General discussion

Locked

DNS configuration for single server LAN

By Todd O. ·
I want to get DNS working on my LAN, which includes some downlevel clients and a single Windows 2000 Server. I set up the namespace to reflect my registered internet domain name and made the local domain a child of the registered domain (e.g., lan.registeredname.com). Active Directory, WINS and DHCP are active and clients can browse the LAN, but the Win2K Server's DNS doesn't resolve names out on the internet.

The Win2K Server itself is able to browse the internet because it has a DSL router, which is performing NAT, assigned as both a gateway and a DNS server.
I have no proxy server. I expect to install Exchange 2000 on the same machine that is running Windows 2000 Server soon. Eventually, I might host a web site on my server, butright now my web site is hosted by my ISP, which also hosts the authoratative name servers associated with my registered domain name.

I don't mind if the local DNS server gets confused when clients on the LAN try to hit portions of my registered namespace that lie outside my firewall, so long as the clients can get names resolved for the rest of the internet.

Ideally, I would like the DNS to recognize its start of authority at lan.registeredname.com, but by default it sees its start of authority at the root level. If it would just take responsibility for addresses on the LAN and pass everything else to the DSL/Ethernet router, which in turn queries my ISP's DNS servers, it seems like everything should work fine.

The other issue Iam unsure of is how to set up replication given that I only have one DNS server and it really doesn't control anything other than the LAN.

So to boil it down, my questions are:

1. How can I set up my DNS so that it will server Windows 2000 andWindows 9x clients on my LAN?

2. How should I configure replication so that my solo DNS server gets the information it needs but does not become a problem on the internet?

This conversation is currently closed to new comments.

11 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

DNS configuration for single server LAN

by cavedweller In reply to DNS configuration for sin ...

Point your clients to your local dns server. Setup your dns server to "forward" to your isp's server.

Collapse -

DNS configuration for single server LAN

by Todd O. In reply to DNS configuration for sin ...

My DNS server is my one and only domain controller. As such, its start of authority begins at the root leve, which means it cannot be configured for forwarding. If there is a way to actually implement your idea, feel free to explain: I'll try itand award the points to you if it works.

Collapse -

DNS configuration for single server LAN

by Frobo In reply to DNS configuration for sin ...

Hi Todd,

their are two Methods of configuring DNS for your office. The first Method is, like you set it up, the user has to know only one namespace for intra and internet use. This method is extremly heavy to administer, you must configure your firewall espically so no dns traffic from inside goes to outside, since your using the offical root-level Domain and your not registred.

The other method is much simpler to administer, but the user had to recognize two diffrent Namespaces. Create a new Zonefile naming like .INTR for your intranet and configure the forwarder, an DNS-Server from your ISP. Create a Domain you like MYOFFICE, so your DNS looks like MYoffice.intr .

regards

Frobo

Collapse -

DNS configuration for single server LAN

by Todd O. In reply to DNS configuration for sin ...

I am probably missing something, but, as I mentioned in response to the first suggestion, I am unable to set forwarding on the DNS service because is has root level authority. I think I need a little more detail to understand how to make use of yoursuggestion. Can you point me to any information on splitting up the zone so that my DNS server does not have root level authority, which it has by default, so I can try the rest of your idea? I know next to nothing about configuring zones of authority. Thanks.

Collapse -

DNS configuration for single server LAN

by erikbutler In reply to DNS configuration for sin ...

DHCP does not play well with NAT i would recommend you disable it on your router then follow te first post

Collapse -

DNS configuration for single server LAN

by Todd O. In reply to DNS configuration for sin ...

DHCP is important on a network with downlevel clients because it works with the DNS server to populate the WINS table automatically. It also makes management of the network much easier. I have it working just fine behind my firewall/router, which is performing NAT.

Collapse -

DNS configuration for single server LAN

by cavedweller In reply to DNS configuration for sin ...

I have setup primary domains on my NT-4 Server/Microsoft DNS Server system for my local network. On the first screen of DNS Manager add your server, create a new domain, then create a new reverse domain (333.222.111.in-addr.arpa). Go to the forwarddomain and enter your hosts making sure to update the PTR records (which are placed in the reverse domain). Go to the property sheet for your server and set your ISP's DNS server in the "forward to" field.

Your clients must point to your server for DNS. Your server forwards requests it can't answer to your ISP and returns the results to the client.

This method works here and you should be able to make it work for you.

Collapse -

DNS configuration for single server LAN

by Todd O. In reply to DNS configuration for sin ...

The question was auto-closed by TechRepublic

Collapse -

DNS configuration for single server LAN

by expertpc In reply to DNS configuration for sin ...

Do you have the DNS entry for the server's NIC set to the DSL router or to itself. It needs to point to itseld as it is a DNS server.

Try this quick test. Open the DNS MMC from another Windows 2000 client on your LAN. Connect to the Server (in the DNS MMC). Rt click the server name then go to properties. Select the Monitoring tab. Run both tests. This should not be done while on the server as it can return eroniuos results. Did they pass?

If you have your DNS set at root authority it will not be able to hit the internet. The following is straight from MS Study materials:

"To allow your DNS server to perform name lookups on the Internet, ensure that you have not configured a root zone on the server, and that the ROOT HINTS tab in the PROPERTIES dialog box of the server contains a list of servers that are authoritive for the root zone of the internet"

Please feel free to email me screen shots of every properties entry under that zone.

I would suggest deleting and recreating the zone.

Good Hunting!

Collapse -

DNS configuration for single server LAN

by Todd O. In reply to DNS configuration for sin ...

The question was auto-closed by TechRepublic

Back to Windows Forum
11 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums