DNS Resolution

[Guest]

Hi,

I use 2000 server as domain controller and client machines are windows XP
pro. My domain name is vakdomain.com but it is not registered. I use this
only internally. My internet gateway is another server hosted in linux with a
DNS provided by the ISP. What my problem is, when i give the domain server IP
in primary DNS and the ISP's DNS in the Secondary DNS, the users are not able
to browse the internet. When i give the ISP's DNS in the Primary DNS and
domain server IP in Secondary DNS, the group policy does not apple properly
and sometimes the XP keeps searching for the domain controllerin the
authentication screen.... I need to solve this issue..... Please help me...

Thanks in Advance

Regards
Venkat

 

[Jorge de Almeida Pinto]

Point internal servers and clients to the internal DNS only...

on the DNS server configure forwarding and assign the ISP DNS as the
forwarder

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto #
BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx

 

[Enkidu]

Hi,

I use 2000 server as domain controller and client machines are
windows XP pro. My domain name is vakdomain.com but it is not
registered. I use this only internally. My internet gateway is
another server hosted in linux with a DNS provided by the ISP. What
my problem is, when i give the domain server IP in primary DNS and
the ISP's DNS in the Secondary DNS, the users are not able to browse
the internet. When i give the ISP's DNS in the Primary DNS and
domain server IP in Secondary DNS, the group policy does not apple
properly and sometimes the XP keeps searching for the domain
controllerin the authentication screen.... I need to solve this
issue..... Please help me...

What Jorge said.

This is one of the most common DNS mistakes that are made.

People assume that when a search is made for a DNS name, if the name is
not found by the first server in the list that the second server will be
asked.

This is not so!

When a client asks a question of a working server it *always* gets an
answer. This answer may be "Name not found". If the client gets an
answer, any answer, even "Name not found", it looks no further. Only if
the first server has failed and doesn't return an answer at all will the
client ask the second server.

The proper way to configure a LAN DNS is to route all DNS queries via
the internal DNS servers. Say you want to look up 'www.google.com'. The
client should be configured to ask the *LAN* DNS server the question.
Since the LAN DNS server won't know the answer, the LAN DNS server
should be configured to *forward* the request to the ISPs DNS server.
The ISPs DNS server then queries other DNS servers on the Internet until
it finds an answer and returns it to the LAN DNS server which informs
the client. The LAN DNS server remembers the 'www.google.com' IP address
in case some other LAN client asks.

Cheers,

Cliff