Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

Test lab Domain, DNS and DHCP setup under windows server 2008 R2

I have a requirement to setup a test lab which is actually in my home.  What i require is a unit running Windows Server 2008R2 with AD and DNS services.  The trick here is i am also running it through a cable modem / router.   DHCP would be nice off of the same server but for now it is the Domain / DNS piece i am having trouble with.

Equipment in use:

Windows Server Standard 2008R2 SP1
domain name:testlab.local
IP range from router which is acting as DHCP server right now 192.168.5.15-192.168.5.150
Internal IP of modem / gateway is 192.168.5.1
Real external IP of actual ISP cable modem / router - for this example let's say it is 95.245.160.150 (not real ip)
DNS of isp provider service is available.

I am a completely noob when it comes to DNS and i admit in my type of lab i am not sure what i should be putting in as my DNS entries and i do not understand DNS forwarders.

What i am looking for is either someone tell me what settings i should use for the domain controller static IP.  Currently i am using 192.168.5.4 for the domain static ip and i have the gateway as 192.168.5.1 but what are the proper DNS settings?

Also if i want to add a 2nd server that has a static ip on it what are the settings on it let's say it is 192.168.5.5 as i believe i should now point the DNS to the primary domain/dns server.  If someone can give me an example of DNS settings on that as well?

Lastly what do i need to set under the DNS settings on the DNS server under the domain controller from doing some readnig it appears i may need to put something in as a DNS forwarder.

if my questions do not make complete sense let me know as i mentioned i am terrible in regards to DNS hence this question.

Please help.  Thanks.
0
thinclientguy
Asked:
thinclientguy
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
First, don't overthink it.

Second, Whatever IP you use doesn't matter so long as:
*It is not already in use on the network
*Not a public address or address range (ensuring there are no weird problems at a later date.

In general, I like to designate blocks of IPs for purposes.  Example:
.1-10: Servers
.11-20: Printers
.50-200: Workstations
.240-254: Network devices (routers/switches/etc).

Other addresses can be used for other things - VoIP, etc.  And to be clear, you don't HAVE to do this... but especially if you start managing several networks or subnets, knowing that certain devices always have certain IPs can help ensure you don't screw something up.

As for DNS settings, in an Active Directory domain, it's very simple (while there are technically ways around this, for all but the largest networks and most experienced admins, consider the following the rules you should go by).  All DCs should be DNS servers.  All DCs should point to a common DC for DNS in their TCP/IP settings.  No external DNS servers should be used (except as forwarders in the properties of the DNS Server component of the server - but you don't even have to do this - some people say it's faster to use forwarders, but will a few milliseconds really matter?  Not to me).
0
 
ninjatekCommented:
Great advice by leew!

I have a similar setup, and as long as you have the following details you should be fine:

Your LAB server's DHCP should be giving out:
-the gateway of your Router (192.168.5.1)
-the DNS Server of your LAB Server

Your LAB server's DNS forwarders should be set to either the ISP's DNS Servers, or the Cable modem itself (192.168.5.1). Although it should fail over to Root Hints if it can't find a forwarder.

-Ninjatek
0
 
thinclientguyAuthor Commented:
Thanks for the quick updates.  Can you tell me what i should be putting in the DNS area on the DC unit?  From various things i tried to find i saw the suggestion was to either use 127.0.0.1 so it points back to itself or some people suggested the actual ISP DNS server IP's.

ONce that is done can you confirm that all other units i set a static IP for should be pointing to the ip address of my primary DC / DNS server?  

Also do i have to actually set anything in the DNS forwarders, sounds like it is not necessary but just want to be 100%.

Please advise.  Thanks.
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
> Can you tell me what i should be putting in the DNS area on the DC unit?  
As I said before:
All DCs should point to a common DC for DNS in their TCP/IP settings.  No external DNS servers should be used

Do not use the loopback address - use the server's own IP address.

Stop and think about this logically - again, as I said before, don't over think this:

DNS is used by Windows to locate various resources.  The DCs (and potentially other Windows systems) register these resources when they start up.  So if you don't point all other systems at the DC with DNS setup, how are they going to find these resources?  (This is not a trick question - they can't - or they fail back to other methods and things are slow because of timeouts).  So if you think about this logically, you should know the answer to your question "ONce that is done can you confirm that all other units i set a static IP for should be pointing to the ip address of my primary DC / DNS server?"

As for the forwarders, again, as I said before:
"you don't even have to do this - some people say it's faster to use forwarders, but will a few milliseconds really matter?  Not to me"

(I'm not trying to be a wise-ass, but if you're trying to learn, you need to understand this and apply critical thinking to it... so rather than just telling you, I'm asking you to think about it and answer your own question now that I (hopefully) have given you some necessary information to understand WHY DNS is so important to AD).
0
 
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now