?
Solved

Win2k DNS Trouble

Posted on 2003-03-07
35
Medium Priority
?
359 Views
Last Modified: 2010-04-13
Recently upgraded our NT4 server to Windows 2000 Server w/DNS and Active Directory. I have created a forward looking zone for the domain. Internet access and DHCP is through a Speed Stream router. I have set the DNS servers in the router to my Win2k server and my ISP. I have set DNS on the Win2k server to forward to my ISP name server.

Everything works great except my intranet server can only be accessed by the IP address. If I trace route I end up at my ISP.

What's the right combination?
0
Comment
Question by:maduko
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 13
  • 8
  • 5
  • +4
35 Comments
 
LVL 10

Expert Comment

by:pcbrat
ID: 8091179
Make sure you have a reverse lookup zone on you AD DNS.

:)
0
 
LVL 1

Expert Comment

by:Beerman
ID: 8092254
Make sure your clients point to your dns server only.  Let the server forward the internet lookups.  You can also change the router to only use the isp dns (it wont fix anything, but it shouldnt need to be there either). Make sure there is a host record in your dns for the intranet server.  Also, try adding a reverse lookup zone
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8094607
I agree with above advice, it may be easier to accomplish this and keep DNS up to date if you disabled DHCP on your router  and enabled it on your Server, then integrate DNS with DHCP.  This way you control DNS settings and they are pushed to your clients through DHCP (configure your router as default gateway).  The only DNS listing pushed out should be your server, as mentioned above, under DNS mgmt your ISPs DNS servers should be listed as forwarders.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 1

Expert Comment

by:sjhaveri
ID: 8095179
hi,
did you create alias name in your dns?
if you try to access intranet by typing www.sitename.com
then there should be entry in dns.
create entry in your server dns by right click and new alias. put ip address of your internal website and www.sitename.com.
hope this helps.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8095373
I hope this would help

 u have to use internal DNS for all ur tcp/ip entries on your workstations and servers . and u don't need DNS entries in the router.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8095395
there is one more thing if u have configured all internal dns . second u should make sure that ur DNS is not configured as root DNS go to forward lookup zone and make sure there is no dot (.) If there is one delete it
0
 
LVL 3

Expert Comment

by:SimonL-UK
ID: 8102395
All you client workstations and servers should be set to use the DNS/WINS servers of your domain controller's DNS server.  This should then forward all external DNS queries to your external DNS servers.

A few things to check:

1) in the WINS tab of DNS, check enable forward lookup

2) Make sure your reverse lookup is created and configured correctly

3) Make sure WINS is configured correctly

4) Check the client IP configuration is correct
0
 
LVL 1

Author Comment

by:maduko
ID: 8103906
Still no luck. I now see it was a big mistake to name the domain our "real" domian- company.org. I guess it's too late to change to company.local at this point. After trying most of the above suggestions it seems....

I must not understand the reverse lookup scheme.
When I added an entry it only allows the a part of the IP so I don't understand how to point it at my intranet server which is at 192.168.0.21. I added 192.168.0 but it made no difference.

Does "host record" refer to the Hosts file? What happens when the machine's IP address changes?

The router is pointed to my DNS server and the domain name pei.local is in the "domain name" box. I am using the DHCP on the router.

Alias does not allow an IP address to be entered so that's no help.

We do not have a WINS server enabled.
0
 
LVL 1

Author Comment

by:maduko
ID: 8104118
Still no luck. I now see it was a big mistake to name the domain our "real" domian- company.org. I guess it's too late to change to company.local at this point. After trying most of the above suggestions it seems....

I must not understand the reverse lookup scheme.
When I added an entry it only allows the a part of the IP so I don't understand how to point it at my intranet server which is at 192.168.0.21. I added 192.168.0 but it made no difference.

Does "host record" refer to the Hosts file? What happens when the machine's IP address changes?

The router is pointed to my DNS server and the domain name pei.local is in the "domain name" box. I am using the DHCP on the router.

Alias does not allow an IP address to be entered so that's no help.

We do not have a WINS server enabled.
0
 
LVL 3

Expert Comment

by:SimonL-UK
ID: 8104370
If you have downlevel clients i.e. Win9x and NT you need a WINS server.  It will speed up network browsing a hell of a lot.

