Configuring multihomed servers

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Configuring multihomed servers

For multihomed DNS servers, you can configure the DNS Server service to selectively enable and bind only to IP addresses that you specify using the DNS console. By default, the DNS Server service binds to all IP interfaces configured for the computer.

This can include:

• Any additional IP addresses configured for a single network connection.

• Individual IP addresses configured for each separate connection where more than one network connection is installed on the server computer.

For multihomed DNS servers, you can restrict DNS service for selected IP addresses. When this feature is used, the DNS Server service only listens for and answers DNS requests that are sent to the IP addresses specified on the Interface tab in Server properties.

When to specify interfaces

By default, the DNS Server service listens on all IP addresses and accepts all client requests sent to its default service port (UDP 53 or TCP 53). Some DNS resolvers (including original version Windows 95 clients) require that the source address of a DNS response be the same as the destination address that was used in the query. If these addresses differ, clients can reject the response. To accommodate these resolvers, you can specify the list of allowed interfaces for the DNS server. When a list is set, the DNS Server service binds sockets only to allowed IP addresses used on the computer.

In addition to providing support for clients that require explicit bindings to be used, specifying interfaces can be useful for other reasons:

1. If, for administrative reasons, you do not want to use some IP addresses or interfaces on a multihomed server computer.

2. If the server computer is configured to use a large number of IP addresses and you do not want the added expense of binding to all of them.

Additional considerations for multihoming DNS servers

When configuring additional IP addresses and enabling them for use with a DNS server, consider the following:

• Additional system resources are consumed at the server computer.

• Although DNS provides the means to configure multiple IP addresses for use with any of your installed network adapters, there is no performance benefit for doing so.

• Even if the DNS server is handling multiple zones registered for Internet use, it is not necessary or required by the Internet registration process to have different IP addresses registered for each zone.

Given these considerations:

• Recognize that when adding IP addresses for DNS server use, each additional address might only slightly increase server performance. In instances when a large overall number of IP addresses are enabled for use, server performance can be degraded noticeably.

• In general, when adding network adapter hardware to the server computer, assign only a single primary IP address for each network connection.

• Whenever possible, remove non-essential IP addresses from existing server TCP/IP configurations.

Note

• For more information on how to specify interfaces with the DNS Server service, see Restrict a DNS server to listen only on selected addresses.