?
Solved

the (.) root zone and forwarders & root hints

Posted on 2002-06-09
6
Medium Priority
?
365 Views
Last Modified: 2010-05-18
I run a Windows 2000 Web server with 2 clients (both Windows 2000) and have some questions about the (.) root zone and forwarders & root hints. 1st off what is the difference and which should I be running?

I notice in the logs on my Clients that they are logging a lot of errors with regard to no Domain Controller found? My guess is that I do not have my DNS set up correctly. My clients DNS point to my ISP's DNS because if I point to my Servers internal IP I can't get out to the internet but it appears to eliminate the errors in the client logs. When I change my clients back to my ISP's DNS I can get back out to the internet but my logs start to fill up agin.

So, I'm "assuming" that my DNS is not set up correctly. Can someone give me some advice and some pointers.

T.I.A

ampapa
0
Comment
Question by:ampapa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 12

Accepted Solution

by:
Wouter Boevink earned 800 total points
ID: 7065315
WHen a have a . zone your dns is acting as root dns, this means it's the last station.

You can safely delete the . zone so your dns isn't a root server anymore. This means that all dns calls that can't be resoleved on the server will be asked at other dns servers. The root hints are main dns server names so you dns server knows where to start looking, if this fails your server will try any of the forwarders.

Delete the . root zone
Create your own zone (if not already there)
Put in some forwarders (your isp dns, not neccesary)
Point your clients to your dns server.
If your dns server can access the internet everything should work now.
0
 
LVL 8

Author Comment

by:ampapa
ID: 7065338
Question on setting up my new zone, assume my DNS already has a zone DNS1.microsoft.com and my website name is microsoft.com. Do I need to add a zone called microsoft.com or only add the A records MX records to the existing zone DNS1.microsoft.com?
0
 
LVL 7

Expert Comment

by:jmiller47
ID: 7067118
Using Windows 2000 Active Directory DNS, you would already have a forward lookup zone called microsoft.com. This would have Active Directory records in it.

You would then create a zone under microsoft.com called dns1 and put your A records in that.

"Put in some forwarders (your isp dns, not neccesary"
-I'm not sure about this comment, but what I would do is put the forwards of your server set to your ISP's DNS servers. This way, if a client of yours cannot find a name on your DNS server, it will forward the request to your ISP's DNS servers.

I hope this helps

0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 12

Expert Comment

by:Wouter Boevink
ID: 7067653
You don't need forwarders, that's what to root servers are for. Only if you are unable to contact the root server you need forwarders, but you can always use your isp dns, it doesn't do any harm (I think).

At our company we have that situation that our zone name matches that of our website host.

www.jaarsma-deboer.nl is hosted by a isp. So the zone jaarsma-deboer.nl is hosted (on the internet by our isp).

I created a zone jaarsma-deboer.nl for our (internal) network. When I wanted to browse to www.jaarsma-deboer.nl it didn't work, obviously, because www.jaarsma-deboer.nl is hosted by our isp.

I created a delegation www and for this delegation I added the name servers of our ISP, so when a client on our network asks for www.jaarsma-deboer.nl our dns server knows it has to look for www at our isp.

Concerning your other question, I'm not quite sure what you mean. I guess putting in the A and MX records should do the trick.
0
 
LVL 8

Author Comment

by:ampapa
ID: 7067865
I deleted the .zone and followed through with wboevink's solution and the errors "no Domain Controller found" have stopped on my clients and I am able to get out to the internet. I will accept your answer.

But, I'm still confused about .zone (root) and forwarders? I understand the concept about not finding resolution at my DNS would then forward onto the next DNS but does deleting the "root" zone then enable my server to fulfill requests from other DNS servers on the web or is it mainly used for my LAN? I don't wan't to use the resources of my server to fulfill DNS requests from the web unless necessary.

As a side note why would anybody use .root that would assume that they would never have to go beyond their own DNS for resolution?

jmiller47 said, "what I would do is put the forwards of your server set to your ISP's DNS servers. This way, if a client of yours cannot find a name on your DNS server, it will forward the request to your ISP's DNS servers."

This makes sense, any DNS requests from my LAN not resolved would then be forwarded to my ISP's DNS servers.

If this is the case then what are the "Root hints" for? I think this is where wboevink was saying, "Put in some forwarders (your isp dns, not neccesary)" If you left the forwarders blank would it then default to the "root hints"?


"Concerning your other question, I'm not quite sure what you mean. I guess putting in the A and MX records
should do the trick. "

- My server showed my zone ajm.webajm.com before deleting the .root and below it are the folders _msdcs, _sites, etc. After deleting .root my zone ajm.webam.com still exists. I host the site webajm.com can I add the A records and MX records in the ajm.webajm.com domain or do I need to create a new zone webajm.com for these records?

0
 
LVL 12

Expert Comment

by:Wouter Boevink
ID: 7067998
Your DNS server is only used for your lan. Because you're only hosting your own zone and no other DNS knows about it.

Take for example our company. When someone on the internet browses to www.jaarsma-deboer.nl first their browser is going to ask their DNS (providing they have one) their DNS is only hosting their zone so it askes one of the root server 'who hosts domain jaarsma-deboer.nl' the 'main' dns then forwards it's question to de .nl dns and the .nl dns knows www.jaarsma-deboer.nl is hosted at Introweb (our isp) then the request is forwarded to dns.introweb.nl and it gives the ip number of www.jaarsma-deboer.nl.

So your dns is only for your own 'private zone' unless you are registered to serve 'internet' zones.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Introducing Priority Question, our latest feature.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question