Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

DNS Forwarder in Windows 2008

Posted on 2008-10-10
11
Medium Priority
?
5,176 Views
Last Modified: 2010-12-12
I am creating a totally new forrest, basing it off of my current domain, and I am unable to figure out how DNS is working on the current domain. I would assume that you must set up a DNS Forwarder to allow clients to resolve external names. Currently, in the working domain, there aren't any forwarders set up on any of the DC's. The NIC's all point to themselves for DNS, which I understand to be the correct way of doing things. So how is it that they are able to resolve anything on the external side?
0
Comment
Question by:bkrontz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 12

Expert Comment

by:michaelgoldsmith
ID: 22689983
In Administrative Tools > DNS you can see the forwarders that DNS is using to route traffic to the internet. These are usually provided by your ISP.
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22689992
you must check on your dns server, right click , properties, forwarders tab...
0
 
LVL 1

Author Comment

by:bkrontz
ID: 22690006
I'm sorry, maybe I didn't explain this well. On the Forwarder Tab, there isn't anything there for all of my DC's... hence my confusion.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 22690085

> So how is it that they are able to resolve anything on the external side?

Root Hints :)

Each DNS server can resolve names without Forwarders by performing an iterative query starting with the Root DNS servers and working down.

When you configure a Forwarder you hand off that work to another DNS server and just wait for an answer.

Chris
0
 
LVL 2

Expert Comment

by:Matt1705
ID: 22690086
DNS servers don't need forwarders to work and by default there aren't any.  They are configured to query the root dns servers on the internet.  You don't need to worry about this if you don't have any defined.
0
 
LVL 12

Expert Comment

by:michaelgoldsmith
ID: 22690122
Root Hints will resolve everything.
0
 
LVL 1

Author Closing Comment

by:bkrontz
ID: 31505157
Thanks!!!!!
0
 

Expert Comment

by:cameramonkey
ID: 23602005
Michaelgoldsmith: are you sure root hints will resolve everything?

I am experiencing the same thing with my new 2008 DNS server. Its set with the root hints in the list, and recursion/forwarders are disabled. If I try to resolve anything outside the domains that the server has records for, it just returns the "bad error value" when you try to do an nslookup.

Ideas?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 23602058

You won't resolve anything outside of local zones if you disable Recursion... Root Hints are used when performing a recursive query on behalf of a client.

Chris
0
 

Expert Comment

by:cameramonkey
ID: 23602543
IC. Even if I set a device with that server as the primary DNS, when a client tries to resolve, it just gets an unknown domain error. it wont even try the secondary server.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 23602591

Correct.

NXDomain (does not exist) is considered a good and valid response from a DNS server, only a time-out waiting for a response would cause the client to use any alternate DNS server configured in TCP/IP settings.

Chris
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question