Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Better DNS configurations for my network

Posted on 2010-11-09
9
Medium Priority
?
755 Views
Last Modified: 2012-05-10
Dear Sir
i want to ask yyu about the better DNS configuration for my network because sometimes the  internet connection became very slow without any reason .
The topology of my network:
1- internet modem with 192.168.100.1 as IP
2- HP server with windows server 2008 installed in it with the Forefront TMG , with 2 NIC
 a- external NIC with 192.168.100.5 as ip address , 192.168.100.1 as gateway
 b- internal NIC with 192.168.0.1 as ip address , 192.168.0.3 as primary DNS server , 192.168.0.5 as secondary dns server
3- 2 serves with windows server 2008 installed, with role is DNS server
first one has 192.168.0.3 as ip , 192.168.0.1 as gateway , 192.168.0.3 and 192.168.0.5 as dns server
secnd one has 192.168.0.5 as ip , 192.168.0.1 as gateway , 192.168.0.3 and 192.168.0.5 as dns
4- all the clients have 192.168.0.1 as gateway and 192.168.0.3 as primary dns and 192.168.0.5 as secondary dns server

What the better configuration for the external and internal NIC to the hp server

Regards
0
Comment
Question by:spring80
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
9 Comments
 
LVL 8

Expert Comment

by:rjwesley
ID: 34095786
I'd setup the modem in bridge mode and set your external NIC as the WAN configuration. That's based on my experience with ISA.

Are you using DNS forwarders on both DNS servers? Where you could probably use public dns servers such as 8.8.8.8 and 4.2.2.2 and 4.2.2.1

Rob
0
 

Author Comment

by:spring80
ID: 34097089
can you tell me the step to configure the dns forwarders ?? and what the advantages of that
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:spring80
ID: 34097306
ok i check the url ,but what the better dns server to use as dns forwarder ??
i know 208.67.222.222 and 208.67.220.220
is there somthing better??
0
 

Author Comment

by:spring80
ID: 34097373
what should i configure the external NIC??
should i enter 192.168.0.3 and 192.168.0.5 (the ip of dns server) in the configuration for the external nic ??
or using 192.168.100.1 (the ip of the internet modem )
??
Regards
0
 
LVL 7

Expert Comment

by:Mohamed Khairy
ID: 34098766
Hi Spring80:

If you are going to use a Forwarder, you must make sure that the Forwarder is always available, no matter which internet connection you use because some ISPs block access to their DNS servers unless you are connecting from one of their IP addresses.

Also, You must be sure the they doesn't plan on changing their DNS infrastructure by decommissioning old name servers, deploying new ones, or changing the IP addresses of existing ones because If they do change their infrastructure and don't inform you of this, then your name server may suddenly find itself forwarding queries to non-existing name servers resulting in failed name queries and frustrated users flooding help desk with calls.

In this case I think that it's too much better to not use forwarders at all and let your DNS server use the default Root Hint.

http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
0
 

Author Comment

by:spring80
ID: 34099588
ok i understand ,but now what should the better configuration for the external nic for my hp server
is it 192.168.0.3 ,192.168.0.5 as my dns server
or 192.168.100.1 as my internet modem ??

Regards
0
 
LVL 7

Accepted Solution

by:
Mohamed Khairy earned 2000 total points
ID: 34100484
What about yourT MG ? is it joined to the domain or workgroup?

You should use the inrternal DNS servers 192.168.0.3 and 192.168.0.5 as your primary and secondary DNS after configuring your DNS servers to use forwarders  options because this will speed up and improve the naming resolution process as described in this article:

http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html

Also checkout this article that explain the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG).

http://www.experts-exchange.com/Microsoft/Windows_Security/A_1477-Configuring-ISA-2004-2006-Forefront-Threat-Management-Gateway-for-basic-networking-and-DNS-settings.html
0
 

Author Closing Comment

by:spring80
ID: 34101811
Very helpful
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question