Solved

Dns Windows Server 2003 Cannot delete records

Posted on 2004-10-04
6
212 Views
Last Modified: 2010-04-19
Hi,
I am really new to dns and even newer to windows server 2003. This is probably a very simple question so I hope it can be easily answered. I have managed to setup a dns server through basically a trail and error setup. My only problem is that through the wizard setup provided by Windows,it setup a name server that included my wan ip and 2 private ips for my two nics for my local network. There are also Host (A) records that point to my private ips. I try to delete them and then perform and nslookup and then my server is resolved to only one ip, my wan ip (exactly what i want). About 5 - 10 minutes later the records reappear again and the nslookup shows 3 ip, 2 of which are private meaning that 2/3 of my requests will be turned down. No matter how many times I delete them they keep reappearing but seems to temporarily work while they are gone. Am I missing something obvious here?.

Thanks
0
Comment
Question by:gorlinj
  • 3
  • 2
6 Comments
 
LVL 23

Accepted Solution

by:
rhandels earned 500 total points
ID: 12224208
Hi,

Normally, a DNS server receives request from servers or workstations that want to register their DNS name and ip address to the DNS server. If you server is multihomed (has more than one ip address), both addresses will be reappering after you deleted them, you cannot do something about it. You can however disable the NIC that has the external ip addresses so you would only have one operative NIC in the server, this way only one ip address wil be designated to this server.

If the server only has one NIC and the addresses that are saved within DNS are not from your network, do the following.
Go to DNS, then to Forward Lookup Zones --> Your zone --> right click it and choose properties. Then, on the General TAB, make sure that the option Secure Only is selected within the  Dynamic Updates section.
0
 

Expert Comment

by:nbunder
ID: 12225641
Ok thanks, the question I have now is that what do I do if this server is setup for routing through ISA server and it wouldn't be possible to disable a nic as that the only way my lan is connected to the interent (through NAT). What would someone do for dns in a case like this? Should I just get is hosted with someone else? Any suggestions?

Thanks
0
 

Author Comment

by:gorlinj
ID: 12225669
Please note that nbunder is another name of mine and I meant the post the above question under my name and still counts for the points.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 23

Expert Comment

by:rhandels
ID: 12225760
So which of those ip addresses need to be the first one that should be the most important one?? Are you using it for DNS??

Also, i guess you know that two accounts is against EE regulations??.. Just be as kind as to remove one of them after the question...
0
 

Author Comment

by:gorlinj
ID: 12228156
First of all sorry about having two name i didn't know it was against regulations, actually one of them is a friend's. Nonetheless I will be sure to deal with it once this question is over with. I don't fully understand your question but I can try and explain my setup as best I can. I have one Compaq Proliant server with 3 nics installed. I have microsoft ISA, Routing and Remote access, exchange 2003, DHCP, DNS, and AD setup, just to name the important processes that I have running. I originally setup DNS and the routing without ISA then installed isa when I wasnted packet/port filtering and forwarding to another internal server. Now I am using two nics in my server, one is constantly connected to the wan and setup to dial via pppoe in ISA. This adapter, connected to the DSL modem, I assigned a static IP of 192.168.0.3 and no gateway setup, DNS configured for both my nics in the server (192.168.0.3 and 192.168.0.2), (please remember I may have something wrong here as I used a trial and error setup) The other nic I connected internally to a hub then to the clients...The setting for that include: statip ip of 192.168.0.2 , gateway: 192.168.0.2(self), dns: 192.168.0.2(self). I have the firewalls in ISA configured to allow all traffic in and all traffic out and redirect port 82 to another internal webserver. Everything seems to work perfectly besides for the DNS. I want the dns to point to my static wan ip (ppoe) through the nic 192.168.0.3. Does that make any sense? If not can someone please explain another alternative setup. All i need is a simple record pointing my domain ga065 dot org to the ip 65 dot 6 dot 129 dot 62.

Thanks!!
0
 
LVL 23

Expert Comment

by:rhandels
ID: 12230684
Hi,

If you need to point external ip addresses to a domainname that's on the net, i would suggest making sure this is done by your ISP who hosts the domainname. Only use DNS for your internal resolvance.

What can be done better is to make sure these services are distributed among servers. For a starter, don't have a  multihomed machine as Exchange server, Make sure ISA is in front of the network, not within the network. Make sure to have one machine as DC, DHCP, DNS and stuff and don't try to use more than 2 NIC's in a ISA server.

Also, if you have two NIC's that need to "divide" two subnets, don't use the same subnet for the internal and external NIC, try changing the ip address of the external NIC from 192.168.0.3 to 192.168.1.3 with a subnet mask of 255.255.255.0. Or even better, just ask what you want to do with it and ask us for help, there are a lot of things wrong...
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question