Solved

Dns Windows Server 2003 Cannot delete records

Posted on 2004-10-04
6
210 Views
Last Modified: 2010-04-19
Hi,
I am really new to dns and even newer to windows server 2003. This is probably a very simple question so I hope it can be easily answered. I have managed to setup a dns server through basically a trail and error setup. My only problem is that through the wizard setup provided by Windows,it setup a name server that included my wan ip and 2 private ips for my two nics for my local network. There are also Host (A) records that point to my private ips. I try to delete them and then perform and nslookup and then my server is resolved to only one ip, my wan ip (exactly what i want). About 5 - 10 minutes later the records reappear again and the nslookup shows 3 ip, 2 of which are private meaning that 2/3 of my requests will be turned down. No matter how many times I delete them they keep reappearing but seems to temporarily work while they are gone. Am I missing something obvious here?.

Thanks
0
Comment
Question by:gorlinj
  • 3
  • 2
6 Comments
 
LVL 23

Accepted Solution

by:
rhandels earned 500 total points
Comment Utility
Hi,

Normally, a DNS server receives request from servers or workstations that want to register their DNS name and ip address to the DNS server. If you server is multihomed (has more than one ip address), both addresses will be reappering after you deleted them, you cannot do something about it. You can however disable the NIC that has the external ip addresses so you would only have one operative NIC in the server, this way only one ip address wil be designated to this server.

If the server only has one NIC and the addresses that are saved within DNS are not from your network, do the following.
Go to DNS, then to Forward Lookup Zones --> Your zone --> right click it and choose properties. Then, on the General TAB, make sure that the option Secure Only is selected within the  Dynamic Updates section.
0
 

Expert Comment

by:nbunder
Comment Utility
Ok thanks, the question I have now is that what do I do if this server is setup for routing through ISA server and it wouldn't be possible to disable a nic as that the only way my lan is connected to the interent (through NAT). What would someone do for dns in a case like this? Should I just get is hosted with someone else? Any suggestions?

Thanks
0
 

Author Comment

by:gorlinj
Comment Utility
Please note that nbunder is another name of mine and I meant the post the above question under my name and still counts for the points.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 23

Expert Comment

by:rhandels
Comment Utility
So which of those ip addresses need to be the first one that should be the most important one?? Are you using it for DNS??

Also, i guess you know that two accounts is against EE regulations??.. Just be as kind as to remove one of them after the question...
0
 

Author Comment

by:gorlinj
Comment Utility
First of all sorry about having two name i didn't know it was against regulations, actually one of them is a friend's. Nonetheless I will be sure to deal with it once this question is over with. I don't fully understand your question but I can try and explain my setup as best I can. I have one Compaq Proliant server with 3 nics installed. I have microsoft ISA, Routing and Remote access, exchange 2003, DHCP, DNS, and AD setup, just to name the important processes that I have running. I originally setup DNS and the routing without ISA then installed isa when I wasnted packet/port filtering and forwarding to another internal server. Now I am using two nics in my server, one is constantly connected to the wan and setup to dial via pppoe in ISA. This adapter, connected to the DSL modem, I assigned a static IP of 192.168.0.3 and no gateway setup, DNS configured for both my nics in the server (192.168.0.3 and 192.168.0.2), (please remember I may have something wrong here as I used a trial and error setup) The other nic I connected internally to a hub then to the clients...The setting for that include: statip ip of 192.168.0.2 , gateway: 192.168.0.2(self), dns: 192.168.0.2(self). I have the firewalls in ISA configured to allow all traffic in and all traffic out and redirect port 82 to another internal webserver. Everything seems to work perfectly besides for the DNS. I want the dns to point to my static wan ip (ppoe) through the nic 192.168.0.3. Does that make any sense? If not can someone please explain another alternative setup. All i need is a simple record pointing my domain ga065 dot org to the ip 65 dot 6 dot 129 dot 62.

Thanks!!
0
 
LVL 23

Expert Comment

by:rhandels
Comment Utility
Hi,

If you need to point external ip addresses to a domainname that's on the net, i would suggest making sure this is done by your ISP who hosts the domainname. Only use DNS for your internal resolvance.

What can be done better is to make sure these services are distributed among servers. For a starter, don't have a  multihomed machine as Exchange server, Make sure ISA is in front of the network, not within the network. Make sure to have one machine as DC, DHCP, DNS and stuff and don't try to use more than 2 NIC's in a ISA server.

Also, if you have two NIC's that need to "divide" two subnets, don't use the same subnet for the internal and external NIC, try changing the ip address of the external NIC from 192.168.0.3 to 192.168.1.3 with a subnet mask of 255.255.255.0. Or even better, just ask what you want to do with it and ask us for help, there are a lot of things wrong...
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video discusses moving either the default database or any database to a new volume.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now