Solved

Open DNS

Posted on 2006-06-25
8
240 Views
Last Modified: 2010-04-18
Hi All,

Im running Windows 2003 Server with SP2 (domain controller), and Exchange 2003 SP2(separate box) and file server that runs win 2003 SP2.

I went to www.dnsreport.com to do a test on my domain. In Open DNS row it says thas i have an open DNS server. I did what the recommended:

Open DNS.
In the console tree, right-click the applicable DNS server, then click Properties.
Click the Advanced tab.
In Server options, select the Disable recursion check box, and then click OK.

Once i applied the above changes o could not browse the internet.


Any ideas ?


Thanks
Chris
0
Comment
Question by:aucklandnz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 51

Expert Comment

by:Netman66
ID: 16980502
In DNS, on the properties of the server, make sure you are only servicing (listening) on the internal NIC.
Also, put the ISP DNS address on the Forwarder tab.

0
 
LVL 3

Author Comment

by:aucklandnz
ID: 16980594
i have done it and i still cant browse the net

thanks
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16980675
Make sure every NIC inside the LAN only points to your DNS - including the server.

If there is a root zone "." then delete it and restart DNS (or the server).

0
Online Training Solution

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action. Forget about retraining and skyrocket knowledge retention rates.

 
LVL 3

Author Comment

by:aucklandnz
ID: 16980716
There is no "." root zone. and when i run ipconfig /all on clients it says that clients point to my domain controller for dns

thanks
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 16981270
any other suggestions ?
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 125 total points
ID: 16982269

Turn recursion back on and don't allow inbound traffic (from the Internet) on Port 53 (UDP) to your DNS Server.

If you disable Recursion for the entire server you will not be able to use Forwarders and you will not be able to resolve external names as you have taken away all it's means to do so.

An Open DNS server mans that others can use it for queries - it's not good practice to use your AD domains DNS Server as a public one - in many cases because Dynamic Updates will play merry hell with a public domain if left switched on.

Chris
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question