• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 279
  • Last Modified:

DNS servers issue and how to properly configure it

We have about 20 clients mostly running Win7.  The server machine runs WinSBS2003.  It manages computers, users and the file server...not much else.  The Router is an ASUS RT-N66U.  This same model router served us for about 2 years then quit about 4 months ago.  I installed another one of the same make and model.  About 4 weeks ago our ISP informed me that they had new DNS servers.  Our router is our local DNS server and holds the DNS IPs.  I checked it and found that it already had the new DNS IPs.  Well, about a week ago we lost internet and I discovered that the problem seemed to be DNS.    Our DNS configuration was setup about 7 years ago before I was much involved in it and knew even less than I know now.  The client computers have been pointing to the server machine for DNS, i.e. in TCPIP properties, preferred DNS is the IP of the server machine.  I believe the server has been pointing to itself as preferred DNS.  I'm told that the server's DNS management utility is the right place to manage DNS, but our router has been doing most of that.  The router has DHCP as well.  The router is the default gateway.  It does actually seem strange to me that the computers' DNS point to the server rather than to the router, seeing it's the router that holds the DNS IPs.  But it's worked for 7 years so we don't argue with success... or do we?

Now back to last week's problem.  I found that when I entered the DNS server IPs directly as preferred and alternate DNS for each computer that the computers accessed internet websites OK.  So that's how I have it now.  But then yesterday I got to thinking about it, and for one test computer I entered the the IP of the router (default gateway) in as the preferred DNS.  That also works.  But I wonder if I'm using a bandaid.  

To add to the confusion, the Android phones quit connecting to wifi.  For some of them, if we set Static IP on we can then enter the DNS IPs into DNS1 and DNS2.  And then it works.  But not all of them work even by doing that.  The iphones work just fine with no change whatsoever.  Anyway we want guests to be able to connect to wifi using only the wifi key.  

But more to the point, what changed?  The original configuration has worked for 7 years including the last 4 months since replacing the router.  What happened differently a week ago?  So that's my issue.
Josh Christie
Josh Christie
2 Solutions
You want your clients to point to your server for DNS and not the router (preferrably, they would also get their addresses from the server via DHCP as well, but that is another topic).  There are many reasons why this is true.

First, from a network browsing standpoint and in the simplest terms, the clients (and server) need to be able to, essentially, build a map of the network landscape.  This map is normally stored (depending upon your setup Workgroup vs. Domain, installed services, etc.) in two or more locations (usually WINS, DNS, ARP, NBT, etc.).  The unfortunate part is that the router cannot build this map internally.  This means that now your clients have to resolve everything and resolving a computer on the network takes time because the query for the target client is sent out to the DNS servers of the ISP and not your internal DNS server.

Second, from a troubleshooting standpoint, it is easier to determine the cause of communication failures on your network.  By having the DNS hosted on the server, you only need to ensure that the server can communicate with the internet which allows for you to troubleshoot communications related errors from a host out perspective rather than from a router/ISP in perspective.  If the server can communicate with the internet, then the client should be able to (so long as it is configured properly).  Otherwise, you troubleshoot why the server cannot communicate with the internet.

Finally, from an best practices standpoint, this is the recommended (and intended purpose) of these services.

As for what changed, most likely the server has the ISP's old DNS servers set in it's configuration (from the sounds of it, on the NIC and not in the DNS forwarders as per best practices).  First, you need to recheck the NIC settings to ensure that the server's IP address (and only the servers IP address unless you have multiple internal DNS servers) is listed as the Primary DNS server.One one of my DNS servers, I has other internal DNS servers set as primary and secondary, but it's own address is used in the DNS resolution list.Then in the DNS Management Console (dnsmgmt.msc I believe), ensure that your DNS server is set with the ISP's DNS Servers as the current DNS Forwarders (I would also add googles public DNS servers [ and] to the list for failover purposes).Capture.JPG
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
What you need to do is go to your DNS server configuration on the server, go to properties, click on Forwarders and enter your ISPs DNS servers here.  This will result in your Windows server forwarding requests it cannot resolve to your ISP.
Josh ChristieAuthor Commented:
Thanks It Saige and Mohammed.  You both had the right answer.  It Saige, your rationale and graphics were impressive.  I realize now that it indeed how it was before.  I had just forgotten that the DNS IPs were in there and how to get there.
DNS should return results for external queries also if you don't define forwarders. As long as you have "root hints" servers defined, it should work.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now