Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Replacing Windows DNS with BIND 9 on SBS 2008

Posted on 2012-03-13
6
Medium Priority
?
635 Views
Last Modified: 2012-03-18
Scenario. I have a Windows SBS 2008 server running at home. I have OpenDNS set up, but I only want my kids to be filtered through OpenDNS, so I'm looking into BIND 9, which I have downloaded and set up on my laptop to test.

I successfully have "views" configured using "match-clients", and it works well - with ONE exception. Obviously, SBS has a coulpe of DNS zones for the domain - domain.local and remote.domain.com

For some reason, I can't seem to get BIND working for remote.domain.com

When I ping remote.domain.com I just get a "Ping request could not find host remote.domain.com" message.

I've got two zones listed under each view "domain.local" and "remote.domain.com" - both loading their respective files.

What am I missing?
0
Comment
Question by:Chris Millard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37716747
You can easily split the DNS configuration for your kids to use OpenDNS and you to use your other DNS servers.....

Setup your DHCP server to publish the OpenDNS servers, so when the kids switch on their PC's they get DHCP with the OpenDNS servers.

Configure your own PC/Laptop/whatever with static DNS entries for your other DNS server that you want to use.

Otherwise, I'm not too familiar with BIND, but check if you can configure conditional forwarders to your SBS box for the remote.domain.local zone.
0
 
LVL 17

Author Comment

by:Chris Millard
ID: 37716764
The one thing I wanted to avoid was static entries for DNS. I've got laptops, ipad, phones etc., and I would prefer the BIND DNS option.

I've already got the split working - it's just the remote.domain.com that I can't seem to get at the moment...
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37716823
Now I'm totally confused....
You have OpenDNS setup and it works.
You only want your kids to use that DNS Server.

So what will you be using for your other devices?
Where are you wanting to use BIND?
How will you get "kid" devices use OpenDNS and "dad" devices use ... whatever solution you want?

The other option is the reverse of my earlier proposal, set the KIDS devices to use statics and DHCP the other options for yourself. Although this suggestion is based on the assumption that the kids only have desktop PC or laptops that don't leave the house.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
LVL 17

Author Comment

by:Chris Millard
ID: 37716896
OK - The built-in DNS on my SBS server, forwards all requests to OpenDNS - for ALL client IPs on my network.

By using "Views" in BIND, I can set forwarders for a pre-defined block of client IPs through my ISPs DNS, and anything NOT on that pre-defind list, through OpenDNS. That way my Wife and I can have unrestricted internet usage and all other devices have filtered internet.

The kids have mobile phones with Wi-Fi, and as I mentioned, I don't want to set up ANY static IPs on any device on my network.

BIND also integrates with Active Directory, so once I've got this working 100% on my test machine (I'm running BIND on my laptop at the moment), then I'll replace the Microsoft DNS with BIND because it's more configurable.

I have everything working except for this extra zone for the SBS "remote.domain.com" zone.
0
 
LVL 17

Accepted Solution

by:
Chris Millard earned 0 total points
ID: 37717450
OK - I've got this sorted 100% now.  Although it should have been allowed, I've had to replace the @ symbol at the SOA record for the zone domain name remote.domain.com
0
 
LVL 17

Author Closing Comment

by:Chris Millard
ID: 37734443
I found my own solution to the problem
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question