Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1534
  • Last Modified:

Configuring DNS settings on Windows 2003 to resolve external website.

First off, I did not set up our win2k3 domain and have very little knowledge of Domain Controllers or DNS Administration.

Internally we have a domain configured with a name like "example.com".  However, externally we also have a website with a domain name  "www.example.com".  In addition, externally on the same ip as "www.example.com" we had a website "www.example2.com".  

We have since changed the external website "www.example.com" so that it has it's own ip address however internally within OUR local domain("example.com") only, "www.example.com" is still resolving to the same external ip address as "www.example2.com".

Dnsstuff.com resolves our www domain to the proper ip address.  When I do an "ipconfig /all" it shows my DNS servers as

192.168.1.2
 65.106.1.196

When I manually assign the DNS server of 65.106.1.196 to my network interface, instead of the option to automatically obtain, then www.example.com resolves properly.  So I figure this means that internally, the dns is not resolving properly and that our external ISP provided dns server is working properly.  

I would like to know how I can fix our DNS or DC to allow all computers in the local domain to resolve www.example.com to the proper address.  As I am not terribly familiar with DNS, I attempted to create a "New Host(A)" record within the local "example.com" domain record however when trying to bind it to an external address, I was given an error that there was no corresponding reverse lookup zone.
I'm not confident I'm going about this right.  

Can anyone give me any pointers as to how I can get all the domain computers to resolve the external domain to the proper ip address?
Any help would be greatly appreciated.
0
steveshap
Asked:
steveshap
  • 6
  • 4
1 Solution
 
Erik BjersPrincipal Systems AdministratorCommented:
your internal clients should be looking at your DNS server for name resolution.  Make sure that you have them configured this way.  Then make sure you have a host www with the correct IP in your example.com forward lookup zone.

eb
0
 
marine7275Commented:
I would change your internal domain to example.local
0
 
steveshapAuthor Commented:
Thanks for the replies

Ebjers, in reply to your suggestion, how would I go about doing this?
When I tried to create a new host(A) record for www, with the proper ip address and with "Create associated pointer(PTR) record" checked, error was given: "Warning The associated pointer record cannot be created probably because the referenced  reverse lookup zone cannot be found"
When I did not check "Create PTR" I was given the error: "The host record www.example.com cannot be created.  The record already exists"  
If this is so, how can I find it to change the ip address?

As a side note, in the network adapter properties of the Win2k3 server, for TCP/IP settings, the DNS Server addresses were listed as internal first, then external.  When I changed the order to external first, then internal, the dns seemed to resolve properly but I'm pretty sure the internal address was first for a good reason.

0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
steveshapAuthor Commented:
Actually in response to ebjers, I saw there were multiple 'www' entries for the domain record.  Some with the proper ip address and some with the old address.  I deleted all the old entries and removed the duplicates and now it seems to resolve properly.

Is there anything else I need to do to ensure it is setup properly?
0
 
Erik BjersPrincipal Systems AdministratorCommented:
The error with the reverse lookup zone not existing, indicates that you may need to create one.  You can have more than one host record for www, but each one needs to have a different IP address.  Check the www record you have in DNS and make sure it has the correct IP.

As far as DNS servers in TCP/IP settings your servers and clients should ONLY have your DNS servers listed NO EXTERNAL DNS SERVERS.

You would then need to create forwarders in your DNS to handle external lookups.

quick questions;

Does this DNS server serve both internal and external requests?

Adding forwarders:
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

eb
0
 
steveshapAuthor Commented:
This dns server only serves local dns requests.  
0
 
steveshapAuthor Commented:
Actually, I'm unsure of the last question.  The internal dns server only resolves local requests for external addresses.  Mostly for resolving web addresses.

After following the link you provided, I removed the extra dns address registration on the network interface of the DC.  I then made sure there was a forwarder configured.  When I do ipconfig /all on the server only the local dns address is displayed and everything seems to be resolving properly.  

After releasing and renewing a domain computer and then flushing dns and doing ipconfig /all, the internal AND external DNS server addresses are still showing.  Is there somewhere else on the server I have to configure this?  DHCP?
0
 
Erik BjersPrincipal Systems AdministratorCommented:
To clearify my question;
Your internal clinet look at your DNS server for name lookups (or they will after you change your scope options) and your DNS server forwards the requests to other DNS servers that you configured in forwarders (BTW you may want to add 4.2.2.2 as one of your forwarders, it is the best DNS server I know of).  So far this is the way it is sapposed to work.

If someone trys to go to www.yourdomain.com they need to get the IP address asociated with your server from the DNS server assigned to them by there ISP, but that server needs to get it's info from somewhere.  Is your DNS server accessable from the outside world for name lookups, or is your domain registered with an external name registration service?  If you answer yes to the last part then they are handeling requests for your domain from outside clients, if no then your server is providing DNS info to outside DNS servers.


You need to change your DHCP scop options

http://support.microsoft.com/default.aspx?scid=kb;en-us;139904&sd=tech

0
 
steveshapAuthor Commented:
Our internal domain's DNS server is not available to the public at all.  It exists only internally.  Any public dns request for our domain will be routed to our offsite, 3rd party web host.  We do no hosting internally.

Changing the scope options seems to have eliminated the additional entry in the DNS server list for a domain client computer and all addresses still seem to be resolving properly.  

Is that all that needs to be done or is there more that I'm missing?  Things seem to be running properly.
0
 
Erik BjersPrincipal Systems AdministratorCommented:
Should be all that needs to be done, glad it works.

eb
0
 
steveshapAuthor Commented:
Thank you... points awarded.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now