Solved

DNS servers issue and how to properly configure it

Posted on 2015-02-06
4
261 Views
Last Modified: 2015-02-06
We have about 20 clients mostly running Win7.  The server machine runs WinSBS2003.  It manages computers, users and the file server...not much else.  The Router is an ASUS RT-N66U.  This same model router served us for about 2 years then quit about 4 months ago.  I installed another one of the same make and model.  About 4 weeks ago our ISP informed me that they had new DNS servers.  Our router is our local DNS server and holds the DNS IPs.  I checked it and found that it already had the new DNS IPs.  Well, about a week ago we lost internet and I discovered that the problem seemed to be DNS.    Our DNS configuration was setup about 7 years ago before I was much involved in it and knew even less than I know now.  The client computers have been pointing to the server machine for DNS, i.e. in TCPIP properties, preferred DNS is the IP of the server machine.  I believe the server has been pointing to itself as preferred DNS.  I'm told that the server's DNS management utility is the right place to manage DNS, but our router has been doing most of that.  The router has DHCP as well.  The router is the default gateway.  It does actually seem strange to me that the computers' DNS point to the server rather than to the router, seeing it's the router that holds the DNS IPs.  But it's worked for 7 years so we don't argue with success... or do we?

Now back to last week's problem.  I found that when I entered the DNS server IPs directly as preferred and alternate DNS for each computer that the computers accessed internet websites OK.  So that's how I have it now.  But then yesterday I got to thinking about it, and for one test computer I entered the the IP of the router (default gateway) in as the preferred DNS.  That also works.  But I wonder if I'm using a bandaid.  

To add to the confusion, the Android phones quit connecting to wifi.  For some of them, if we set Static IP on we can then enter the DNS IPs into DNS1 and DNS2.  And then it works.  But not all of them work even by doing that.  The iphones work just fine with no change whatsoever.  Anyway we want guests to be able to connect to wifi using only the wifi key.  

But more to the point, what changed?  The original configuration has worked for 7 years including the last 4 months since replacing the router.  What happened differently a week ago?  So that's my issue.
0
Comment
Question by:Josh Christie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 34

Accepted Solution

by:
it_saige earned 350 total points
ID: 40593865
You want your clients to point to your server for DNS and not the router (preferrably, they would also get their addresses from the server via DHCP as well, but that is another topic).  There are many reasons why this is true.

First, from a network browsing standpoint and in the simplest terms, the clients (and server) need to be able to, essentially, build a map of the network landscape.  This map is normally stored (depending upon your setup Workgroup vs. Domain, installed services, etc.) in two or more locations (usually WINS, DNS, ARP, NBT, etc.).  The unfortunate part is that the router cannot build this map internally.  This means that now your clients have to resolve everything and resolving a computer on the network takes time because the query for the target client is sent out to the DNS servers of the ISP and not your internal DNS server.

Second, from a troubleshooting standpoint, it is easier to determine the cause of communication failures on your network.  By having the DNS hosted on the server, you only need to ensure that the server can communicate with the internet which allows for you to troubleshoot communications related errors from a host out perspective rather than from a router/ISP in perspective.  If the server can communicate with the internet, then the client should be able to (so long as it is configured properly).  Otherwise, you troubleshoot why the server cannot communicate with the internet.

Finally, from an best practices standpoint, this is the recommended (and intended purpose) of these services.

As for what changed, most likely the server has the ISP's old DNS servers set in it's configuration (from the sounds of it, on the NIC and not in the DNS forwarders as per best practices).  First, you need to recheck the NIC settings to ensure that the server's IP address (and only the servers IP address unless you have multiple internal DNS servers) is listed as the Primary DNS server.One one of my DNS servers, I has other internal DNS servers set as primary and secondary, but it's own address is used in the DNS resolution list.Then in the DNS Management Console (dnsmgmt.msc I believe), ensure that your DNS server is set with the ISP's DNS Servers as the current DNS Forwarders (I would also add googles public DNS servers [8.8.8.8 and 8.8.4.4] to the list for failover purposes).Capture.JPG
-saige-
0
 
LVL 25

Assisted Solution

by:Mohammed Khawaja
Mohammed Khawaja earned 150 total points
ID: 40593900
What you need to do is go to your DNS server configuration on the server, go to properties, click on Forwarders and enter your ISPs DNS servers here.  This will result in your Windows server forwarding requests it cannot resolve to your ISP.
0
 

Author Closing Comment

by:Josh Christie
ID: 40594219
Thanks It Saige and Mohammed.  You both had the right answer.  It Saige, your rationale and graphics were impressive.  I realize now that it indeed how it was before.  I had just forgotten that the DNS IPs were in there and how to get there.
0
 
LVL 6

Expert Comment

by:Matt
ID: 40594244
DNS should return results for external queries also if you don't define forwarders. As long as you have "root hints" servers defined, it should work.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Provide internet access from one windows PC to another 16 139
SSL-VPN 1 85
exchange, IIS, AUTODISCOVER, OWA 18 53
Exchange server take over 4 41
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

731 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question