SBS 2003 and networking

[LKAlbert]

I have a file server that has SBS 2003.
I have a router/firewall/switch between file server and a DSL Bridge Modem.
I have a DSL Bridge modem connected to Bellsouth with a fixed IP address assigned by Bellsouth.
I have a fixed IP address for each of the six computers attached to the router (5 workstations and the file server).
I point each workstation to the file server's IP address as the gateway.
I have pointed each local workstation to the file server's IP address as the preferred DNS server.
I have pointed each local workstation AND the file server to the address of Bellsouth as the alternate DNS server.

It all works, but sometimes very slowly. Have I pointed correctly?

Albert

 

[NEmacGuy]

I have many a few site like yours :

I have the server and workstations gateway set as the IP address of the firewall router.

I have the DNS address of the server as 127.0.0.1.
The server forwards all DNS requests to the ISP's DNS server.
I have the work stations pointing to the server only.
I don't ever want an DNS server that is not on the local network, else you are likely to have name resolution issues on your network, the ISP's DNS server will not know the addresses of PC's on your lan.

I also like using DHCP from the 2000 or 2003 server, the intregation with DNS works well.

 

[markdmac]

I have pointed each local workstation AND the file server to the address of Bellsouth as the alternate DNS server.

This is the only point of failure I see. Remove the ISP DNS from here. Your ISP DNS should only be listed on the SBS Server DNS on the Forwarders tab.


I hope you find this post helpful.

Regards,

Mark

 

[LKAlbert]

Thank you very much for the insight. I have changed the settings on the server for the primary DNS Server to be 127.0.0.1.

I have not yet changed the Alternate DNS on the workstation or the server because I do not yet know what the "Forwarders Tab" is. Also, why do I need to point to Bellsouth as the alternate from either the Server or the Workstation? Why can't I just point to the router 192.168.1.1 as an alternate DNS and let it go back out from the router through the modem to whichever DNS Server is currently running at Bellsouth?

As you can tell, I am still in school!

Albert

 

[markdmac]

If you open the DNS Server snap-in, you will find the DNS Forwarder tab. Your server needs to be authoritative in your domain for local machines to find local resources. When your server does not knwo where a resource is (when a client requests something external) your server will then forward the request to the ISP DNS to find out that information. your server then caches that same information to speed up the next request for those same resources. Pointing to your router only slows down the process.

I hope you find this post helpful.

Regards,

Mark

 

[LKAlbert]

Mark, I found the DNS Snap in, but the ISP information is not in it by name (i.e. bellsouth or some reasonable facimile of that name). However, the IP address is cached in the forward tab from when the server went out through the router (gateway) to get it or perhaps directly from the alternate DNS Server entry in the IP Protocol Properties. It also cached the IP addresses of various sites that I was going to during the day. Your tips and those of the others who commented to this thread REALLY helped me focus on parts of SBS that I had not yet looked at.

Trust me when I say that I am confused, but perhaps a very tinybit less so. I spent all afternoon trying to understand SBS networking and had only some partial successes.

My most successful part was finding how to get through the Windows file wall (Zone Alarm Pro) on one of the workstations to the file server, which is doing a workstation backup tonight. I had to modify Zone Alarm AND the Windows Exception page within the Security Center.

I have had about 7 days of XP class (the first) towards my MCSE and I can see what I have ahead of me. I am 66 and thought that I was retired. All this new technical focus will either make me young again or else will cause my brain to explode. Thank YOU NEmacGuy very much for your help and if you send me more email, I will be pleased to read it them. Thank You Mark and I would live to hear more from you too. Your explanation of going to the DNS Server Snap-in helped beyond the spcific problem you wrote back about.

I am interested in getting more email about SBS 2003, the prime focus of my work at the Lupus Foundation of SE Florida. I thought that being MIS/IT Manager would be easy. Well, it is certainly fun anyway.

ALbert

 

[markdmac]

Albert, there is a Microsoft Course specifically for SBS that you should look into taking.

SBS has enough difference between it and regular Windows 2003 that you can actually do more harm than good if you don't know the "SBS Way." Make sure whenever you add a computer to the domain that you do it via the web page

http://servername/connectcomputer

and not the way you would a standard configuration in a non-SBS domain.

I've supported SBS for a number of years, (back to the NT4 days) and this version is by far the greatest and most advanced. Whenever you post on Tek-Tips, be sure to specify as you did here that your environment is SBS and be cautious in taking advice. I think the folks here are all very skilled and all well intentioned, but a lot of people who know Windows 2003 really well have never even seen SBS and do not know or understand the nuances it requires.

I applaud your willingness to go after an MCSE at the age of 66. That is amazing to me.

One final note regarding the Forwarders. It sounds to me like you are saying the ISP DNS is not there? They would not be by name, they would be listed by IP address. Verify with your ISP what DNS you should use. If you want generic ones you can use, then you can go with Sprint DNS servers which are 24.221.30.3 and 24.221.30.4. I have these configured on a number of servers when ISP servers have proven to be unreliable.

I hope you find this post helpful.

Regards,

Mark

 

[LKAlbert]

Thank you for the advice, yes I monitor several forums and I can tell who knows SBS, which I always advise that I am using. Yes, I am amazed too, but I am excited by the challenge. I told my wife that I would like to know 1/2 as much as you do (I browsed all the SBS 2003 posts for your comments!)

Here is what I am confused about. The correct DNS Server for Bellsouth is cached by the server as I found out yesterday. If I take it off each workstation as the alternate DNS Server and the server crashes (it did just two days ago when Windows Update crashed - one RAID 1 drive holding only the operating system got out of synch - it is now OK) then everything slows down. If I point it to the Bellsouth DNS and the server crashes, then it will not have to take a separate trip to the gateway and that should make it faster, no? And, while the server is up, it should never go to the alternate, right?

 

[markdmac]

No, you don't want to configure clients with ISP DNS ever because the ISP DNS can only provide information to EXTERNAL resources.

While in theory your clients should never go to a secondary, there can be network delays due to traffic that might cause the server to not respond the very second a PC queries DNS. Better to wait that extra second then to go out over the WAN. Also note that by configuring correctly, only the server goes out over the WAN for DNS and caches the results of all client queries which then educes the number of requests over the WAN, thus reducing WAN traffic.

I hope you find this post helpful.

Regards,

Mark