Domain controller

my domain just have 1 enabled nic
with the ip and mask , and local dns

i have a unix servers working like gateway working just for that....

Does your domain controller also share the Internet connection to your lan?

no just use 0ne of the gateways for AV updated and Windows Updates once a month...

Lost me, you say when you remove the gateway from the config, your users lose internet connection. Now I asked you if your Domain Controller is sharing its internet connection with the lan you said no as above so what server is your IIS services running on to share the internet with the lan?

checking notes from 4 months back my domain controller does not have gateway but since 2 months have gateway .... like i said my domain just handle local dns, dhcp and policy for users. now when i go to take that gateway out of the domain some of my clients lost the internet and in other computers just go to SLOW and very very slow... i don't understand what is going on...
i don't remember to configure something like sharing internet or something like that...

in other clients which are not allow to use internet .. without any kind of configuration , have internet ... when i go to one of those clients says gateway 10.0.0.200 , where those clients get that gateway info from?

yes but only for local ... the gateways have their own dns ip's from the providers...example im from costa rica so those gateway servers have 2 or 3 costarican dns ip's configured but those dns ip's are set up only in the gateway servers...
DC - 10.0.0.1
BDC - 10.0.0.2
Gateway1 - 10.0.0.200
Gateway2 - 10.0.0.201
Gateway3 - 10.0.0.202
Gateway4 - 10.0.0.203
Proxy - 10.0.0.204

so all pc's have dns 10.0.0.1 and 10.0.0.2
and the allowed internet computers have Gateway 10.0.0.202 manually configured...

the ones not internet allowed have 10.0.0.200 automatic configured... how is that possible?
somebody change something in my server ? but what?

the question i have is my restricted internet clients when i make ipconfig show's me an gateway ip address , where those clients take that information.

The trick here is that if your clients are set to use your DC as DNS and the DCs don't have internet access your clients will not be able to resolve any non local DNS names regardless of what DNS servers you have set up on your gateways. The clients will not query their default gateway for DNS info unless told to do so.

If you have more than 1 DNS server listed in your client DNS settings, it will only go to the second one if the first one doesn't respond to the DNS query. If it connects to the first one and the first one, in this case the DC, can't resolve it, the DC responds that it can't find it. Since the client received a response, it doesn't try any more DNS servers.

So if you have an internet allowed client with 10.0.0.1, 10.0.0.2, and 10.0.0.202 set as the DNS servers, it will only use 10.0.0.202 if there is no response from the first two.

As far as the unexplained gateway address, check the IP settings on the client. I have seen manual settings stick after changing the client to DHCP.