Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


configure DNS to use DSL connection

Posted on 2006-11-03
Medium Priority
Last Modified: 2010-04-18
I need some DNS advice. I have to maintain a small network with one domain server and 8 workstations but am not well trained in domain management. We have migrated from W2000 server to a new server with Small Business Server 2003. We have no web hosting or Exchange service, only the need to access the web for updates and certain business needs. (My protestations that we don’t really need a domain and its headaches have gone up in smoke as WBS2003 seems to install as a domain by default). The office software needs DNS so I have configured a basic DNS and DHCP service. Our internet access is via DSL using a small Cyberguard router assigned a static lan IP outside the DHCP scope. I tried to duplicate our DNS/DHCP settings but since migrating to the new server we cannot access the Internet and at this point, given all the attendant problems of migrating everything, I am so confused I don’t remember quite how I did it before.
When I override the automatic DNS settings on a workstation and assign the Server as primary and list the router IP as the alternate, the workstation can connect to the Internet. Perhaps I listed the router as a secondary DNS server in the W2000 DNS setup but I can’t seem to add another DNS address in the Scope options of the SBS2003. In these scope options, I do list the router as the gateway and it shows up on the workstations when ipconfig is run but it is obviously not enough. I see a place to add a “forwarding” router but I know I didn’t do that in W2000. My basic question is how to set up internet access in my scenario. I am also curious about the DNS entry in the scope options. I listed the Server as the DNS entry. Is this the correct thing to do or is the fact that the server is designated as a DNS server enough? At any rate, it is here that I thought I could add the router IP but the option to add another entry is grayed out.

I also read somewhere that the forward root zone should be deleted if the server was not connected to the Internet directly. This was done on the W2000 server but there is no root zone on SBS2003 except in the cached forward zone folder but I cannot seem do delete any of this stuff (if necessary). Is any of this relevant in my situation? Am I being acceptably coherent?
Question by:jvf
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 16

Accepted Solution

The_Kirschi earned 800 total points
ID: 17872419
Setting only the gateway is not enough because that only tells clients where to route traffic but not how to lookup internet addresses.

One solution would indeed be to set the internal ip address of your DSL Router as a "forwarder", so all dns request that can not be resolved by the SBS will be forwarded to the router and from there to the DNS server of your provider.

The second option, to add a second dns server in the DHCP scope options, would work as well. I have never seen the field to add a second one greyed out. I would assume that is a permission issue. Are you logged on with domain admin rights? You need to put in the ip address first and then the "Add" button will become activated.

Set your SBS as the first DNS so clients will resolve internal addresses and put the ip of your router as secondary DNS server.

Good luck.
LVL 11

Expert Comment

by:Chris Gralike
ID: 17873621
Open the DNS snap-in on the domain controller, select the current dns server in the root of the snap-in. Next select the properties of the DNS server and add the DNS server of your provider into the "forwarding" tab. Next;

DHCP you will prob have to assign additional properties to the DHCP scope. Im not quite sure if you used the wizard to configure it, but as you say.. When you override the client settings internet works. This can be any of two things,

1. The DNS doenst have forwarders assigned or the domain controller doesnt have a gateway address assigned pointing to the DSL router so the root-hints cant be used to resolve unknown addresses using the I-net DNS root servers, or

2. The assigned DNS address, gateway configuration of your dhcp server arnt correct.

Next to that, a domain will almost never mean "headackes" for the one managing the network, contralized administration will help saving you allot of trouble and time. Also the default installed DNS server will enable your comp to enjoy i-net even when the DNS of your provider goes down for any reason. Allot of queries made by the clients are cached in the DNS server so no need to contact any other dns server for these requests, and the dns server is able to resolve allot of addresses using the root hints defaulty configured with windows DNS services.

But plz,

Do check the DHCP settings, specially the "additional properties" like WINS / GATEWAY / Default DNS / Default dns lookup zone etc.

If the problem isnt there, check if the server is able to contact any given Internet IP like google, if so check the forwarder rules defined in the server and see if the DNS servers of your provider are defined there.


Author Comment

ID: 17882639
Hello everyone,
Kirschi, Originally, I believe I had the DSL router set up as the 2nd DNS server. I will go back and look again but I thought even the box to type in the address was grayed out. And yes, I was logged in as administrator at the time.

Chris, it seems you are suggesting setting up the DSL router as a “forwarding” router. Does this mean that in my case the two methods (2nd DNS server vs. forwarding) are equivalent?  

I will visit the site early this week and try again. Thanks
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

LVL 16

Expert Comment

ID: 17883976
I also suggested to set up the DSL router as forwarder as a second possibility.

Both ways have the same effect. When you setup the secondary DNS on the clients to the DSL router they will send their DNS request to the outside (via the Router of course) themselves. Otherwise the SBS would do it for them.

Author Comment

ID: 17884760
Sorry to misinterpret your remarks Kirschi. At first glance I thought your reference to the “internal ip address of your DSL Router’ meant to go into the DSL router itself and somehow configure it there.

Author Comment

ID: 17891491
Thanks Kirschi, you were first to respond and your advice to put in the IP address first to activate the ADD button was correct. From my point of view this “feature” is as idiotic as having to press the SEND button after dialing a number on a cell phone.
In addition to Scope Options, there is also a Server Options folder that seems to contain all the choices as well. What is the purpose of this folder? Is it for configuring the server itself?

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question