Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 243
  • Last Modified:

Open DNS

Hi All,

Im running Windows 2003 Server with SP2 (domain controller), and Exchange 2003 SP2(separate box) and file server that runs win 2003 SP2.

I went to www.dnsreport.com to do a test on my domain. In Open DNS row it says thas i have an open DNS server. I did what the recommended:

Open DNS.
In the console tree, right-click the applicable DNS server, then click Properties.
Click the Advanced tab.
In Server options, select the Disable recursion check box, and then click OK.

Once i applied the above changes o could not browse the internet.


Any ideas ?


Thanks
Chris
0
aucklandnz
Asked:
aucklandnz
  • 3
  • 2
1 Solution
 
Netman66Commented:
In DNS, on the properties of the server, make sure you are only servicing (listening) on the internal NIC.
Also, put the ISP DNS address on the Forwarder tab.

0
 
aucklandnzAuthor Commented:
i have done it and i still cant browse the net

thanks
0
 
Netman66Commented:
Make sure every NIC inside the LAN only points to your DNS - including the server.

If there is a root zone "." then delete it and restart DNS (or the server).

0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
aucklandnzAuthor Commented:
There is no "." root zone. and when i run ipconfig /all on clients it says that clients point to my domain controller for dns

thanks
0
 
aucklandnzAuthor Commented:
any other suggestions ?
0
 
Chris DentPowerShell DeveloperCommented:

Turn recursion back on and don't allow inbound traffic (from the Internet) on Port 53 (UDP) to your DNS Server.

If you disable Recursion for the entire server you will not be able to use Forwarders and you will not be able to resolve external names as you have taken away all it's means to do so.

An Open DNS server mans that others can use it for queries - it's not good practice to use your AD domains DNS Server as a public one - in many cases because Dynamic Updates will play merry hell with a public domain if left switched on.

Chris
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now