?
Solved

Configuring DNS settings on Windows 2003 to resolve external website.

Posted on 2006-06-19
11
Medium Priority
?
1,529 Views
Last Modified: 2007-12-19
First off, I did not set up our win2k3 domain and have very little knowledge of Domain Controllers or DNS Administration.

Internally we have a domain configured with a name like "example.com".  However, externally we also have a website with a domain name  "www.example.com".  In addition, externally on the same ip as "www.example.com" we had a website "www.example2.com".  

We have since changed the external website "www.example.com" so that it has it's own ip address however internally within OUR local domain("example.com") only, "www.example.com" is still resolving to the same external ip address as "www.example2.com".

Dnsstuff.com resolves our www domain to the proper ip address.  When I do an "ipconfig /all" it shows my DNS servers as

192.168.1.2
 65.106.1.196

When I manually assign the DNS server of 65.106.1.196 to my network interface, instead of the option to automatically obtain, then www.example.com resolves properly.  So I figure this means that internally, the dns is not resolving properly and that our external ISP provided dns server is working properly.  

I would like to know how I can fix our DNS or DC to allow all computers in the local domain to resolve www.example.com to the proper address.  As I am not terribly familiar with DNS, I attempted to create a "New Host(A)" record within the local "example.com" domain record however when trying to bind it to an external address, I was given an error that there was no corresponding reverse lookup zone.
I'm not confident I'm going about this right.  

Can anyone give me any pointers as to how I can get all the domain computers to resolve the external domain to the proper ip address?
Any help would be greatly appreciated.
0
Comment
Question by:steveshap
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 23

Accepted Solution

by:
Erik Bjers earned 900 total points
ID: 16934964
your internal clients should be looking at your DNS server for name resolution.  Make sure that you have them configured this way.  Then make sure you have a host www with the correct IP in your example.com forward lookup zone.

eb
0
 
LVL 13

Expert Comment

by:marine7275
ID: 16934977
I would change your internal domain to example.local
0
 

Author Comment

by:steveshap
ID: 16935028
Thanks for the replies

Ebjers, in reply to your suggestion, how would I go about doing this?
When I tried to create a new host(A) record for www, with the proper ip address and with "Create associated pointer(PTR) record" checked, error was given: "Warning The associated pointer record cannot be created probably because the referenced  reverse lookup zone cannot be found"
When I did not check "Create PTR" I was given the error: "The host record www.example.com cannot be created.  The record already exists"  
If this is so, how can I find it to change the ip address?

As a side note, in the network adapter properties of the Win2k3 server, for TCP/IP settings, the DNS Server addresses were listed as internal first, then external.  When I changed the order to external first, then internal, the dns seemed to resolve properly but I'm pretty sure the internal address was first for a good reason.

0
WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

 

Author Comment

by:steveshap
ID: 16935055
Actually in response to ebjers, I saw there were multiple 'www' entries for the domain record.  Some with the proper ip address and some with the old address.  I deleted all the old entries and removed the duplicates and now it seems to resolve properly.

Is there anything else I need to do to ensure it is setup properly?
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935119
The error with the reverse lookup zone not existing, indicates that you may need to create one.  You can have more than one host record for www, but each one needs to have a different IP address.  Check the www record you have in DNS and make sure it has the correct IP.

As far as DNS servers in TCP/IP settings your servers and clients should ONLY have your DNS servers listed NO EXTERNAL DNS SERVERS.

You would then need to create forwarders in your DNS to handle external lookups.

quick questions;

Does this DNS server serve both internal and external requests?

Adding forwarders:
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

eb
0
 

Author Comment

by:steveshap
ID: 16935144
This dns server only serves local dns requests.  
0
 

Author Comment

by:steveshap
ID: 16935319
Actually, I'm unsure of the last question.  The internal dns server only resolves local requests for external addresses.  Mostly for resolving web addresses.

After following the link you provided, I removed the extra dns address registration on the network interface of the DC.  I then made sure there was a forwarder configured.  When I do ipconfig /all on the server only the local dns address is displayed and everything seems to be resolving properly.  

After releasing and renewing a domain computer and then flushing dns and doing ipconfig /all, the internal AND external DNS server addresses are still showing.  Is there somewhere else on the server I have to configure this?  DHCP?
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935438
To clearify my question;
Your internal clinet look at your DNS server for name lookups (or they will after you change your scope options) and your DNS server forwards the requests to other DNS servers that you configured in forwarders (BTW you may want to add 4.2.2.2 as one of your forwarders, it is the best DNS server I know of).  So far this is the way it is sapposed to work.

If someone trys to go to www.yourdomain.com they need to get the IP address asociated with your server from the DNS server assigned to them by there ISP, but that server needs to get it's info from somewhere.  Is your DNS server accessable from the outside world for name lookups, or is your domain registered with an external name registration service?  If you answer yes to the last part then they are handeling requests for your domain from outside clients, if no then your server is providing DNS info to outside DNS servers.


You need to change your DHCP scop options

http://support.microsoft.com/default.aspx?scid=kb;en-us;139904&sd=tech

0
 

Author Comment

by:steveshap
ID: 16935597
Our internal domain's DNS server is not available to the public at all.  It exists only internally.  Any public dns request for our domain will be routed to our offsite, 3rd party web host.  We do no hosting internally.

Changing the scope options seems to have eliminated the additional entry in the DNS server list for a domain client computer and all addresses still seem to be resolving properly.  

Is that all that needs to be done or is there more that I'm missing?  Things seem to be running properly.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935677
Should be all that needs to be done, glad it works.

eb
0
 

Author Comment

by:steveshap
ID: 16935697
Thank you... points awarded.
0

Featured Post

Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question