Solved

Replacing Windows DNS with BIND 9 on SBS 2008

Posted on 2012-03-13
6
633 Views
Last Modified: 2012-03-18
Scenario. I have a Windows SBS 2008 server running at home. I have OpenDNS set up, but I only want my kids to be filtered through OpenDNS, so I'm looking into BIND 9, which I have downloaded and set up on my laptop to test.

I successfully have "views" configured using "match-clients", and it works well - with ONE exception. Obviously, SBS has a coulpe of DNS zones for the domain - domain.local and remote.domain.com

For some reason, I can't seem to get BIND working for remote.domain.com

When I ping remote.domain.com I just get a "Ping request could not find host remote.domain.com" message.

I've got two zones listed under each view "domain.local" and "remote.domain.com" - both loading their respective files.

What am I missing?
0
Comment
Question by:Chris Millard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37716747
You can easily split the DNS configuration for your kids to use OpenDNS and you to use your other DNS servers.....

Setup your DHCP server to publish the OpenDNS servers, so when the kids switch on their PC's they get DHCP with the OpenDNS servers.

Configure your own PC/Laptop/whatever with static DNS entries for your other DNS server that you want to use.

Otherwise, I'm not too familiar with BIND, but check if you can configure conditional forwarders to your SBS box for the remote.domain.local zone.
0
 
LVL 17

Author Comment

by:Chris Millard
ID: 37716764
The one thing I wanted to avoid was static entries for DNS. I've got laptops, ipad, phones etc., and I would prefer the BIND DNS option.

I've already got the split working - it's just the remote.domain.com that I can't seem to get at the moment...
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 37716823
Now I'm totally confused....
You have OpenDNS setup and it works.
You only want your kids to use that DNS Server.

So what will you be using for your other devices?
Where are you wanting to use BIND?
How will you get "kid" devices use OpenDNS and "dad" devices use ... whatever solution you want?

The other option is the reverse of my earlier proposal, set the KIDS devices to use statics and DHCP the other options for yourself. Although this suggestion is based on the assumption that the kids only have desktop PC or laptops that don't leave the house.
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 
LVL 17

Author Comment

by:Chris Millard
ID: 37716896
OK - The built-in DNS on my SBS server, forwards all requests to OpenDNS - for ALL client IPs on my network.

By using "Views" in BIND, I can set forwarders for a pre-defined block of client IPs through my ISPs DNS, and anything NOT on that pre-defind list, through OpenDNS. That way my Wife and I can have unrestricted internet usage and all other devices have filtered internet.

The kids have mobile phones with Wi-Fi, and as I mentioned, I don't want to set up ANY static IPs on any device on my network.

BIND also integrates with Active Directory, so once I've got this working 100% on my test machine (I'm running BIND on my laptop at the moment), then I'll replace the Microsoft DNS with BIND because it's more configurable.

I have everything working except for this extra zone for the SBS "remote.domain.com" zone.
0
 
LVL 17

Accepted Solution

by:
Chris Millard earned 0 total points
ID: 37717450
OK - I've got this sorted 100% now.  Although it should have been allowed, I've had to replace the @ symbol at the SOA record for the zone domain name remote.domain.com
0
 
LVL 17

Author Closing Comment

by:Chris Millard
ID: 37734443
I found my own solution to the problem
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In-place Upgrading Dirsync to Azure AD Connect
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question