DNS problems on W2K server with MS Proxy installed

G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

Hello all-
Hoping to find some help on this issue...
First, the config:
I have a Windows 2000 SP4 server configured as a one-armed, caching MS
Proxy 2.0 server, for allowing our employees access to the Internet.
It serves to control access, cache web pages, and serve DNS queries
for Internet access.
The server is not a DC and we run our domain in mixed mode.
DNS server services are configured for caching only.
The server uses our ISP's DNS server as it's primary and secondary DNS
servers and my firewall's internal address as it's default gateway.
The router on the local subnet uses the proxy server as it's default
gateway.
The proxy server has static routes for all internal subnets
Clients are configured to use a local DNS server as Primary (for
internal browsing) and the Proxy server as Secondary (for web
browsing)

Now, the problem:
Web seems to work OK, with one exception, DNS. DNS seems to work as
the wind blows! Web browsing wil be OK for two or three days, then we
will suddenly start receiving Proxy errors (Unable to resolve the
addres of the URL entered, etc..) generally indicating that the URLs
cannot be found. Sometimes this problem will clear up on it's own,
sometimes I can switch the Primary and Secondary DNS on the Proxy
server and that will clear it up. Sometimes rebooting the Proxy
server will clear the problem up.
I spoke to our ISP and they claim that they "currently have no
reported problems" with their DNS servers.
Goal:
I want to know that my config is rock solid before I go back to my ISP
and tell them that the problem is on their end because of X, Y, and Z.

Any help would be greatly appreciated.
Matt Weisman
Milwaukee, WI
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

"M Weisman" <mweisman@wi.rr.com> wrote in message
news:d769adc4.0410261048.2dbda488@posting.google.com...
> Clients are configured to use a local DNS server as Primary (for
> internal browsing) and the Proxy server as Secondary (for web
> browsing)

There is the problem. Everything,..I repeat *everything*,...must use the
local DNS Server and that is the *only* one that must be used. The ISP's
DNS will appear in only one place and that is inside the Forwarder's List
within the configuration of you local DNS Server.

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

In news:d769adc4.0410261048.2dbda488@posting.google.com,
M Weisman <mweisman@wi.rr.com> commented
Then Kevin replied below:
> Hello all-
> Hoping to find some help on this issue...
> First, the config:
> I have a Windows 2000 SP4 server configured as a
> one-armed, caching MS Proxy 2.0 server, for allowing our
> employees access to the Internet. It serves to control
> access, cache web pages, and serve DNS queries for
> Internet access.
> The server is not a DC and we run our domain in mixed
> mode.

Which is it. is it a DC or not? You can't have a Win2k domain without a DC.

> DNS server services are configured for caching only.
> The server uses our ISP's DNS server as it's primary and
> secondary DNS servers and my firewall's internal address
> as it's default gateway. The router on the local subnet
> uses the proxy server as it's default gateway.
> The proxy server has static routes for all internal
> subnets
> Clients are configured to use a local DNS server as
> Primary (for internal browsing) and the Proxy server as
> Secondary (for web browsing)
>
> Now, the problem:
> Web seems to work OK, with one exception, DNS. DNS seems
> to work as the wind blows! Web browsing wil be OK for
> two or three days, then we will suddenly start receiving
> Proxy errors (Unable to resolve the addres of the URL
> entered, etc..) generally indicating that the URLs cannot
> be found. Sometimes this problem will clear up on it's
> own, sometimes I can switch the Primary and Secondary DNS
> on the Proxy server and that will clear it up. Sometimes
> rebooting the Proxy server will clear the problem up.
> I spoke to our ISP and they claim that they "currently
> have no reported problems" with their DNS servers.
> Goal:
> I want to know that my config is rock solid before I go
> back to my ISP and tell them that the problem is on their
> end because of X, Y, and Z.

In an Active Directory Domain environment, you must have a local DNS server
preferably on a DC. All DCs and domain members must use the local DNS only
in TCP/IP properties, no ISP's allowed in any position. You can configure
your ISP's DNS as a forwarder only.
300202 - HOW TO: Configure DNS for Internet Access in Windows 2000
http://support.microsoft.com/?id=300202&FR=1

825036 - Best practices for DNS client settings in Windows 2000 Server and
in Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;en-us;825036


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

> Which is it. is it a DC or not? You can't have a Win2k domain without a DC.

It's not a DC, as was stated in the original message. Just because
it's not a DC doesn't mean we don't have other servers (among then
DCs, all of which are DNS servers) in the enterprise.

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message news:<O1ill#BvEHA.940@TK2MSFTNGP14.phx.gbl>...
<snip>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

Phil-
Thanks! Made some tweaks along these lines and have things running in top shape.
Matt

"Phillip Windell" <@.> wrote in message news:<e94evQ5uEHA.2804@TK2MSFTNGP14.phx.gbl>...
> "M Weisman" <mweisman@wi.rr.com> wrote in message
> news:d769adc4.0410261048.2dbda488@posting.google.com...
> > Clients are configured to use a local DNS server as Primary (for
> > internal browsing) and the Proxy server as Secondary (for web
> > browsing)
>
> There is the problem. Everything,..I repeat *everything*,...must use the
> local DNS Server and that is the *only* one that must be used. The ISP's
> DNS will appear in only one place and that is inside the Forwarder's List
> within the configuration of you local DNS Server.
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns,microsoft.public.proxy (More info?)

Very good, sir!

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

"M Weisman" <mweisman@wi.rr.com> wrote in message
news:d769adc4.0410291112.1bd1cb88@posting.google.com...
> Phil-
> Thanks! Made some tweaks along these lines and have things running in top
shape.
> Matt
>
> "Phillip Windell" <@.> wrote in message
news:<e94evQ5uEHA.2804@TK2MSFTNGP14.phx.gbl>...
> > "M Weisman" <mweisman@wi.rr.com> wrote in message
> > news:d769adc4.0410261048.2dbda488@posting.google.com...
> > > Clients are configured to use a local DNS server as Primary (for
> > > internal browsing) and the Proxy server as Secondary (for web
> > > browsing)
> >
> > There is the problem. Everything,..I repeat *everything*,...must use the
> > local DNS Server and that is the *only* one that must be used. The
ISP's
> > DNS will appear in only one place and that is inside the Forwarder's
List
> > within the configuration of you local DNS Server.