Solved

DNS

Posted on 2004-10-21
436 Views
Last Modified: 2010-04-10
Hello,

I just elavated a server 2000 machine to a domain controller and i am having a strange problem with dns. My client computers were set to get dns info from the server but were unable to get to the internet. They are able to get mail and ping the gateway. They also get the internet when i hard code the dns numbers into the network connection. Am i missing something in the dns forward lookups or in dhcp. Help!!!!

Thanks
0
Question by:drizzt04240
    13 Comments
     
    LVL 2

    Expert Comment

    by:whiting002
    Open up DHCP and look under "Scope Options" and make sure that the DNS Server is listed.
    0
     
    LVL 2

    Expert Comment

    by:stevemjp
    are you using active directory?

    Make sure the DNS zones are set to 'secure and non-secure.' otherwaie unless you authenticate with the AD, you cant perform a DNS lookup.

    If you are using AD, make sure you are authenticated.

    Does you DNS server act as a forwarder to an external DNS box?

    from the client open the cmd prompt and do the following:

    ipconfig/release
    ipconfig/renew
    ipconfig/all

    are there any dns servers listed in the ipconfig/all results?

    0
     
    LVL 2

    Expert Comment

    by:mivbinfotech
    Got to DNS server mmc
    right click your server name go to properties  there is an option for forwarders add the dns servers of your isp over there this should solve the issue.
    0
     

    Expert Comment

    by:iwalmsley
    In addition to what mivbinfotech said, you might need to add NAT (Network Address Translation) to your server. I was having this same problem with my client/server network. DHCP and DNS was working fine, after I added my isps DNS address.  When I added NAT to the Routing Controls, every clients was able to access the internet.
    0
     

    Author Comment

    by:drizzt04240
    Hello,

    Thanks for the great feedback. I don't like to sound like i don't know it all...grin...but i do not. I would love to put the forwards in but it is all grayed out and tells me that i cannot have forwarders because this is a root server. I am now going to try adding NAT to the routing controls.

    Thanks
    0
     

    Author Comment

    by:drizzt04240
    Hello again,

    I was reading about NAT and it said something about resetting the home network interface to 192.168.0.1 or the first ip address in the range. What is the purpose of this? Does this have something to do with my problem?
    0
     
    LVL 10

    Accepted Solution

    by:
    The 192.168.0.1 NAT statement you wrote above doesn't have anything to do with your DNS problem.

    Here's what I think your problem is:

    A root server is a DNS server that knows ALL the top level domains like .com .gov .net etc.  This is clearly not what you want for your network.  In other words, your DNS server does not know what every IP address is for each host in the .com domain.  There are specific "root servers" for that on the Internet.  If configured correctly, your server will query these when it wants to resolve stuff like company.com or company.net. etc.  You will need to remove the root zone on your server and add the correct zone for your network.    

    To remove this zone:
    Click Start, point to Programs, click Administrative Tools, and then double-click DNS to start the DNS Management console.
    -Expand the DNS server object.
    -Expand the Forward Lookup Zones folder.
    -Click the zone that is marked with a period (.), and then press the DELETE key. Click OK.

    Also, I beleive in your situation, you need to do "split-brain" DNS.  This will allow your internal DNS server(s) to do name resolution for your internal AD hosts and then let a public DNS server on the Internet do name resolution for your public hosts.

    Check out this article written by Mark Minasi which explains this:
    http://www.winnetmag.com/Windows/Article/ArticleID/21128/21128.html

    Let us know if you need any further info on how to do split brain DNS.
    0
     
    LVL 16

    Expert Comment

    by:The--Captain
    >Here's what I think your problem is:
    >
    >A root server is a DNS server that knows ALL the top level domains like .com .gov .net etc.  This is clearly not what you want for
    >your network.

    I concur.

    Cheers,
    -Jon
    0
     
    LVL 2

    Expert Comment

    by:stevemjp
    how is this root server created?
    0
     

    Author Comment

    by:drizzt04240
    Thanks for the very well written explanation..i will try it out and read the article


    0
     

    Author Comment

    by:drizzt04240
    I read the article like you suggested...I still have one problem. If my domain.com zone is the intranet dns and i need to use forwarders to my ISP as my Internet dns then why what could cause the forwarders section to be unavailable. Can anyone out there recommend a good book or site that really digs deep into the in's and out's of AD, DNS, & DHCP and how they work together.

    Thanks again
    0
     
    LVL 2

    Expert Comment

    by:whiting002
    If you're looking for a book/books try the Microsoft published guides for the MCP Exams.  I'm not sure you can get much more in depth.
    0
     
    LVL 10

    Expert Comment

    by:plemieux72
    Ok, again, Mark Minasi... I think he's got the best chapter in his Mastering Windows Server 2003 Sybex book about DNS.  It's chapter 7 if I remember correctly.  The book is worth every penny even if you just read chapter 7.  Now, DHCP and AD are very well explained too.  Anyway, the DNS chapter is pretty lengthy but once you've read it, you will understand everything!  Not only that, you will get to configure your network CORRECTLY!  I swear, before I read that, my DNS setup was all incorrect and although it was working, performance was sluggish.  DNS is not something you want to skimp on... you need to get that right before adding anymore services.

    Now, have you removed the root zone?  As soon as you do that, the forwarders tab will become available.  The reason for this is simple:  a root server does not need forwarders since it knows everything!  It cannot query any higher-up DNS server for name resolution since itself is already the highest server in the hierarchy.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
    Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now