We have a very small (5 workstation) network with one Windows Server acting as domain controller, DHCP and DNS server. All devices are connected to a standard switch which in turn is connected to a standard broadband modem.
The TCP network settings for each workstation are:
192.168.0.50 is the IP of the DNS server.
192.168.0.1 is the IP of the modem gateway
8.8.8.8 is Google's public DNS server
Is this a good plan? Is there any point including the modem's IP in that list? I've noticed that the Windows DNS server is receiving and caching requests for public websites. Should the Google DNS server be higher up the list?
Workstations should have your internal DNS server(s) as the only DNS server(s) in TCP/IP configuration
PCs pick DNS server from the list and stick to it for some time. So if by some chance your workstations would pick your modem or Google DNS server, your internal AD domain name resolution would stop working.
You can optionally have Google or modem's DNS servers specified as forwarders on your DC's DNS Server. But DNS server on DC could also do all external resolution without any forwarders. Using your ISP's DNS servers as forwarders on internal DNS server might make more sense though. But you don't need to use any forwarders at all
Adding the modem is not a good idea, no.
Scenario:
Your internal DNS server fails to respond, for some reason or other. This causes a delay as it times out.
Then if it asks the modem it would get no response. This introduces a second delay as it times out.
Then it would try Google, which one would assume would respond as long as you have a connection.
So, removing the modem entry will make it get to Google more swiftly if your internal DNS fails to respond.
Bottom line is that you should be able to rely on your internal DNS. But if you can't trust it then having Google as a backup isn't a problem.