DNS forwarding problem

  • Thread starter Thread starter dinendra
  • Start date Start date
D

dinendra

I have an Active directory integrated DNS in my LAN. There
are 3 DNS servers(Single DNS name space) located in 3
VLANs in the same Active directory forest.
I have an External Internet DNS server(Writable ISP DNS)
located in a DMZ. My problem is if i enter a forwarder in
the AD DNS to the Ext DNS for internet name resolution,
users can't browse the Internet. All the users have the AD
DNS server IP as the Prefered DNS entry. If i use the Ext
DNS server IP as the Prefered DNS server, then users can
browse. The issue is, the forwarder entry is not working.
What could be the reason for this?
Please advice

Dinendra
 
In
dinendra said:
I have an Active directory integrated DNS in my LAN. There
are 3 DNS servers(Single DNS name space) located in 3
VLANs in the same Active directory forest.
I have an External Internet DNS server(Writable ISP DNS)
located in a DMZ. My problem is if i enter a forwarder in
the AD DNS to the Ext DNS for internet name resolution,
users can't browse the Internet. All the users have the AD
DNS server IP as the Prefered DNS entry. If i use the Ext
DNS server IP as the Prefered DNS server, then users can
browse. The issue is, the forwarder entry is not working.
What could be the reason for this?
Please advice

Dinendra
Click to expand...

If the external machine cannot resolve names it could be a root "." zone,
disable recursion checked on the Advanced tab, Root hints not resolved, no
gateway on its NIC or a number of other things.

BTW, No member of the AD domain should use the external DNS in their NIC in
any position unless it has a zone for the AD Domain.
 
Does the DNS server in the DNS have Internet name resolution? Also make sure that none of your DNS servers have the "."
root zone configured.

Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the
terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from
which they originated.
 
Back
Top