Link to home
Start Free TrialLog in
Avatar of Matrix1000

asked on

Basic DNS Setup - Am I doing this right?

I've got a few domain names and I've got MS 2003 Server Web Edition
I want to make sure I'm setting up DNS the 'right' way.

I've gone into the server and...
1. Right clicked on the Server Name >New Zone>Next>Primary Zone>Forward Lookup Zone>Zone>Create a New file with this>Do not allow dynamic updates>Finish.

2. Right Click on the new zone> New Host (A)...>Name=ns1...IP_address=123.456.789.1 (leave 'Create associated pointer(PTR) record unchecked.)>Done

3. Double click on the '(same as parent folder) Start of Authority (SOA) > on the 'Start of Authority(SOA) tab click 'Browse' next to the 'Primary Server' box and browse to > Servername/Forward Lookup Zone/ and click OK so 'Primary server =

 4. Then click on the 'Name Servers' Tab>Remove the 'servername.' >Click Add and Browse to Servername/Forward Lookup Zone/ and click OK.OK

5. In dnsmgmt right click on the zone and select 'New Alias (CNAME)'. Alias name=www > Browse for Fully qualified domain name (FQDN) for target host and go to .... Servername/Forward Lookup Zone/ ... then click OK...

5. Do the same process as step 4 for 'mail' and 'ftp' and ' ' . Everything is pointing to besides ns1 which is pointing to the servers IP address and the (SOA) which is pointed at ', hostmaster.'

Is that right? Should I be using CNAME's for all of those? Did I set everything correctly? Should anything be pointed to 'servername. '

I have to make my own ns1 because my domain registrar won't allow me to use their nameserver. I could only point at my own nameserver....

Thanks for any corrections.
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image


Almost everything is perfect.

There's just a little for 5 and 5 again. www and ftp are fine as CNAME records - although personally I think making them an Alias for NS1 isn't so good as it clearly advertises that everything is on one server. However - it's not the end of the world and hardly a major problem.

For mail are you intending recieving mail on that domain? If so you're going to need an MX Record (and a mail server of course). For the MX record you will need the mail address, but it must be a Host Record and shouldn't be a CNAME (RFC complaince). That gives you:

mail Host(A) 123.456.789.1
(same as parent folder) Mail Exchanger (MX) mail

Which will sort out inbound mail.

Finally one bit of housekeeping. Are you using your DNS Server for internal Name Resolution? For the sake of Security you shouldn't be - Public Name Servers should just answer for the domains they host. If you want to stop it answering requests other than it's own domain open the properties for the Server, then Advanced and tick Disable Recursion.


Avatar of Matrix1000


Thanks for your reply Chris-Dent ... I know nothing about this kind of thing but I'm trying to learn.

I have a couple of quick questions.... what 'should' I be doing with www and ftp? What would be a better way to do it?

Also to add an MX Record to the Forward Lookup Zone, I right click on the Zone > New Mail Exchanger (MX) >  then what? :P

It says that the 'Host or child domain' ... "in most deployments, the above field is left blank." ?!?
Also It wants me to fill in the 'Fully qualified domain name (FQDN) of mail server'   ..... do I just browse to Server>Forward Lookup Zones> > ns1 ?!?

Thanks! :)

forgot... As far as the MX Record...
I figured out what you were talking about with regards to the 'mail Alias (CNAME)'.... I changed that to 'mail Host(A)' but had an issue when trying to add the new MX Record.

I already have '(same as parent folder)  Alias (CNAME)' so when I try to add the MX record with no 'Host or child domain' entered it give me an error 'A new record cannot be created. Node is a CNAME DNS record.'
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Last question... If I delete

(same as parent folder)  Alias (CNAME)

how is "" resolved.... do visitors always have to type in"

Or I've heard about an "@" record that 'I think does this, is that correct?  Do I just add "@    Alias (CNAME)" ?

@ is the same as (Same as Parent Folder). It's the correct notation for it, MS likes the friendly version instead for the GUI.

(same as parent folder) must be a Host(A) record with the IP Address if you want people to be able to get to

Thanks but I'm having a small issue....

Can you take a look at a continuation of this question please :)'-'-record.html


The answer is most likely as you've been given now.

For any changes to DNS you either need to flush the DNS Cache on your local machine or wait for the TTL (Time To Live) to expire elsewhere (if you're using your ISPs DNS for example).

The TTL is set either on the record or as the default for the zone. The default is normally 1 day, so if you ask your ISPs DNS Server for the answer it will hold onto it and reply from memory for a day. After the day is up it will ask your DNS Server for the answer again - in the meantime if you change the record you'll get the wrong answer from your ISP.