Simple DNS Setup - Single 2K server

Archived from groups: microsoft.public.win2000.dns (More info?)

I have an environment with a Single Windows 2000 server. (192.168.0.2)

Linksys Router Provides DHCP. (192.168.0.1)

The DHCP settings in the router are currently setup like this:
DNS1 - ISP DNS SERVER
DNS2 - Internal 2K Server
DNS3 - ANOTHER ISP DNS SERVER

I believed that the Internal 2K server should be first in the list.
HOWEVER, when I set it like that, the workstations can log into the Domain,
but they CANNOT access the Internet. The above configuration works, but I
know it is wrong.

I heard about the Server providing DNS forwarding. I looked at it in the
server, but I remember it saying something about root servers not being able
to do this.

My question - What is the proper DNS setup in this scenario.

Thanks
P
1 answer Last reply
More about simple setup single server
  1. Archived from groups: microsoft.public.win2000.dns (More info?)

    In news:656580D6-D18F-4CD5-9AE2-3BD7E6391AC4@microsoft.com,
    PJM <PJM@discussions.microsoft.com> made a post then I commented below
    > I have an environment with a Single Windows 2000 server. (192.168.0.2)
    >
    > Linksys Router Provides DHCP. (192.168.0.1)
    >
    > The DHCP settings in the router are currently setup like this:
    > DNS1 - ISP DNS SERVER
    > DNS2 - Internal 2K Server
    > DNS3 - ANOTHER ISP DNS SERVER
    >
    > I believed that the Internal 2K server should be first in the list.
    > HOWEVER, when I set it like that, the workstations can log into the
    > Domain, but they CANNOT access the Internet. The above configuration
    > works, but I know it is wrong.
    >
    > I heard about the Server providing DNS forwarding. I looked at it in
    > the server, but I remember it saying something about root servers not
    > being able to do this.
    >
    > My question - What is the proper DNS setup in this scenario.
    >
    > Thanks
    > P

    The recommended 'best practice' with ANY Active Directory environment is to
    ONLY use the DNS servers that are authorative for the AD zone. AD DCs and
    clients query DNS to "find" the domain, so to speak. If it were to ask your
    ISP's DNS, will it 'know' where your domain is? No.

    ONLY use the internal DNS. On the internal DNS, configure a forwarder to
    your ISP's for efficient Internet resolution. If the forwarding option is
    grayed out, delete the Root zone, and try again. If not sure how to delete
    the root zone, if one does exist, or not sure how to configure a forwarder,
    see this article:
    http://support.microsoft.com/?id=300202

    Also, it is *highly* recommended NOT to use your Linksys router for DHCP in
    an AD environment. MS DHCP APIs work hand in hand with MS DNS APIs to offer
    dynamic updates using Option 081, which these Linksys (and other routers) do
    not offer. Disable that service and use your server's DHCP service.

    All of this should give you a clean working headache-free functioning AD
    system, provided there are no other errors associated with AD (single label
    name, NTFRS errors, Netlogon errors, etc), which would require further
    investigation.

    --
    Regards,
    Ace

    Please direct all replies ONLY to the Microsoft public newsgroups
    so all can benefit.

    This posting is provided "AS-IS" with no warranties or guarantees
    and confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
    Microsoft Windows MVP - Windows Server - Directory Services

    Security Is Like An Onion, It Has Layers
    HAM AND EGGS: A day's work for a chicken;
    A lifetime commitment for a pig.
    --
    =================================
Ask a new question

Read More

Internet Service Providers DNS Servers Windows