configure DNS to use DSL connection

Posted on 2006-11-03
Last Modified: 2010-04-18
I need some DNS advice. I have to maintain a small network with one domain server and 8 workstations but am not well trained in domain management. We have migrated from W2000 server to a new server with Small Business Server 2003. We have no web hosting or Exchange service, only the need to access the web for updates and certain business needs. (My protestations that we don’t really need a domain and its headaches have gone up in smoke as WBS2003 seems to install as a domain by default). The office software needs DNS so I have configured a basic DNS and DHCP service. Our internet access is via DSL using a small Cyberguard router assigned a static lan IP outside the DHCP scope. I tried to duplicate our DNS/DHCP settings but since migrating to the new server we cannot access the Internet and at this point, given all the attendant problems of migrating everything, I am so confused I don’t remember quite how I did it before.
When I override the automatic DNS settings on a workstation and assign the Server as primary and list the router IP as the alternate, the workstation can connect to the Internet. Perhaps I listed the router as a secondary DNS server in the W2000 DNS setup but I can’t seem to add another DNS address in the Scope options of the SBS2003. In these scope options, I do list the router as the gateway and it shows up on the workstations when ipconfig is run but it is obviously not enough. I see a place to add a “forwarding” router but I know I didn’t do that in W2000. My basic question is how to set up internet access in my scenario. I am also curious about the DNS entry in the scope options. I listed the Server as the DNS entry. Is this the correct thing to do or is the fact that the server is designated as a DNS server enough? At any rate, it is here that I thought I could add the router IP but the option to add another entry is grayed out.

I also read somewhere that the forward root zone should be deleted if the server was not connected to the Internet directly. This was done on the W2000 server but there is no root zone on SBS2003 except in the cached forward zone folder but I cannot seem do delete any of this stuff (if necessary). Is any of this relevant in my situation? Am I being acceptably coherent?
Question by:jvf
  • 3
  • 2
LVL 16

Accepted Solution

The_Kirschi earned 200 total points
ID: 17872419
Setting only the gateway is not enough because that only tells clients where to route traffic but not how to lookup internet addresses.

One solution would indeed be to set the internal ip address of your DSL Router as a "forwarder", so all dns request that can not be resolved by the SBS will be forwarded to the router and from there to the DNS server of your provider.

The second option, to add a second dns server in the DHCP scope options, would work as well. I have never seen the field to add a second one greyed out. I would assume that is a permission issue. Are you logged on with domain admin rights? You need to put in the ip address first and then the "Add" button will become activated.

Set your SBS as the first DNS so clients will resolve internal addresses and put the ip of your router as secondary DNS server.

Good luck.
LVL 10

Expert Comment

ID: 17873621
Open the DNS snap-in on the domain controller, select the current dns server in the root of the snap-in. Next select the properties of the DNS server and add the DNS server of your provider into the "forwarding" tab. Next;

DHCP you will prob have to assign additional properties to the DHCP scope. Im not quite sure if you used the wizard to configure it, but as you say.. When you override the client settings internet works. This can be any of two things,

1. The DNS doenst have forwarders assigned or the domain controller doesnt have a gateway address assigned pointing to the DSL router so the root-hints cant be used to resolve unknown addresses using the I-net DNS root servers, or

2. The assigned DNS address, gateway configuration of your dhcp server arnt correct.

Next to that, a domain will almost never mean "headackes" for the one managing the network, contralized administration will help saving you allot of trouble and time. Also the default installed DNS server will enable your comp to enjoy i-net even when the DNS of your provider goes down for any reason. Allot of queries made by the clients are cached in the DNS server so no need to contact any other dns server for these requests, and the dns server is able to resolve allot of addresses using the root hints defaulty configured with windows DNS services.

But plz,

Do check the DHCP settings, specially the "additional properties" like WINS / GATEWAY / Default DNS / Default dns lookup zone etc.

If the problem isnt there, check if the server is able to contact any given Internet IP like google, if so check the forwarder rules defined in the server and see if the DNS servers of your provider are defined there.


Author Comment

ID: 17882639
Hello everyone,
Kirschi, Originally, I believe I had the DSL router set up as the 2nd DNS server. I will go back and look again but I thought even the box to type in the address was grayed out. And yes, I was logged in as administrator at the time.

Chris, it seems you are suggesting setting up the DSL router as a “forwarding” router. Does this mean that in my case the two methods (2nd DNS server vs. forwarding) are equivalent?  

I will visit the site early this week and try again. Thanks
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

LVL 16

Expert Comment

ID: 17883976
I also suggested to set up the DSL router as forwarder as a second possibility.

Both ways have the same effect. When you setup the secondary DNS on the clients to the DSL router they will send their DNS request to the outside (via the Router of course) themselves. Otherwise the SBS would do it for them.

Author Comment

ID: 17884760
Sorry to misinterpret your remarks Kirschi. At first glance I thought your reference to the “internal ip address of your DSL Router’ meant to go into the DSL router itself and somehow configure it there.

Author Comment

ID: 17891491
Thanks Kirschi, you were first to respond and your advice to put in the IP address first to activate the ADD button was correct. From my point of view this “feature” is as idiotic as having to press the SEND button after dialing a number on a cell phone.
In addition to Scope Options, there is also a Server Options folder that seems to contain all the choices as well. What is the purpose of this folder? Is it for configuring the server itself?

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question