DNS help (please)

  • Thread starter Thread starter bolt thrower
  • Start date Start date
B

bolt thrower

Strange DNS problems here at the office.

We have an internal DNS server and an external DNS server that is sitting
outside the firewall. The internal DNS server is looking at itself first
and the external server second. Forgive my ignorance, but it seems to me
that that means it will query itself and, if it doesn't find a record, it
will query the external box. Right?

Well doing an nslookup for some site (foxnews.com for example) results in
the internal box not finding it. Why, I don't know, but what bothers me
is that it doesn't ask the external box. Doing an nslookup on the
external server, everything resolves fine.

Its to the point now where my dhcp scopes are handing out both servers to
clients -- the internal first and the external second.

And the clients are doing the same thing -- they ask the internal server
first, and when it fails, they simply ignore the external server.

Any ideas? Thanks.
 
In
bolt thrower said:
Strange DNS problems here at the office.

We have an internal DNS server and an external DNS server that is
sitting outside the firewall. The internal DNS server is looking at
itself first and the external server second. Forgive my ignorance,
but it seems to me that that means it will query itself and, if it
doesn't find a record, it will query the external box. Right?

Well doing an nslookup for some site (foxnews.com for example)
results in the internal box not finding it. Why, I don't know, but
what bothers me is that it doesn't ask the external box. Doing an
nslookup on the external server, everything resolves fine.

Its to the point now where my dhcp scopes are handing out both
servers to clients -- the internal first and the external second.

And the clients are doing the same thing -- they ask the internal
server first, and when it fails, they simply ignore the external
server.

Any ideas? Thanks.
Click to expand...

Do you have a forwarder listed on the forwarders tab?
 
Hello,

I think Kevin is totally right. You need to enable forwarders on your DNS
server for external Domain names. Then only point your clients at the
internal DNS server. The only time we use the secondary DNS server is when
the first does not respond. Even if your DNS server answers with a
"Non-existent domain" it has answered and the client will not query the
secondary DNS server.

Here is an article that gives some very good reccomendations;
825036 Best practices for DNS client settings in Windows 2000 Server and in
http://support.microsoft.com/?id=825036

Larry Stotler, MCSE
Microsoft Product Support

NOTE: Please reply to the newsgroup and not directly to me. This allows
others to add to and benefit from these threads and also helps to ensure a
more timely response. Thank you!

This posting is provided "AS IS" without warranty either expressed or
implied, including, but not limited to, the implied warranties of
merchantability or fitness for a particular purpose
 
Back
Top