2003 AD-integrated DNS problems


I have two domain controllers in an AD network and I am trying to setup and configure DNS on dc1 properly before configuring and installing dns on dc2. I noticed the the wizard set my primary dns on dc1 as 127.0.0.1.Is this correct or should i set it to be the same ip address thats static'd into dc1's local area connection example: 128.0.2.5. Here's the output:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : computername
   Primary Dns Suffix  . . . . . . . : company.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : company.local

Ethernet adapter Local Area Connection 3:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP Network Team #1
   Physical Address. . . . . . . . . : 00-0F-20-D1-4D-6E
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 128.0.2.5
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . : 128.0.1.1
   DNS Servers . . . . . . . . . . . : 127.0.0.1
                                       198.6.1.3
                                       198.6.100.25

C:\>nslookup 128.0.2.5
Server:  localhost
Address:  127.0.0.1

*** localhost can't find 128.0.2.5: Non-existent domain

What am I doing wrong and why can't I resolve 128.0.2.5 (dc1)? Also should I be using secure dynamic updates or just dynamic updates?
LVL 1
SANG501Asked:
Who is Participating?
 
mikeleebrlaCommented:
opps,,, i meant you will have to add your DHCP server to the DNSProxyUpdate Group
0
 
mikeleebrlaCommented:
which machine where you on when you did the above nslookup?

I wouldn't set the dns server to the loopback (127.0.0.1) just set it to the actual IP address of the DNS server that you want it to point to.

Also,  i wouldn't have your 2nd and 3rd dns servers listed as "real" public dns server b/c say your internal dns server is down, it will then give you results from a "public" dns server,, which of course will not have any info about your internal network,, so you will not get the disired results.
0
 
SANG501Author Commented:
I did the nslookup from 128.0.2.5(dc1)
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
mikeleebrlaCommented:
well change its dns server to 128.0.2.5 (itself) and then check the DNS MMC to see that if it has a reverse lookup zone for your domain and a reverse A record for DC1.  DO you even have reverse zones configured,, since you are doing nslookup 1.1.1.1 which is a reverse lookup??
0
 
SANG501Author Commented:

After changing the primary DNS to 128.0.2.5 i can now get the right results from nslookup. I also created a reverse lookup zone with 128.0 as the network id. However, the only items I see in this zone are: two NS files pointing to DC1 and DC2 respectively and a SOA record. Is this correct?
0
 
SANG501Author Commented:
nevermind, I did a refresh and got a pointer record. Thanks for the assistance.

Also, can you or someone enlighten me as to whcih dynamic update is recommended?
0
 
mikeleebrlaCommented:
there are only 2 types of dynamic updates that i know of,, secure and not secure.

by default, clients will attempt to use unsecure first,, then if that fails they will attempt to use the secure method.  if you have 98/95 computers these clients will have to be added to the DNSProxyUpdate Group in active directory.  windows 2000/xp machines are in this group by default.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.