Solved

Configuring DNS settings on Windows 2003 to resolve external website.

Posted on 2006-06-19
11
1,525 Views
Last Modified: 2007-12-19
First off, I did not set up our win2k3 domain and have very little knowledge of Domain Controllers or DNS Administration.

Internally we have a domain configured with a name like "example.com".  However, externally we also have a website with a domain name  "www.example.com".  In addition, externally on the same ip as "www.example.com" we had a website "www.example2.com".  

We have since changed the external website "www.example.com" so that it has it's own ip address however internally within OUR local domain("example.com") only, "www.example.com" is still resolving to the same external ip address as "www.example2.com".

Dnsstuff.com resolves our www domain to the proper ip address.  When I do an "ipconfig /all" it shows my DNS servers as

192.168.1.2
 65.106.1.196

When I manually assign the DNS server of 65.106.1.196 to my network interface, instead of the option to automatically obtain, then www.example.com resolves properly.  So I figure this means that internally, the dns is not resolving properly and that our external ISP provided dns server is working properly.  

I would like to know how I can fix our DNS or DC to allow all computers in the local domain to resolve www.example.com to the proper address.  As I am not terribly familiar with DNS, I attempted to create a "New Host(A)" record within the local "example.com" domain record however when trying to bind it to an external address, I was given an error that there was no corresponding reverse lookup zone.
I'm not confident I'm going about this right.  

Can anyone give me any pointers as to how I can get all the domain computers to resolve the external domain to the proper ip address?
Any help would be greatly appreciated.
0
Comment
Question by:steveshap
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 23

Accepted Solution

by:
Erik Bjers earned 300 total points
ID: 16934964
your internal clients should be looking at your DNS server for name resolution.  Make sure that you have them configured this way.  Then make sure you have a host www with the correct IP in your example.com forward lookup zone.

eb
0
 
LVL 13

Expert Comment

by:marine7275
ID: 16934977
I would change your internal domain to example.local
0
 

Author Comment

by:steveshap
ID: 16935028
Thanks for the replies

Ebjers, in reply to your suggestion, how would I go about doing this?
When I tried to create a new host(A) record for www, with the proper ip address and with "Create associated pointer(PTR) record" checked, error was given: "Warning The associated pointer record cannot be created probably because the referenced  reverse lookup zone cannot be found"
When I did not check "Create PTR" I was given the error: "The host record www.example.com cannot be created.  The record already exists"  
If this is so, how can I find it to change the ip address?

As a side note, in the network adapter properties of the Win2k3 server, for TCP/IP settings, the DNS Server addresses were listed as internal first, then external.  When I changed the order to external first, then internal, the dns seemed to resolve properly but I'm pretty sure the internal address was first for a good reason.

0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 

Author Comment

by:steveshap
ID: 16935055
Actually in response to ebjers, I saw there were multiple 'www' entries for the domain record.  Some with the proper ip address and some with the old address.  I deleted all the old entries and removed the duplicates and now it seems to resolve properly.

Is there anything else I need to do to ensure it is setup properly?
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935119
The error with the reverse lookup zone not existing, indicates that you may need to create one.  You can have more than one host record for www, but each one needs to have a different IP address.  Check the www record you have in DNS and make sure it has the correct IP.

As far as DNS servers in TCP/IP settings your servers and clients should ONLY have your DNS servers listed NO EXTERNAL DNS SERVERS.

You would then need to create forwarders in your DNS to handle external lookups.

quick questions;

Does this DNS server serve both internal and external requests?

Adding forwarders:
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

eb
0
 

Author Comment

by:steveshap
ID: 16935144
This dns server only serves local dns requests.  
0
 

Author Comment

by:steveshap
ID: 16935319
Actually, I'm unsure of the last question.  The internal dns server only resolves local requests for external addresses.  Mostly for resolving web addresses.

After following the link you provided, I removed the extra dns address registration on the network interface of the DC.  I then made sure there was a forwarder configured.  When I do ipconfig /all on the server only the local dns address is displayed and everything seems to be resolving properly.  

After releasing and renewing a domain computer and then flushing dns and doing ipconfig /all, the internal AND external DNS server addresses are still showing.  Is there somewhere else on the server I have to configure this?  DHCP?
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935438
To clearify my question;
Your internal clinet look at your DNS server for name lookups (or they will after you change your scope options) and your DNS server forwards the requests to other DNS servers that you configured in forwarders (BTW you may want to add 4.2.2.2 as one of your forwarders, it is the best DNS server I know of).  So far this is the way it is sapposed to work.

If someone trys to go to www.yourdomain.com they need to get the IP address asociated with your server from the DNS server assigned to them by there ISP, but that server needs to get it's info from somewhere.  Is your DNS server accessable from the outside world for name lookups, or is your domain registered with an external name registration service?  If you answer yes to the last part then they are handeling requests for your domain from outside clients, if no then your server is providing DNS info to outside DNS servers.


You need to change your DHCP scop options

http://support.microsoft.com/default.aspx?scid=kb;en-us;139904&sd=tech

0
 

Author Comment

by:steveshap
ID: 16935597
Our internal domain's DNS server is not available to the public at all.  It exists only internally.  Any public dns request for our domain will be routed to our offsite, 3rd party web host.  We do no hosting internally.

Changing the scope options seems to have eliminated the additional entry in the DNS server list for a domain client computer and all addresses still seem to be resolving properly.  

Is that all that needs to be done or is there more that I'm missing?  Things seem to be running properly.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16935677
Should be all that needs to be done, glad it works.

eb
0
 

Author Comment

by:steveshap
ID: 16935697
Thank you... points awarded.
0

Featured Post

Report: Liquid Web beats Amazon, Rackspace & More

A study by performance analyst firm Cloud Spectator finds that Liquid Web beats rivals Amazon, Rackspace and DigitalOcean when it comes to website and cloud application performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question