Having Trouble Linking DNS Servers

I have an AD domain setup on my network. I am very new to this so please bear with me. If I use 192.168.1.2, my AD DNS server, as the DNS server that clients use, then I am not able to connect to the internet. In fact, I seem to have DNS errors when connecting to that server as well. If I manually put in the DNS servers of my ISP, I have no problem connecting to the internet. I am also able to connect to the server and view files from both workstations. Could someone please help me fix my network? It has to be something with DNS, but I can't find out what exactly is wrong.

Cheeblie

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

RussS

Always a fun issue.

DNS is based on resource records that contain info on specific machines on a network. Your DNS server will have the info on your machines, but will not realistically be an authoritive DNS machine for the internet.

All ISPs have DNS servers and in most cases a client system is automatically configured to use them when connecting to the provider. Your system is connected to the ISP and has their DNS info. To share your connection with your network you must configure the client systems with the DNS server addresses manually or by using DHCP. Internet client systems use DNS to resolve the internet server names against IP addresses, but if you are running a Web or FTP server then you will need to configure your records with the applicable data.

When running your own fully qualified DNS server you will need a registered IP address so that it is visable on the internet. Therefore most admin on smaller networks just usually use the assigned DNS server addresses from your Internet Provider.

cheeblie

Well, since Active Directory requires a domain DNS server, how should I go about getting this to work?

Cheeblie

RussS

grrrr - now I forget .... lol

I am afraid that my brain is a fuzzy mush after a long workout at the gym and a bottle of vino with dinner. I'ts damn near midnite so I will hit the sack and fire you off an answer first thing in the morning if nobody else gives you the correct info.

Sorry dood, but all I am doing is confusing myself right now

Webmaster

I guess you know now (because of RussS' explanation) why it doesn't work: your DNS server does not host records for public domains, so your server simply doesn't know the IP address of the websites you want to access. I think RussS is confusing himself with using DNS to find something and to be found. You (at home or in a company) only need to use DNS to find something (the IP address of websites), only ISPs (or companies that really want to host their own records for their own public domains) have a public server. Such a server shares it's info with other public DNS servers... anyway, back to your problem...: there are several solutions, but here's two that will do:

- configure your DNS server to forward requests to a public DNS server (so it will act kinda like a DNS proxy).
- OR: configure the Preferred DNS in the TCP/IP props of your clients with the IP of your DNS server (which you need for ADS...) and configure the Alternate DNS server with the IP of your ISP's DNS server. (Or click the Advanced button, then the DNS tab and specify even more...) (Note, I think this works in XP, else you'll have to go with the first option.)

For more details:

www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/tcpip/part2/tcpch05.asp

I hope this helps, good luck!

cheeblie

Yikes! Thanks for the link to that article. I'll try to do what you said, but I don't know how to forward the requests. This may take a while, especially considering how tired I am at the moment.

Cheeblie

Webmaster

Your welcome

Don't let the overwelming amount of info scare you, just start reading it and it will all make sense (especially learn the differences between Iterative and Recursive Queries...). Since it is the naming system in current Windows version, you will benifit a lot from trying to work things out like you do... DNS is part of most common MCSE exams so it'll proof to be worth your time and effort.

cheeblie

Yeah I plan on reading both of those chapters on DNS. I'm already starting to stray from the Exam Cram books, and I like it!

I'm now looking into more in-depth books from O'Reilly and Sybex. I used to hate to read, but now I love it! I learn so much!

Cheeblie

Webmaster

Enjoying it is the most important thing

You'll get a whole new perspective about the Internet and large internetworks once you get a clear and complete understanding of DNS

RussS

Thanks webmaster ... half a bottle of wine with dinner after a 3 hr workout does absolutely NOTHING for retaining concentration ... lol

Drakonblayde

Windows DNS is a royal pain in the behind. It is so much easier to use bind. I am not looking forward to changing my home network over to a domain model and having to hand AD my DNS tasks, but that's the way the game is played /grumble. As long as I can leave my Linux box handling my ip forwarding and NAT, I'll be happy though

cheeblie

Ok, I think I found part of the problem. I don't quite understand everything but I know that I cannot add a DNS forwarder. This is the box I get:

So it appears as though the problem is that my DNS server is a root server. I'm very confused. Help me Webmaster!

Cheeblie

Webmaster

I'll save the explanation for the DNS TechNotes I'll write some day, but forwarding is done to a root server not from a root server. Your server is currently at the top in the DNS hierarchie so there isn't much to forward to

Anyway, run this: dnscmd /ZoneDelete . /DsDel at the command prompt and try again. (or use DNS manager to delete the . zone and try again.)

Drakonblayde wrote:

It is so much easier to use bind

That's why is it so much more fun to use DNS

Good luck Cheeblie, let me know how it works out.

cheeblie

Yeah, that worked. As soon as I deleted the .(root) zone all is well. If anyone has the same problem refer to this article http://support.microsoft.com/default.aspx?scid=kb;en-us;Q300202&sd=tech. It has all you need to know.

Cheeblie

Webmaster

Great.

Good article, it does explain everything you need to know for his setup.

3th Dimensoin Dweller

I was reading this info and had seen it before, but I'm not sure I want to use this solution.

When I remove my root DNS than I get a warning that this will have a impact on the Active Directory.
Wat is the impact? I'm afraid that I will kill my AD and that can not happen. Than my hole network will crash down.

Many thanks for your help so far.

Greetings

3th Dimension Dweller