Link to home
Start Free TrialLog in
Avatar of Brian
BrianFlag for United States of America

asked on

DNS noob

I'm not too familiar with setting up DNS servers. I have a DC at home running Windows Server 2003 and can't seem to get my DNS working properly. NSLOOKUP always fails and returns "unknown" domain, etc. I have the DNS server sending packets to itself (Event 7062), so obviously something is configured incorrectly. I've found plenty of stuff telling me WHAT DNS is and what it's for, etc, etc. But nothing tells me HOW to configure it. I have no website I'm planning to host for the time being. Just trying to set this up for my own edification. Do I have to register the domain in order to get this to work internally? When I setup the DNS server I go thru the wizard that MS provides and it seems straightforward but then I get wierd error msgs (like the one above) and things don't seem to work. Any help is appreciated.
Avatar of Steve Knight
Steve Knight
Flag of United Kingdom of Great Britain and Northern Ireland image

OK.  Your DNS settings in TCPIP should point only to itself via it's LAN address (some people say 127.0.0.1 but others say to use actualy address, I use the actual address).
Im the forwarders tab of your DNS server the easiest bet is to enter there two of your ISP's DNS server addresses.
That should be just about it.
If you are running a domain DNS should have a zone (generally AD integrated) for your Active Directory.  When you DCPROMO into a DC it will do all this for you.

Anythign I've missed?
Steve
ASKER CERTIFIED SOLUTION
Avatar of Steve Knight
Steve Knight
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of SeriousScott
SeriousScott

I agree with Steve, I always use the servers actual NIC address as well. To add to Steve's thoughts, you might also want to make sure your client is looking for DNS in the right place. This really only matters if your network clients are automatically getting an address from a DHCP server.  Go to the command prompt and type IPCONFIG /ALL and see what DNS server your client has picked up. Make sure its actually the address of the NIC where your DNS server is located.  A typo in the DNS line of your DHCP server can mess you up and be hard to catch.
Avatar of Brian

ASKER

I've read that before about getting my ISP's DNS server addresses. How do I find those?
Ask your ISP, or if you have a router or dialup connection etc. with them which is set to get address automatically then it will get some addresses -- check in your routers config. pages for instance.   If your router is acting as a DNS proxy (many home / small office type routers do as standard) then you can point the forwarders to that instead, but ideally directly out to an ISP's one.  If in doubt you can use another dns server on the internet, e.g. there are well known ones that work.  You may find something obvious like ns.yourisp.net or ns.yourisp.com gives you an address to try but they may suggest different DNS servers for their DSL, dialup etc. customers because of different networks they are on at the ISP.

In theory you don't need these as there is a system called root hints (you will see another tab which defines these in the DNS server properties) which can be used instead -- your DNS server queries those which point it elsewhere until it gets to the server which is authorative for the domain you are asking for.  Easier and quicker generally to use a forwarder to the ISP and let them do the rest, and many lookups will already be cached at the ISP anyway.

One other issue you may have, if you have a zone called just "." showing up in DNS then this needs to be deleted.

Steve

Avatar of Brian

ASKER

Alright...I was able to get my ISP DNS server addresses. I added them as forwaders like you said. When I ran NSLookup at first it gave me the "local host" until I changed the DNS info on the LAN connection. When I changed the default DNS to the actual LAN IP then it gives me - "Can't find server name for address 192.168.0.200: Non-existent domain. Default Server: Unknown Address:192.168.0.200.

When I query NSLookup using the servers IP (im doing this FROM the server) all it gives me is Server: Unknown Address: 192.168.0.200 ***Unknown: Can't find 192/168.0.200: Non-existent domain

BUT, when I query nslookup using the servers name (instead of the IP as above) I get - Server: Unknown Address: 192.168.0.200 Name: MASTERDC.LCP.LOCAL Address: 192.168.0.200

So I'm guessing it has to do with the Reverse Lookup. I don't know what I'm doing wrong with it though. The "wizard" doesn't give me much info.


**EDIT** Ok, strange. I had a hunch (or rather just blind luck?) and added a pointer in the Reverse lookup zone and entered the servers name/ip info. Now it seems to resolve both ways. Can anyone shed some more light here so I can at least come out of the dark?
Are you saying nslookup won't resolve other addresses or just that it returns that error, if so yes as I said before you just need to reverse lookup whatever is being used as a dns server as it tries to show you the name.  

I just suggested making sure you have a reverse lookup zone which I guess you now have, or already had but with missing PTR record.

That does not stop DNS working to resolve addresses though so does it work now, and if not what isn't  working?

Steve
Avatar of Brian

ASKER

It looks to be working now. But what I don't get is why did I have to go in and enter the PTR manually? Shouldn't the "wizard" have done that for me?
Thanks for the points etc.  Sorry had not seen the above comment.  When you create an A record if you tick the "Create PTR" record entry it should create the reverse record but if this device probably registered it's own address in DNS and if there was no suitable reverse lookup zone when it was created it would not be able to create the PTR record.

Other than that , could have been a lot of things, possibly if the server had it's DNS set to 127.0.0.1 or an ISP's DNS server then it would not have been able to register itself for instance.