A hosts file is simply a text file which converts host names to IP address.

DNS is split up into two zones - reverse and forward lookup.
A forward lookup converts a DNS name to IP address whereas a reverse lookup converts IP to DNS name.
A better thing to do would be to install and use DHCP on your server and centrally manage all IP stuff there - makes it a hell of a lot easier.


When you create a HOST record, you are creating a forward lookup record i.e. DNS name to IP.  You have an option of creating a point (PTR) record to do the reverse i.e. IP to DNS name.

WINS is just used to translate between NETBIOS name and IP address and vice versa.

In the DNS server, you can enable Dynamic DNS and allow client workstations to automatcially update DNS when it's IP address changes.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8104539
> A better thing to do would be to install and use DHCP on your server and centrally manage all IP stuff there - makes it a hell of a lot easier.

Simon.. this was already suggested.  It appears Maduko would like to make it work as configured, which we should be able to help him to accomplish.  While IMHO it is not the preferred configuration, there is nothing wrong with it.
0
 
LVL 1

Author Comment

by:maduko
ID: 8105240
I hadn't set up DHCP because it was running on the router. And working quite fine.

This is probably a flashback from my automotive daze- the mantra of diagnosis is change one thing at a time.

I'll give it a whirl though.

0
 
LVL 1

Expert Comment

by:Beerman
ID: 8107717
>>>..Alias does not allow an IP address to be entered so that's no help

Actually you want to create an alias named www for the web server on your dns server.  For example, if your domain name is company.com, and your intranet servers name is myserver, a host record in your dns should exist for    myserver.company.com  .  Now create an alias for that server.  The alias name should be www.company.com.  Also, make sure your dns server is not the root server.  Check for a . in the forward look up zone on your dns server and delete.

.....I must not understand the reverse lookup scheme

The reverse lookup will translate an ip to a domain name.  For example, if you try to connect to 192.168.0.254, dns reverse lookup will translate that as www.company.com.  Reverse lookup only cares about the network id part of the ip.  For a mask of 255.255.255.0 the first 3 numbers of the ip are used, and are reversed to create a file 0.168.192.in-addr.arpa.

>>..Does "host record" refer to the Hosts file?
Yes and No.  As SimonL-UK said, a hosts file is a text file containing the servername (myserver.company.com) and the ip address.  It could also contain www.company.com for your intranet server.  The problem is this file as to be on every client on your network.  Your clients would then consult the hosts file for ip resolution (depends on OS).  Make one change to your server(s), and the file has to be updated on all clients hence the reason for dns.  With DNS, you make one change on the dns server, and the clients consult the server, which responds with the ip.

>>>..is change one thing at a time
I agree, but you will probably want to let win2k handle both dns and dhcp.  They are well integrated, and include many benefits.

0
 
LVL 26

Expert Comment

by:Vahik
ID: 8108847
listen I will try this one more time all these happens because of enabling DNS in ur router


 By enabling ur DNS in ur router that is what causing  ur name resolution not to work. All ur name  resolution is being forwarded to the internet.

 The way u could test it first disable the DNS and put all the internal DNS in the TCP/IP configuration I mean all work stations and servers.  

   U could run NETDIAG from command prompt before and after these changes make everything is passed.

 GL
0
 
LVL 1

Author Comment

by:maduko
ID: 8112420
Okay, last night I installed DHCP and set up the scope. I reserved an IP address for the intranet server. DNS and DHCP are disabled on the router. At this point I stopped.

Our ISP's nameserver is in the forwarding entry and my DNS server is set to listen on all ports. I deleted the zones and am ready to create new ones.

If our domain is xyz.org what is my forward zone? local? or local.xyz.org?

0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8112761
Forward lookup zone: xyz.org
Forwarders under properties of DNS Server should be set to DNS servers of your ISP.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8112943
Before u configure ur DNS try to diconnect it from the internet or else ur DNS becomes a root DNS.
this is just local DNS it doesn't matter what u call .You just giving ur zone a name.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8112992
I ment disconnect the router from the internet
0
 
LVL 1

Author Comment

by:maduko
ID: 8120201
I configured the forward and reverse zones and now we can get to the intranet. However our "real" web site is unavailable. Other outside web sites are available.

