DNS

Hi We have just set up a new server 2003  system  and we were advised to use our router  for DNS but we think that this is causing all the windows xp machines to run slow as thay are all running really slow when browsing the network and starting up. would it be better to use the server for DNS to help speed the xp machines up?.
doddwellAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Steve KnightIT ConsultancyCommented:
The server should be used for DNS as it is used to find resources on the domain assuming you are running Active Directory.  You could still use the router to give out DHCP addresses if you wish as long as it hands out the DNS pointing at your server.  

Personally I would run DHCP and DNS on the Windows 2003 box and leave the router to do routing.

Steve
0
Steve KnightIT ConsultancyCommented:
The DNS on your server should then point at your router or ISP DNS servers as forwarder.

Steve
0
Chris DentPowerShell DeveloperCommented:

Yes, absolutely. I take it that you have an Active Directory Domain along with that? It would explain all the problems with slow startups and such.

The DNS running on your server is, by default, capable of finding out about hosts on the Internet so nothing really needs to be changed there unless you want to add things.

HTH

Chris
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

nickhillsCommented:
as dragon-it suggests this is far better than using your router for dns.

if you really want to you can configure the serve DNS to actually perform lookups via your router, but without an AD DNS server you will have real problems, speed being the least of them
:)

forget what you were advised, and listen to the man above!
0
Rob WilliamsCommented:
DNS as stated should definately be configured on the server as stated by others. To be more specific:

Assuming you have completed the server installation, installed Active Directory, and joined the workstations to the Domain, make sure DNS is configured as follows, assuming a single network adapter:
-The server's NIC should be configured with a static IP, the Internet router as the gateway, and only the server itself as the DNS server. Do not use an ISP DNS server here
-Each workstation should be configured using DHCP (obtain and IP address and DNS automatically) or if configured with static addresses; a static IP in the same subnet as the server, same subnet mask as the server, the gateway pointing to your Internet router, and the DNS server pointing ONLY to the server/domain controller. Again do not put an ISP's DNS server here
-In the DNS management console under Administrative tools, right click on the server name and choose properties. On the Forwarders tab add your ISP's DNS servers
-If the workstations are using DHCP, open the DHCP management console on the server under Administrative tools and click on the server name to expand it, click on the scope to expand it, right click on scope options and choose configure options. On the general tab add the Internet router's IP in #003 router and the server's IP in #006 DNS Servers
-You really should enable DHCP on the server and disable on the router. Enabling DHCP on the server allows for dynamic updates to DNS

This should help with the slow logons. If you have the ISP's DNS's anywhere in the NIC's, the workstations will often go to the Internet to try to resolve names and cause them to "hang".
Also where you have been having problems, on the workstations that have been having problems you should clear the DNS cache by entering at a command line  IPConfig  /flushdns
0
doddwellAuthor Commented:
I assume i have to setup DNS on the server to look at the ISP. can you let me know how to do this please?

Thanks
0
Rob WilliamsCommented:
>>" assume i have to setup DNS on the server to look at the ISP. can you let me know how to do this please?"
Using Forwarders as above.
0
nickhillsCommented:
or even not bother - the Microsoft DNS server will obtain the root hints from the root servers, and resolve addresses without having to use your ISP's servers at all.

you may however be obligated to use your ISPs servers, in which case RobWill's note on forwarders stands.

regards,
Nick
0
doddwellAuthor Commented:
I have done as you suggested (RobWill). everything works fine thanks .Except I can't access our website I can access all others, the website is hosted externally any ideas
0
Rob WilliamsCommented:
By; "the website is hosted externally any ideas" do you mean an out side company like any other or on the DMZ of your router?
You could manually add an 'A' record to DNS, but if external it should resolve correctly. On a machine that cannot connect/resolve, try running at a command line:
 ipconfig  /flushdns
 ipconfig  /registerdns
then try
  nslookup  www.YourDomainName.xyz
and see if it resolves the IP.
0
doranhatcherCommented:
If when installing Active Directory you named your Domain the very same name that is your registared Domain name then you will have a DNS resolution problem. You workstations will attempt to browes for the domain name 'www.yourdomain.com' on the Internet but will resolve to you server within you internal structure due to DNS pointing to the server that has the Active Directory domain listed as that's who it is. I suppose you could host your own Web on the IIS of the server and have your DNS records point to you public IP That may allow the internal empoyees to browes to your web and the rest of the world too.
0
cooleditCommented:
hi, there

as long as you are sure on the DHCP scope that your clients only use your DNS server as the primary. No ISP dns on client pc.

be sure that only the External NIC card is the one with the ISP DNS on..... That should speed up things..

If not try the Microsoft Article regarding the Keberos TCP force...

http://support.microsoft.com/?id=244474

Cooledit
0
Rob WilliamsCommented:
doranhatcher, has an excellent point. What are your AD/local domain and your web domain names. Substitute characters to remain anonymous if you like. Microsoft's "best practices" recommend you name your External/web domain something like www.xyzcompany.com and the internal/local domain name as www.xyzcompany.local  That would not be easy to change at this point, and I wouldn't recommend it, but I am sure someone will have a workaround for that, if this is your situation, it is fairly common.
0
nickhillsCommented:
or just create a a record for www that resolves to the ip address of your webserver, then when you try to resolve www.yourdomain.com it will be resolved internally internally, but resolved to the correct external ip hosting your site

regards,
Nick
0
doranhatcherCommented:
depending on just how new this server build is and to amount of clients that are with in the network the easiest way I have found is to simply rebuild the domain environment by running DCPROMO and demoting the server and then once all the domain information is removed reboot and then run DCPROMO again renaming the domain in such a manner as to not have any internal browsing resolve to your server where the web is not currently hosted. When you demote the server you will loose all your users, groups, computers and policies that made up the Active Directory structure. demote the workstation to a work group recreate the users, groups and policies and rejoin the workstations and thins will be back on track.
0
doranhatcherCommented:
I've never had much luck with the simple forwarding DNS record for resolution like this. Bind, DNS with Unix, works just that easy but DNS in Microsoft Active Directory hasn't been so cooperative with me on issues like these
0
nickhillsCommented:
doranhatcher-
i guess there could be problems if the webserver was using round robin dns for load balancing, but i have never had any problems using a simple staic IP, and we have done it dozens of times.

got to be worth a go hasn't it?

regards,
Nick
0
doddwellAuthor Commented:
-nickhills
I want to try your idea first, but im not sure how to create the record. can you please let me know how to do it.

Cheers
0
Steve KnightIT ConsultancyCommented:
Go into the DNS admin tool on the server drill down under your server name then right click on the domain name and choose new host.  Enter hostname as www then enter the IP address of your webserver.

To find the address of your webserver:

Go to the Start button then Run
Type cmd.exe and press OK
Type NSLOOKUP and Return
type server followed by your routers address or a DNS server at your ISP or if that fail 158.43.128.1 (a DNS server at Pipex)
type www.yourdomain.com
Note down the IP address and enter it in your new WWW host record in DNS above.
exit from Nslookup

Try it...

Steve


0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rob WilliamsCommented:
Thanks doddwell,
--Rob
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.