[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DNS

Posted on 2005-04-20
7
Medium Priority
?
361 Views
Last Modified: 2010-04-10
I have a weird problem.

I have sporatic users resolving internal servers to external addresses and it is only a few servers not all of them.  I do an ipconfig /release and a ipconfig /renew then all is well resolving to the correct internal address again.  I have a 2003 domain with users using windows xp pro.  Our domain controllers are our dns servers which we have 2 of.  Like i said it is sporatic and it is not always the same users.

Any ideas????

Thanks
0
Comment
Question by:msavoie33
  • 3
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Caseybea
ID: 13824264
Offhand, I would suspect your DNS cache is getting hosed by outsiders - a result of weak DNS security.    I have no way to prove this, but it's my suspicion.   I would recommend updating your DNS environment with the latest patches and such; and also follow the "how to secure it" recommendations listed here:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/d11c41b7-81c9-4970-8586-af12c75a5742.mspx

0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 13824934
Do your clients point to just the internal DNS servers? or do they have external servers as secondaries?

Also, are you using the same DNS namespace internally and externally?

Last question, do the DNS servers have forwarders setup or do they use root hints for external resolution?
0
 

Author Comment

by:msavoie33
ID: 13825186
This is how it is setup:

primary : 192.x.x.x (internal)
secondary: 192.x.x.x (internal)
additional: 200.x.x.x (external)

Our internal domain name is different from our external name.

And the final comment I am not sure how to look for forwarders  How can I find out?
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
LVL 20

Accepted Solution

by:
brwwiggins earned 1000 total points
ID: 13826025
I wouldn't point the internal clients to an external DNS server. You can never guarantee local resolution that way. I would just have the 2 internal servers forward requests to the outside server and cache them. Open the DNSMGMT console, right click on the DNS server name and go to properties. There is a tab for forwarders. For the dns domain of "all other DNS Domains" enter the IP address of the external servers. Then stop/restart your DNS

Just make sure your DNS servers can communicate out the firewall (if your company has one)

If your servers are authoritative for the domain company.net then any request outside of this will be forwarded to the external DNS box, the response (IP Address) will be returned and cached on the local server.

You also have to be careful having the namespaces different like that. For example, if you have a webpage for www.company.net for internal clients and they accidently go to www.company.com, they will get the external page (if one exists).
0
 

Author Comment

by:msavoie33
ID: 13826980
I have the forwarders set, but the problem is if I take away the external dns entry I have trouble connecting to some internet sites.  Some sites take a long time and some don't load at all.
0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 13827171
if you take away the external entry out of the forwarders you can't resolve names? Or if you take the entry out of the clients you cannot resolve names?
0
 

Author Comment

by:msavoie33
ID: 13827259
Nevermind it took a while but all is back up and running.  Thanks for your help I hope this works.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question