The router had DNS and DHCP turned off, I cannot delete the trailing dot on the zone entries and creating an alias for our public web site doesn't seem to help. I also crated an alias for our intranet but that seems redundant.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8120250
The dot is added when your zone is created.  You are going to have to delete the zone, disconnect from the internet and recreate the zone, just as Vahiik indicated.
0
 
LVL 1

Author Comment

by:maduko
ID: 8120355
So physically unplug the wire or turn off the router?

Sorry to be so dense... I thought disabling the router's DNS and DHCP was adequate. No wonder I'm confused!
0
 
LVL 1

Author Comment

by:maduko
ID: 8120495
No difference. Still has a dot, still doesn't work, still confused.

I'm restarting now just to see if that helps.

Also tried an NSLOOKUP and I get "non existant domain... default servers are not available" This hole just keeps getting deeper!
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121127
I will tell u how to get rid of dot second
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121218
right click the dot then delete it and after that connect to internet and wait a while. I would say wait for an hour for everything to be Propagated.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121232
Like I said don't get Discouraged if it takes a while.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121255
restart ur DNS too
0
 
LVL 1

Accepted Solution

by:
Beerman earned 600 total points
ID: 8121467
How do you want your internal users to access the intranet site?  If you want the local intranet to be www.mycompany.com, the internet site will not be available because the local dns server will assume you want the local site (both local and internet are the same name).  The local dns server is responsible for all of mycompany.com (both local and for what the server assumes as internet also).  Removing the dot makes the server only responsible for local addresses for mycompany.com.  The best thing you can do is for the local intranet site is not name or alias it "www".  So, lets say that the local intranet server is named "server1", the dns entry on the local dns server should be "server1.mycompany.com".  In IE, you should be able to enter the address "http://server1.mycompany.com" to bring up the local intranet site, and "http://www.mycompany.com" for the internet site.  If you have a host or alias entry for www in the local dns server, delete it.  Now, create an alias for server1.mycompany.com.  DO NOT use www, ftp, mail, dns, name, any server name, etc.  You can use intranet, local, any theme you have, etc.  Or just leave it at server1.  What ever you use for an alias is what the users will type when they need the local intranet site
Hope that helps
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121612
Listen u know what is a diffrence between root dns and local dns. Dot  means something like VeriSign Global Registry Services. this is just a local DNS we are trying to make any time a local computer makes query the local  DNS gets the first shot then if it doesnot find it forwards it to internet.
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8121669
Beerman

 I just have one question let say we dont have internet and we only have LAN then what we gonna do about name resolution  inside the LAN
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8123381
Maduko any news yet
0
 
LVL 1

Expert Comment

by:Beerman
ID: 8124287
To Vahik

If you dont have internet, your local dns will handle internal name resolution.  If you do have internet and the local dns server can not resolve the ip, it will forward the request to the internet dns server
0
 
LVL 26

Expert Comment

by:Vahik
ID: 8124324
MY god man you've got it. but if ur dns a root dns all the name resolution will be forwarded to the internet before is resolved localy
0
 
LVL 1

Author Comment

by:maduko
ID: 8125144
Currently we are using the IP address for the internal site and I'm waiting to see if the DNS issue resolves as suggested.

Between rolling out a dozen XP workstations this has been an interesting aside to the project. In hindsight we should probably have rolled out the upgrade without venturing in to Active Directory and the whole DNS issue.

Thanks for all the help.
0
 
LVL 9

Expert Comment

by:MSGeek
ID: 8128431
>> Between rolling out a dozen XP workstations this has been an interesting aside to the project. In hindsight we should probably have rolled out the upgrade without venturing in to Active Directory and the whole DNS issue.


While I'm not the one doing the work, I disagree.  You will thank yourself as XP and Win2k both look to DNS first.  AD is dependent on DNS, and without AD you cannot implement Group Policies centrally, which will make locking those buggers down all that much easier.  :)
0
 
LVL 1

Expert Comment

by:Beerman
ID: 8133033
I agree with msgeek, you will thank yourself.  MS clients with win2k and above rely heavily on dns.  im glad everything is working for you now.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
In today's business world, data is more important than ever for informing marketing campaigns. Accessing and using data, however, may not come naturally to some creative marketing professionals. Here are four tips for adapting to wield data for insi…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month8 days, 21 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question