Solved

the (.) root zone and forwarders & root hints

Posted on 2002-06-09
6
361 Views
Last Modified: 2010-05-18
I run a Windows 2000 Web server with 2 clients (both Windows 2000) and have some questions about the (.) root zone and forwarders & root hints. 1st off what is the difference and which should I be running?

I notice in the logs on my Clients that they are logging a lot of errors with regard to no Domain Controller found? My guess is that I do not have my DNS set up correctly. My clients DNS point to my ISP's DNS because if I point to my Servers internal IP I can't get out to the internet but it appears to eliminate the errors in the client logs. When I change my clients back to my ISP's DNS I can get back out to the internet but my logs start to fill up agin.

So, I'm "assuming" that my DNS is not set up correctly. Can someone give me some advice and some pointers.

T.I.A

ampapa
0
Comment
Question by:ampapa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 12

Accepted Solution

by:
Wouter Boevink earned 200 total points
ID: 7065315
WHen a have a . zone your dns is acting as root dns, this means it's the last station.

You can safely delete the . zone so your dns isn't a root server anymore. This means that all dns calls that can't be resoleved on the server will be asked at other dns servers. The root hints are main dns server names so you dns server knows where to start looking, if this fails your server will try any of the forwarders.

Delete the . root zone
Create your own zone (if not already there)
Put in some forwarders (your isp dns, not neccesary)
Point your clients to your dns server.
If your dns server can access the internet everything should work now.
0
 
LVL 8

Author Comment

by:ampapa
ID: 7065338
Question on setting up my new zone, assume my DNS already has a zone DNS1.microsoft.com and my website name is microsoft.com. Do I need to add a zone called microsoft.com or only add the A records MX records to the existing zone DNS1.microsoft.com?
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7067118
Using Windows 2000 Active Directory DNS, you would already have a forward lookup zone called microsoft.com. This would have Active Directory records in it.

You would then create a zone under microsoft.com called dns1 and put your A records in that.

"Put in some forwarders (your isp dns, not neccesary"
-I'm not sure about this comment, but what I would do is put the forwards of your server set to your ISP's DNS servers. This way, if a client of yours cannot find a name on your DNS server, it will forward the request to your ISP's DNS servers.

I hope this helps

0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 
LVL 12

Expert Comment

by:Wouter Boevink
ID: 7067653
You don't need forwarders, that's what to root servers are for. Only if you are unable to contact the root server you need forwarders, but you can always use your isp dns, it doesn't do any harm (I think).

At our company we have that situation that our zone name matches that of our website host.

www.jaarsma-deboer.nl is hosted by a isp. So the zone jaarsma-deboer.nl is hosted (on the internet by our isp).

I created a zone jaarsma-deboer.nl for our (internal) network. When I wanted to browse to www.jaarsma-deboer.nl it didn't work, obviously, because www.jaarsma-deboer.nl is hosted by our isp.

I created a delegation www and for this delegation I added the name servers of our ISP, so when a client on our network asks for www.jaarsma-deboer.nl our dns server knows it has to look for www at our isp.

Concerning your other question, I'm not quite sure what you mean. I guess putting in the A and MX records should do the trick.
0
 
LVL 8

Author Comment

by:ampapa
ID: 7067865
I deleted the .zone and followed through with wboevink's solution and the errors "no Domain Controller found" have stopped on my clients and I am able to get out to the internet. I will accept your answer.

But, I'm still confused about .zone (root) and forwarders? I understand the concept about not finding resolution at my DNS would then forward onto the next DNS but does deleting the "root" zone then enable my server to fulfill requests from other DNS servers on the web or is it mainly used for my LAN? I don't wan't to use the resources of my server to fulfill DNS requests from the web unless necessary.

As a side note why would anybody use .root that would assume that they would never have to go beyond their own DNS for resolution?

jmiller47 said, "what I would do is put the forwards of your server set to your ISP's DNS servers. This way, if a client of yours cannot find a name on your DNS server, it will forward the request to your ISP's DNS servers."

This makes sense, any DNS requests from my LAN not resolved would then be forwarded to my ISP's DNS servers.

If this is the case then what are the "Root hints" for? I think this is where wboevink was saying, "Put in some forwarders (your isp dns, not neccesary)" If you left the forwarders blank would it then default to the "root hints"?


"Concerning your other question, I'm not quite sure what you mean. I guess putting in the A and MX records
should do the trick. "

- My server showed my zone ajm.webajm.com before deleting the .root and below it are the folders _msdcs, _sites, etc. After deleting .root my zone ajm.webam.com still exists. I host the site webajm.com can I add the A records and MX records in the ajm.webajm.com domain or do I need to create a new zone webajm.com for these records?

0
 
LVL 12

Expert Comment

by:Wouter Boevink
ID: 7067998
Your DNS server is only used for your lan. Because you're only hosting your own zone and no other DNS knows about it.

Take for example our company. When someone on the internet browses to www.jaarsma-deboer.nl first their browser is going to ask their DNS (providing they have one) their DNS is only hosting their zone so it askes one of the root server 'who hosts domain jaarsma-deboer.nl' the 'main' dns then forwards it's question to de .nl dns and the .nl dns knows www.jaarsma-deboer.nl is hosted at Introweb (our isp) then the request is forwarded to dns.introweb.nl and it gives the ip number of www.jaarsma-deboer.nl.

So your dns is only for your own 'private zone' unless you are registered to serve 'internet' zones.
0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question