that server 2012 has, My thinking is the less services/servers the less that go wrong right?

Also they dont have any in house IT, im soley the consultant and they dont want a full time personal
Click to expand...

Ok, if they are just doing a peer to peer network then running DHCP and DNS from the router is acceptable, you are not running AD.
 
Wow, the 1900 platform was pretty decent but they sure under spec'd it.

If it's over 5 years old...I would strongly encourage them to factor in replacing it within the next year. yeah some businesses stretch their servers beyond 7 or more years...I hate that. Especially a medical office...they're bound by HIPAA to really maintain a system that will maximize uptime and faster disaster recovery.

80 gig drive...could be SATA's in there. 80 gigs is not a SCSI capacity.

Lot of questions need to be answered here to come up with the best upgrade/replacement path for them. Is this the medical practice office you mention below?
*How many clients
*What is being hosted on the server? Just folder shares for files? Printers? Scanners? E-mail? Applications like databases?
*Is it running as a DC? or just in workgroup mode?
 
Its going to be for roughly 10-15 users
Along with only doing file shares
Maybe one Printer. And its currently running in a workgroup with a win 7 computer acting as the file server
 
I've encountered this DNS issue many times. My solution is thus:

When a small office experiences a network or Internet problem they may call their ISP for tech support before they call YOU. Well you know that ISP techie is going to have them push the hard reset on their router. And wow, just like that the office is likely to have Internet connectivity back even if they no longer can access their Windows shares.

So I make one small change to the router programming. I set the primary DNS setting in the router to point to my local Windows server so that it can process client requests. And just like that Active Directory will work again.

So in a nutshell, run DNS on your AD Windows server. Program the router to point at the local Windows server as it's Primary DNS, leave the Secondary DNS set to whatever the ISP recommends. If the Windows server locks or fails the local clients will still get Internet access although possibly DNS lookups will be slower.

Back on your Windows server the DNS server needs to be properly configured with the ISP's DNS as the preferred forwarders. DHCP is so simple I leave it on the router because it's going to get re-enabled every time the customer pushes the hard reset. Just make sure your Windows server is static and outside the normal DHCP range of the router.

Stuff happens all the time with these small offices with home-style ISP-supplied routers. Might as well set them so that they "fail" as user-friendly as possible. My 2 cents! :)

-Mike Tanis
 
Metanis said:
I've encountered this DNS issue many times. My solution is thus:

When a small office experiences a network or Internet problem they may call their ISP for tech support before they call YOU. Well you know that ISP techie is going to have them push the hard reset on their router. And wow, just like that the office is likely to have Internet connectivity back even if they no longer can access their Windows shares.

So I make one small change to the router programming. I set the primary DNS setting in the router to point to my local Windows server so that it can process client requests. And just like that Active Directory will work again.

So in a nutshell, run DNS on your AD Windows server. Program the router to point at the local Windows server as it's Primary DNS, leave the Secondary DNS set to whatever the ISP recommends. If the Windows server locks or fails the local clients will still get Internet access although possibly DNS lookups will be slower.

Back on your Windows server the DNS server needs to be properly configured with the ISP's DNS as the preferred forwarders. DHCP is so simple I leave it on the router because it's going to get re-enabled every time the customer pushes the hard reset. Just make sure your Windows server is static and outside the normal DHCP range of the router.

Stuff happens all the time with these small offices with home-style ISP-supplied routers. Might as well set them so that they "fail" as user-friendly as possible. My 2 cents! :)

-Mike Tanis
Click to expand...

Amen to that!, thats why I cant decide whether to go Synology NAS Route or do Win Server 08 route.. Im close to making the final decision of just using the NAS since all they do is Fileshares, leaving them less room for down time and disaster
 
Having a router run DHCP means the server will not be as up to date with client registration. You'll encounter less reliability in some features...one example being, RWW portal will not have its list of workstations as updated from DNS..so when a client clicks in from home...his workstation may not be found.

DHCP should be done from a server in AD.....keeps active directory "tighter".

Pushing the "reset" button on the router would reset it to factory defaults, which would erase having any custom DNS settings put in there.
 
You must log in or register to reply here.

Similar threads

C
VM Server reboot has a 169. address.
Replies
3
Views
1K
YeOldeStonecat
YeOldeStonecat
HCHTech
Hyper-V - Moving VM to a new host
Replies
6
Views
548
britechguy
britechguy
HCHTech
LBFO vs. SET teams
Replies
15
Views
7K
britechguy
britechguy
thecomputerguy
Weird DNS Issue ...
Replies
2
Views
650
YeOldeStonecat
YeOldeStonecat
HCHTech
Narrowing down a internet issue
Replies
5
Views
605
YeOldeStonecat
YeOldeStonecat
Back
Top