paricitoi
asked on
DNS under win2k
Hi
Here is the situation: I got 2 NIC. each one of them is on a different subnet connected at the same time. Each subnet has it's own DNS server. Now when I try to resolve intranet sites of domainA, when DNSB is the one used, it doesn't work unless I change the DNS for DNSA each time which is a pain in the @ss.
1)I wanted to set up a DNS server that would forward the request to the correct DNS server (DomainA to DNSA and DomainB to DNSB). I am using Win2k Server and the DNS that came with it. Btw I have no problem resolving internet sites using either of the DNSs.
2) Is there a way to make my DNS server "silent"? I don't want it to go and "screw" or "talk" to other DNS servers on our network...only to serve my machine and no others.
3)is there a way to install DNS from the win2k Server cd on a win2k professional workstation?
Thx for helping
Here is the situation: I got 2 NIC. each one of them is on a different subnet connected at the same time. Each subnet has it's own DNS server. Now when I try to resolve intranet sites of domainA, when DNSB is the one used, it doesn't work unless I change the DNS for DNSA each time which is a pain in the @ss.
1)I wanted to set up a DNS server that would forward the request to the correct DNS server (DomainA to DNSA and DomainB to DNSB). I am using Win2k Server and the DNS that came with it. Btw I have no problem resolving internet sites using either of the DNSs.
2) Is there a way to make my DNS server "silent"? I don't want it to go and "screw" or "talk" to other DNS servers on our network...only to serve my machine and no others.
3)is there a way to install DNS from the win2k Server cd on a win2k professional workstation?
Thx for helping
ASKER
Hi and thank you for replying.
1) The problem is that each domain has 3 DNS servers (DNSA1 2 and 3) so whenever DNSA1 is not able to resolve, DNSA2 is gonna answer the query. When I tried the Primary-secondary approach, there were some site that couldn't be resolved. Regarding what you proposed, I know that there is just one DNS seting no matter on which NIC you set it for Win98. Is win2k different regarding that specific matter?
2)it= My DNS server. When I set up a MS DNS server at an office where there already was another DNS server running on FreeBSD, my dns server started trying to update the other DNS server on FreeBSD. I don't want that to happen here...I want to keep a low profile :)
3) Still pending :)
1) The problem is that each domain has 3 DNS servers (DNSA1 2 and 3) so whenever DNSA1 is not able to resolve, DNSA2 is gonna answer the query. When I tried the Primary-secondary approach, there were some site that couldn't be resolved. Regarding what you proposed, I know that there is just one DNS seting no matter on which NIC you set it for Win98. Is win2k different regarding that specific matter?
2)it= My DNS server. When I set up a MS DNS server at an office where there already was another DNS server running on FreeBSD, my dns server started trying to update the other DNS server on FreeBSD. I don't want that to happen here...I want to keep a low profile :)
3) Still pending :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
in addition, you can prevent zone transfer from your Win2k DNS servers. on each zone, just right click > properties > zone transfers. uncheck Allow Zone Transfers:
ASKER
Hey Matt thank you for replying.
I am trying to adapt your answer to the specific case where I have 3 DNS server for each zone. DNSA1,2 and 3 and also DNSB1, 2 and 3...how should I do it in this case?
What about that third question? Any hint about it?
I am trying to adapt your answer to the specific case where I have 3 DNS server for each zone. DNSA1,2 and 3 and also DNSB1, 2 and 3...how should I do it in this case?
What about that third question? Any hint about it?
-Unless I missed some details, I think Matt is correct.
DNS1=forwarders= IP's of DNS2 & DNS3 (no zone transfers)
DNS2=forwarders= IP's of DNS1 & DNS3 (no zone transfers)
DNS3=forwarders= IP's of DNS1 & DNS2 (no zone transfers)
-One critical factor is... If you do not delete the default root domain (.)<-looks like this... The forwarders option does not work & the forwarders option is disabled.
-After deleting the root zone on each server, you have to close DNS admin & re-open it to use the forwarders option.
DNS1=forwarders= IP's of DNS2 & DNS3 (no zone transfers)
DNS2=forwarders= IP's of DNS1 & DNS3 (no zone transfers)
DNS3=forwarders= IP's of DNS1 & DNS2 (no zone transfers)
-One critical factor is... If you do not delete the default root domain (.)<-looks like this... The forwarders option does not work & the forwarders option is disabled.
-After deleting the root zone on each server, you have to close DNS admin & re-open it to use the forwarders option.
do the forwarding assignment as Housenet has specified for each of the 2 DNS groups (A and B). Notice, this way, there'll be more hops for getting a query answered. As I had mentioned, slaving is much more efficient -- faster resolution. -- unless you have the need to forward everything. As for installing DNS on a workstation, I don't think it can be done. Win2k has to be one of the server family.
ASKER
Thx you all. You've been great
If they are both primary, why don't you consolidate them to a primary - secondary relationship. This way they will have the same database.
If you need to maintain the two primary DNS' then create secondary zones on each for the other's domain. Something like:
SVR1 DNSA - primary DNSB - secondary
SVR2 DNSB - primary DNSA - secondary
For your second question, I'm not sure what "it" is. Are you talking about your workstation or the DNS server(s). OK, i read it again for the 3rd time. Pardon me, I'm kind of thick-headed - Irish descent you know!! :-) As long as you are the only client pointing to the server, it will only serve you. However, if someone else points to it, then it will also server them. Don't know of any other way to keep a DNS server down. But don't take my word on it, there are lots of people here who come up with great ideas/solutions.
Don't know the answer to #3. I wouldn't think that DNS would ever be loaded on a workstation due to its 10 connection limit, which is probably why Microsoft doesn't offer it on the workstation CD.