DNS

Hello,

I just elavated a server 2000 machine to a domain controller and i am having a strange problem with dns. My client computers were set to get dns info from the server but were unable to get to the internet. They are able to get mail and ping the gateway. They also get the internet when i hard code the dns numbers into the network connection. Am i missing something in the dns forward lookups or in dhcp. Help!!!!

Thanks
drizzt04240Asked:
Who is Participating?
 
plemieux72Connect With a Mentor Commented:
The 192.168.0.1 NAT statement you wrote above doesn't have anything to do with your DNS problem.

Here's what I think your problem is:

A root server is a DNS server that knows ALL the top level domains like .com .gov .net etc.  This is clearly not what you want for your network.  In other words, your DNS server does not know what every IP address is for each host in the .com domain.  There are specific "root servers" for that on the Internet.  If configured correctly, your server will query these when it wants to resolve stuff like company.com or company.net. etc.  You will need to remove the root zone on your server and add the correct zone for your network.    

To remove this zone:
Click Start, point to Programs, click Administrative Tools, and then double-click DNS to start the DNS Management console.
-Expand the DNS server object.
-Expand the Forward Lookup Zones folder.
-Click the zone that is marked with a period (.), and then press the DELETE key. Click OK.

Also, I beleive in your situation, you need to do "split-brain" DNS.  This will allow your internal DNS server(s) to do name resolution for your internal AD hosts and then let a public DNS server on the Internet do name resolution for your public hosts.

Check out this article written by Mark Minasi which explains this:
http://www.winnetmag.com/Windows/Article/ArticleID/21128/21128.html

Let us know if you need any further info on how to do split brain DNS.
0
 
whiting002Commented:
Open up DHCP and look under "Scope Options" and make sure that the DNS Server is listed.
0
 
stevemjpCommented:
are you using active directory?

Make sure the DNS zones are set to 'secure and non-secure.' otherwaie unless you authenticate with the AD, you cant perform a DNS lookup.

If you are using AD, make sure you are authenticated.

Does you DNS server act as a forwarder to an external DNS box?

from the client open the cmd prompt and do the following:

ipconfig/release
ipconfig/renew
ipconfig/all

are there any dns servers listed in the ipconfig/all results?

0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
mivbinfotechCommented:
Got to DNS server mmc
right click your server name go to properties  there is an option for forwarders add the dns servers of your isp over there this should solve the issue.
0
 
iwalmsleyCommented:
In addition to what mivbinfotech said, you might need to add NAT (Network Address Translation) to your server. I was having this same problem with my client/server network. DHCP and DNS was working fine, after I added my isps DNS address.  When I added NAT to the Routing Controls, every clients was able to access the internet.
0
 
drizzt04240Author Commented:
Hello,

Thanks for the great feedback. I don't like to sound like i don't know it all...grin...but i do not. I would love to put the forwards in but it is all grayed out and tells me that i cannot have forwarders because this is a root server. I am now going to try adding NAT to the routing controls.

Thanks
0
 
drizzt04240Author Commented:
Hello again,

I was reading about NAT and it said something about resetting the home network interface to 192.168.0.1 or the first ip address in the range. What is the purpose of this? Does this have something to do with my problem?
0
 
The--CaptainCommented:
>Here's what I think your problem is:
>
>A root server is a DNS server that knows ALL the top level domains like .com .gov .net etc.  This is clearly not what you want for
>your network.

I concur.

Cheers,
-Jon
0
 
stevemjpCommented:
how is this root server created?
0
 
drizzt04240Author Commented:
Thanks for the very well written explanation..i will try it out and read the article


0
 
drizzt04240Author Commented:
I read the article like you suggested...I still have one problem. If my domain.com zone is the intranet dns and i need to use forwarders to my ISP as my Internet dns then why what could cause the forwarders section to be unavailable. Can anyone out there recommend a good book or site that really digs deep into the in's and out's of AD, DNS, & DHCP and how they work together.

Thanks again
0
 
whiting002Commented:
If you're looking for a book/books try the Microsoft published guides for the MCP Exams.  I'm not sure you can get much more in depth.
0
 
plemieux72Commented:
Ok, again, Mark Minasi... I think he's got the best chapter in his Mastering Windows Server 2003 Sybex book about DNS.  It's chapter 7 if I remember correctly.  The book is worth every penny even if you just read chapter 7.  Now, DHCP and AD are very well explained too.  Anyway, the DNS chapter is pretty lengthy but once you've read it, you will understand everything!  Not only that, you will get to configure your network CORRECTLY!  I swear, before I read that, my DNS setup was all incorrect and although it was working, performance was sluggish.  DNS is not something you want to skimp on... you need to get that right before adding anymore services.

Now, have you removed the root zone?  As soon as you do that, the forwarders tab will become available.  The reason for this is simple:  a root server does not need forwarders since it knows everything!  It cannot query any higher-up DNS server for name resolution since itself is already the highest server in the hierarchy.
0
All Courses

From novice to tech pro — start learning today.