FAQ : Setting up DNS correctly in a Windows 2000 server environment
This document details how you should set up a DNS on a Windows 2000 network.
What you shouldn't do
--------------------------
Clients should not have the ISPs DNS server configured in their DNS settings.
A ISPs DNS server should not be setup as a Windows 2000 servers Primary or Backup DNS server.
What you should do
-----------------------
Setup all clients to use the internal DNS server to resolve. The best way of achieving this is using DHCP.
Any servers should be configured to use the internal DNS servers IP (NOTE: DO NOT USE A LOOPBACK ADDRESS 127.0.0.1) If you have more than one DNS server in the environment - add these as the backup DNS servers.
The DNS Forwarders should be setup to use the ISPs DNS servers to resolve external addresses.
The steps below show how to setup DNS forwarding and create smooth running of DNS
1] To Remove the Root DNS Zone
In DNS Manager, expand the DNS Server object. Expand the Forward Lookup Zones folder.
Right-click the "." zone, and then click Delete.
2] Configing Forwarders
In DNS Manager, right-click the DNS Server object, and then click Properties.
Click the Forwarders tab.
Click to select the Enable Forwarders check box.
In the IP address box, type the first DNS server to which you want to forward, and then click Add.
(When forwarding to a DNS such as your ISP make sure you add both the primary and backup DNS servers)
3] Disabling the DNS binding on public network interfaces
(You can safely ignore this step if you are only using non internet facing interfaces on the server)
By default DNS is bound to all adapters in the server. This causes a problem if you have a public interface connected to the server - such as a modem, cable, or NIC connection.
First look in the DNS records and delete any host (A) records for your server that has a public address.
In DNS Manager, right-click the DNS Server object, and then click Properties. Click on the interfaces tab.
Under Listen On, select Only the following IP addresses.
Type the addresses of only your internal network cards.
4] Resolving your external website
(You can safely ignore this step if your internal domain isn't the same name as your external one)
You need to setup an alias for WWW on your local DNS to resolve to the IP address the website is hosted.
This also applies to any external server you are trying to access using your domain mail eg. mail/smtp etc)
In DNS Manager, expand the server and go into forward lookup zones and select your domain.
Right click on the domain and select 'new alias'. In the Alias Name type www. In the "Fully qualified name for target host" type the FQND of the ISPs hosting server (ie. webhost.force9.net).
FAQ
---
Q : The Root DNS Zone (.) record doesn't exist?
A : Don't worry continue onto the next step - it simply means the server isn't configured as a root server.
Q : What is a DNS forwarder?
A : This feature forwards DNS requests to external servers. If a DNS server cannot find a resource record in its zones, it can send the request to another DNS server for additional attempts at resolution. A common scenario might be to configure forwarders to your ISP's DNS servers.
A DNS server that is setup as a DNS forwarder can handle both internal & external queries.
Q : My server is currently a forwarder how do I revert back to a root server?
A : Create a "." in the Forward Lookup Zone, restart the DNS service or reboot the server.
Q : I haven't got DNS installed how would I install it?
A : From the Control Panel go to Add/Remove Programs -> Add/Remove Windows Components. Go into Networking Services and tick Domain Name System (DNS)
Q : I'm setting up a new DC and having problems?
A : Make sure the DNS setting in TCP/IP properties is set to the internal DNS server - ie. the current DC.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.