Question

Locked

DNS setup advice

By erickson147 ·
I have a 2003 windows server acting as the domain controller and also running Active Directory for user and computer accounts, which requires DNS to be configured.

From the Windows 2003 server is a linksys router running the DHCP service which is connected to a Cisco router that supplies the ISP settings.

I have the server set to a static IP 192.168.1.2 and the DNS setup on the domain controller, but it takes about 5 minutes for a client to logon to the domain.

How do I need to configure the DNS service and Active Director on the server to speed up the login process?

Do I have to set up a forwarding zone to the ISP DNS?

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

RE: DNS setup advice

by Matthew S In reply to DNS setup advice

Someone with more relevant experience may provide better detail.

My take based on past experience would be keep it simple, which means using Win2003 server to the max, and leave your routers to route:

- Run DHCP on Win2003 Server (optional but cleaner, and enables dynamic mapping of AD objects, DNS entries (for clients) & IP addresses)

- If you leave the Linksys DHCP running, you need to override the DNS server settings in the DHCP settings to point to your Win2003 Server (i.e. DNS set to 192.168.1.2) not your ISP's DNS services.

- Set up DNS forwarding on Win2003 to your ISP's DNS servers or utlize a service such as OpenDNS (which I use and beleive is provides superior performance & results). Running DNS on Win2003 server will improve general DNS look-up performance because it will cache DNS look-ups, saving the latency of going out to your ISP's servers every time.

Hope this helps.

Collapse -

DNS Setup Advice

by erickson147 In reply to RE: DNS setup advice

Thanks for the fast response Matthew. I'm going to be working on this configuration later this afternoon. I'm going to try using your suggestion of setting up DHCP on the Win2003 server, and creating a forward to the ISPs DNS. This should also help me with my faster logon response?

If I leave my Linksys DHCP running and point to Win2003 server 192.168.1.2. I would still need to setup forwarding on the Win2003 server to the ISPs DNS? Correct?

Since my Win2003 server is my DC and running AD would I be able to run a program such as OpenDNS?

Collapse -

DNS setup

by Dean Wheatley In reply to DNS Setup Advice

Just to add to Matthews post, OpenDNS is a web based service which you create a user account on and is extremely good imo. My suggestion would be to setup your DNS domain on your DC, along with DHCP. (Make sure you set you DNS to only use secure updates.)
On your DHCP scope set your server IP address as the gateway, and DNS server, that way each client will have the same gateway and DNS settings.
Using routing and remote access tell your server the address of the router as it's gateway. Then set your routers DNS to the openDNS or your ISP's DNS server.

That should create a more secure and uniform environment. There may be better ways to do it but this ways has worked well for my network for over a year without issue.

Hope this helps

Dean

Collapse -

Setup DNS from scratch

by erickson147 In reply to DNS setup

HELP! I just can't get anything to work. I have read just about everything on the net. Now I can't add any clients to the domain.

Here are my linksys router settings:

ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : NTIGCPOS4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros L2 Fast Ethernet 10/100 Base
-T Controller
Physical Address. . . . . . . . . : 00-1E-8C-6A-62-3D
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.105
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 216.165.129.157 216.170.153.146

The router is running my DHCP

Server 2003 settings:

Static IP: 192.168.1.2
Domain Name: NTI_Domain
Server Name: NTIDC1

This server is also my domain controller
When I configured my AD I ran the DNS setup wizard.

Is there anyway I can delete all forward zones and reverse lookup zones and start from scratch?

Collapse -

clients must use your DC/DNS server

by CG IT In reply to DNS setup advice

in their DNS TCP/IP settings.

What extension did you use for a domain name eg. .com/.net or a non routable .local?

your linksys router is probably the real culprit since you are using 2 routers thus have 2 networks.

Since your linksys router is running DHCP, you need to create options in DHCP for the default gateway [linksys router]. I believe the option # is 3.

With that, clients now have the information for the default gateway.

With DNS, queries not resolved by your DNS server should be forwarded to root hint servers on the internet.

Collapse -

DC/DNS server

by erickson147 In reply to clients must use your DC/ ...

Currently my clients get DCHP from the Linksys router. So you are saying to add the servers IP to the linksys routers DNS entry?

Forward zone: NTI_Domain (Domain Name)
What settings do I need for this? I made a primary.

Reverse Zone: not configured
Forward: 216.x.x.x (ISP DNS)
216.x.x.x (ISP DNS)

Root: was never configured

Can I delete these DNS entries and start from scratch? Also, I need to set the server to a static IP and put that as the DNS IP correct?

Collapse -

Also no PCI Simple Controller on server

by erickson147 In reply to clients must use your DC/ ...

Could this be causing an issue as well? The board is an Intel DP35DP desktop board and I read that the board doesn't support Windows server 2003 drivers?

Sorry to all, but I walked into all of this mess.

Thanks for all the help, it is much needed.

Collapse -

Don't think the board is the problem...

by CG IT In reply to Also no PCI Simple Contro ...

here's the deal. workstations on the network must use the W2003 Active Directory domain controller which also has DNS service running on it as their preferred DNS server in TCP/IP settings of their network card. This is for Active Directory login purposes. This is most likely why it takes users a long time to log in. They don't have the correct DNS server listed to find your W2003 domain controller.

The problem arises as to how are workstations going to get the information they need to find the AD Domain Controller? [and get to the internet[

Since your router is providing DHCP services, you have to create options in DHCP to provide workstations with DNS information. I believe option 6 is for DNS servers.

Another problem is configuring the default gateway. Again, you create an option in DHCP specifying the routers address as the default gateway .

Now, I'm not sure if your consumer level Linksys router is capable of having DHCP options. If not, you'll have to resort to turning that off, using your Cisco router for DHCP which I know can have options, or using your W2003 Server as your DHCP server and going that route.

Back to Networks Forum
9 total posts (Page 1 of 1)  

Hardware Forums