DNS Forwarding

[Kyle Brost]

Hello,

I have Windows 2000 server that is acting as router. The local
network has 10+ computers with addresses starting with 10.4.*. The
local network is connected to a corporate network through a VPN which
contains the DNS information for both the local and corporate
networks. Each client is configured to use the corporate network's
DNS server.

My problem. When the corporate VPN link goes down, I lose my address
resolution. All DNS requests (internal and external) are sent down
the VPN (which can be slow at times).

I think I need to setup a local DNS that forwards internal DNS queries
to the corporate DNS and external DNS queries to my local ISP.

1) Is this possible with Windows 2000 server?
2) How do I setup the DNS to selectively forward based on the domain?
3) How could I extend this solution to cache (or copy) the local DNS
addresses from the corporate DNS into the local DNS?

Thanks,


Kyle
----

 

[Herb Martin]

I think I need to setup a local DNS that forwards internal DNS queries

to the corporate DNS and external DNS queries to my local ISP.

This is difficult to do with any DNS -- the server forwards
to the (first) one that is up and if returns a negative answer
then you would never get to the second network (resolution),
e.g., the Internet.

Generally in this situation you will make your DNS server
a corporate Domain/Zone Secondary and then forward
everything else to the Internet.

1) Is this possible with Windows 2000 server?

Yes, as in the final paragraph of my answer above.

2) How do I setup the DNS to selectively forward based on the domain?

That''s difficult - make it a secondary for intennal domain(s) and forward
only the external.

3) How could I extend this solution to cache (or copy) the local DNS
addresses from the corporate DNS into the local DNS?

Make it a secondary as suggested and that is what it does (it's not
called caching because it now has an "authoritative" copy of the whole
zone.)

Caveat: If you have more than one Internal Zone/Domain it gets
progressively
more difficult or less efficient.

 

[Michael Johnston [MSFT]]

Windows 2000 doesn't have an option for selective forwarding. You do have the ability to add a second forwarder though. This would allow you to forward to
the corp DNS server. If this server is down, IE VPN goes down, DNS will forward to the second forwarder in the list. Windows Server 2003 does have the
option for selective forwarding.

Thank you,
Mike Johnston
Microsoft Network Support
--

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they originated.

 

[William Stacey]

1) Is this possible with Windows 2000 server?
Not conditional forwarding. You could, however, setup a secondary for your
corporate DNS zone on your local server, then just setup a forwarder to your
ISP which will handle everything else.

2) How do I setup the DNS to selectively forward based on the domain?

Need w2k3 or forward zones in BIND.

3) How could I extend this solution to cache (or copy) the local DNS
addresses from the corporate DNS into the local DNS?

Would not need to. DNS will handle the caching based on TTL times of
answers. Your cache will be built automatically.
HTH