Best Practices

Use Windows 2000/2003 DNS whenever possible to support Active Directory. If you must use a non-Windows DNS to host the AD Zone, ensure that it supports SRV records, such as with BIND version 8.1.2 or higher.

Establish a caching-only server in small branch office situations to alleviate large amounts of client query traffic across the network and to eliminate the need to replicate entire DNS zones to remote locations.

Configure DHCP to dynamically update DNS information for down-level clients if dynamic records are necessary.

Identify the sources of dynamically updated information to prevent problems with reliability.

Configure a DNS server to point to itself for DNS queries rather than to another DNS server.

Make any DNS implementation compliant with the standard DNS character set so that you can support zone transfers to and from non-Unicodecompliant DNS implementations such as Unix BIND servers. This includes az, AZ, 09, and the hyphen (-) character.

Turn on Debug Logging on a per-server basis for more advanced DNS Event Log diagnosis only when required, and turn off this functionality when it's no longer necessary.