Solved

Open DNS

Posted on 2006-06-25
8
236 Views
Last Modified: 2010-04-18
Hi All,

Im running Windows 2003 Server with SP2 (domain controller), and Exchange 2003 SP2(separate box) and file server that runs win 2003 SP2.

I went to www.dnsreport.com to do a test on my domain. In Open DNS row it says thas i have an open DNS server. I did what the recommended:

Open DNS.
In the console tree, right-click the applicable DNS server, then click Properties.
Click the Advanced tab.
In Server options, select the Disable recursion check box, and then click OK.

Once i applied the above changes o could not browse the internet.


Any ideas ?


Thanks
Chris
0
Comment
Question by:aucklandnz
  • 3
  • 2
8 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 16980502
In DNS, on the properties of the server, make sure you are only servicing (listening) on the internal NIC.
Also, put the ISP DNS address on the Forwarder tab.

0
 
LVL 3

Author Comment

by:aucklandnz
ID: 16980594
i have done it and i still cant browse the net

thanks
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16980675
Make sure every NIC inside the LAN only points to your DNS - including the server.

If there is a root zone "." then delete it and restart DNS (or the server).

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 3

Author Comment

by:aucklandnz
ID: 16980716
There is no "." root zone. and when i run ipconfig /all on clients it says that clients point to my domain controller for dns

thanks
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 16981270
any other suggestions ?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 16982269

Turn recursion back on and don't allow inbound traffic (from the Internet) on Port 53 (UDP) to your DNS Server.

If you disable Recursion for the entire server you will not be able to use Forwarders and you will not be able to resolve external names as you have taken away all it's means to do so.

An Open DNS server mans that others can use it for queries - it's not good practice to use your AD domains DNS Server as a public one - in many cases because Dynamic Updates will play merry hell with a public domain if left switched on.

Chris
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
A short film showing how OnPage and Connectwise integration works.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now