Questions

Server 2008 as AD/DHCP/DNS D-Link Router as WAN

+
0 Votes
Locked

Server 2008 as AD/DHCP/DNS D-Link Router as WAN

psheehan3
Here is my problem my workstations can't get to the internet. They IPs from DHCP fine and the Server can get on the internet fine, but I don't think I have the DHCP server or DNS server setup right.

IPs: Server 10.10.0.1
Router 10.10.0.5
Scope of IPs - 10.10.100.xx

I set the DHCP option 5 for the router to 10.10.0.5 and the DNS option in DHCP is set to 65.32.5.75, and 65.32.5.74 (my ISPs DNS address)

my NIC is set to static 10.10.0.1 - IP ,255.255.0.0 - Subnet ,10.10.0.5 - Gateway

DNS for NIC - 127.0.0.1, 65.32.5.75

When do an IP config on the workstation I get

IP: 10.10.100.1
Sub: 255.255.0.0
Gateway: 10.10.0.5

Is there anything I am forgetting to do?
Also when I try to join the Domain it says the DC is not found. I'm very green at this and it is my first server. I plan on getting the 70-290 and 70-291 books to get me going aswell but I was looking for some help because it looks like I have everything all set correctly, but its not working
  • +
    0 Votes
    tim.mcgovern

    dunno if you're still having this issue, but here's my $.02.

    your gateway address (the router's IP) is on one subnet (10.10.0.5) and the dhcp server is granting IP address leases on a 10.10.100.0 subnet. that's one problem. put the dhcp range on the same subnet as your internet default gateway, which is your router.

    active directory is tightly integrated with dns, and relies on it for LAN name resolution. you must point the domain controller's nics to the dns server running on that dc (assuming it is the first and only dc in your domain, point it to itself). then, under forward lookup zones, delete the zone, if any, that starts with a dot (.). this will allow the dns server for the dns 'root' server to handle internet dns requests.

    dns needs to handle two types of queries: LAN and internet. point the dns settings of your router to the ip address of the nic for your internal dns server. that means no secondary dns server outside of your LAN should be listed there. otherwise, when client machines request a lookup for local name resolution, the query will be sent to an internet dns server and time out. same reason why your dc cannot be found.

    then, on the lan's dns servers, enable the root hints and set up forwarders under Properties. forwarders will tell the dns server where to forward queries for zones outside of your own domain.

    e.g.

    router (set up with NAT)
    internal LAN IP=10.10.0.1
    external IP from ISP's dhcp server=? (whatismyip.com will tell you what IP address to put in here)
    dns: primary=10.10.0.2 (the dns server on your lan's dc), secondary=(blank)
    dhcp scope=10.10.0.10 to 10.10.0.220, for example

    server2008 (DC/AD/DNS) nic:
    static IP=10.10.0.2
    subnet mask=255.255.255.0
    default gateway=10.10.0.1 (the router)
    dns forwarders for 'All other DNS domains'=65.32.5.75 and 65.32.5.74 (ISP's DNS servers)

    BOTTOM LINE: change "DNS for NIC - 127.0.0.1, 65.32.5.75" to "DNS for NIC - 10.10.0.2" (points to itself)

  • +
    0 Votes
    tim.mcgovern

    dunno if you're still having this issue, but here's my $.02.

    your gateway address (the router's IP) is on one subnet (10.10.0.5) and the dhcp server is granting IP address leases on a 10.10.100.0 subnet. that's one problem. put the dhcp range on the same subnet as your internet default gateway, which is your router.

    active directory is tightly integrated with dns, and relies on it for LAN name resolution. you must point the domain controller's nics to the dns server running on that dc (assuming it is the first and only dc in your domain, point it to itself). then, under forward lookup zones, delete the zone, if any, that starts with a dot (.). this will allow the dns server for the dns 'root' server to handle internet dns requests.

    dns needs to handle two types of queries: LAN and internet. point the dns settings of your router to the ip address of the nic for your internal dns server. that means no secondary dns server outside of your LAN should be listed there. otherwise, when client machines request a lookup for local name resolution, the query will be sent to an internet dns server and time out. same reason why your dc cannot be found.

    then, on the lan's dns servers, enable the root hints and set up forwarders under Properties. forwarders will tell the dns server where to forward queries for zones outside of your own domain.

    e.g.

    router (set up with NAT)
    internal LAN IP=10.10.0.1
    external IP from ISP's dhcp server=? (whatismyip.com will tell you what IP address to put in here)
    dns: primary=10.10.0.2 (the dns server on your lan's dc), secondary=(blank)
    dhcp scope=10.10.0.10 to 10.10.0.220, for example

    server2008 (DC/AD/DNS) nic:
    static IP=10.10.0.2
    subnet mask=255.255.255.0
    default gateway=10.10.0.1 (the router)
    dns forwarders for 'All other DNS domains'=65.32.5.75 and 65.32.5.74 (ISP's DNS servers)

    BOTTOM LINE: change "DNS for NIC - 127.0.0.1, 65.32.5.75" to "DNS for NIC - 10.10.0.2" (points to itself)