?
Solved

DNS problem on LAN's client PC when win2000 srv is not main server

Posted on 2004-03-26
5
Medium Priority
?
795 Views
Last Modified: 2010-03-18
I have the LAN settings:

1 LAN IP's - 192.168.1.1-192.168.1.254
2 LAN IP's - 192.168.2.1-192.168.2.254

windows 2000 srv active directory is set at 192.168.1.2 (not connected to the internet)
temporary winXP (connected to internet and shared to the LAN) is set at 192.168.1.1, ISP IP=100.200.100.200

if I set primary DNS on client PC's 192.168.1.2 and secondary 100.200.100.200 client cannot resolve internet addresses,
if I set primary DNS on client PC's 100.200.100.200 and secondary 192.168.1.2 client cannot resolve active directory names.

How can I solve this problem to get full DNS support for ISP and Active directory?

0
Comment
Question by:Povilas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 800 total points
ID: 10688920
Your clients and your DC need to point *only* to your internal DNS, under no circumstances to your ISP's DNS. Then remove the root zone (".") on your W2k DNS, and configure forwarders to point to your ISP's DNS. Check the FAQ for more information.

Frequently Asked Questions About Windows 2000 DNS and Windows Server 2003 DNS
http://support.microsoft.com/?kbid=291382

Windows 2000 DNS and Active Directory Information and Technical Resources
http://support.microsoft.com/?kbid=298448

HOW TO: Troubleshoot DNS Name Resolution on the Internet in Windows 2000
http://support.microsoft.com/?kbid=316341

HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?kbid=300202
0
 
LVL 11

Expert Comment

by:kabaam
ID: 10690108
Just to add a comment here.  I see this alot and wanted to through this in.
This is a clip from the MS DNS whitepapers

"Servers are queried in the order they are given in the list, which is defined by the servers priorities. If one server in the list returns a positive or negative answer, then no other servers in that list are posed the same question"

basically saying that the purpose of a client setting of primary and secondary dns servers is for redundancy only.
Both primary and secondary servers are assumed to hold the exact same information.
If the primary gives ANY response at all... the client assumes the secondary will have the same response and not bother.
If the primary does not respond... no comms back... then the client will use the secondar.  Redundancy only.

oBda gave you what you need to set up your DNS server to allow recursive queries and set up forwarders
gl
CHAD
0
 
LVL 1

Author Comment

by:Povilas
ID: 10690250
How exactly should I configure forwarder and DNS IP on clients.

clients are from 192.168.1.4-192.168.1.254
2000 server is 192.168.1.2
ISP XP server is with two LAN cards IP: 192.168.1.1 and 100.200.111.233
0
 
LVL 11

Assisted Solution

by:kabaam
kabaam earned 200 total points
ID: 10690303
your clients dns settings should only list your local domain dns servers.
configure your dns servers to do recursive queries.
add forwarders to your dns zones... pointing to ISP dns servers


recursive queries:
client asks primary dns server for IP... dns server doesnt know... but looks at forwarder address and asks that server.
0
 
LVL 1

Author Comment

by:Povilas
ID: 10690466
the problem might be, when I'll try to seperate two LAN's.

XP server (will be Linux server for firewall and router function):
LANcard1: 192.168.1.1 (LAN switch 1)
LANcard2: 192.168.2.1 (LAN switch 2)
WANcard3: 100.200.100.200
WANcard4: 100.200.100.201

2000 server (with active directory for 192.168.1.* LAN domain users):
LANcard1: 192.168.1.2

Domain clients:
LANcard1: 192.168.1.3-192.168.1.254 (No need for DHCP)

NON domain clients:
LANcard1: 192.168.2.2-192.168.2.254 (very important to have totally automatic DNS and DHCP, and to have no access to Domain LAN)

How DMS and DHCP configuration must look like to work for Domain computers, and for non-domain user that will have no permisions to 192.168.1.* LAN. My win2000 srv will not be able to provide DNS queries for 192.168.2.* LAN !!! (packets will go from switch to ISP router).
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FIPS stands for the Federal Information Processing Standardisation and FIPS 140-2 is a collection of standards that are generically associated with hardware and software cryptography. In most cases, people can refer to this as the method of encrypti…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question