Please! Need DNS Help.

  • Thread starter Thread starter Blitz
  • Start date Start date
B

Blitz

Hello group,
I need help. Here is what we have: One DC with 2000 server and AD, DHCP,
DNS installed, seven workstations with NT4.0 and 2000 Pro. We are currently
using Winproxy 2.0 and a USR Sportster modem for our internet connection. I
am trying to replace winproxy with a USR 8000A router. I turned off
winproxy and hooked the modem and the server into the router, setup the
dial up connection in the router, turned off DHCP and set the IP to
192.168.1.254 in the router. Server settings are:
Windows 2000 IP Configuration

Host Name................:scott-hv50k7edd
Primary DNS Suffix.......:srsys.srsys
Node Type................:Broadcast
IP Routing Enabled.......:Yes Does this need to be
on???? We don't have outside connections.
WINS Proxy Enabled.......:No
DNS Suffix Search List...:stsys.srsys

Ethernet adapter Local Area Connection
Connection-specific DNS Suffix.:
Description....................:Intel(R) PRo

Physical Address...............:00-90-27-1A-3A-2A
DHCP Enabled...................:No
IP Address.....................:192.168.1.2
Default Gateway................:192.168.1.254
DNS Servers....................:192.168.1.2

Also set DNS forwarders to our ISP's primary and secondaryDNS servers.
Problem is I get a DNS error when using IE on almost all web pages. Email
works Outlook. I can ping the router but not the ISP's DNS servers. When I
hook the modem back to the server and start winproxy all is well again. I
do notice a host entry that changes to the ISP's IP under the DNS when
connected to the internet, and changes back to local IP when disconnected.
This does not happen when using the router. I've searched for two days
trying to find a solution.
 
Maybe this will help. When I take one 2000 pro workstation and connect it
to the router with no other computers connected to the router. I enabled
DHCP for the router and still the browser will not work. I can tracert my
isp's dns server and google. Here is the IP config:]

Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : SRSYS
+lÉ

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : +lÉ
Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX
NIC
(3C905B-TX)
Physical Address. . . . . . . . . : 00-50-04-BA-E3-26
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.199
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
Lease Obtained. . . . . . . . . . : Wednesday, March 16, 2005
8:05:14 AM

Lease Expires . . . . . . . . . . : Monday, January 18, 2038
10:14:07 PM
 
In
Blitz said:
Hello group,
I need help. Here is what we have: One DC with 2000
server and AD, DHCP, DNS installed, seven workstations
with NT4.0 and 2000 Pro. We are currently using Winproxy
2.0 and a USR Sportster modem for our internet
connection. I am trying to replace winproxy with a USR
8000A router. I turned off winproxy and hooked the modem
and the server into the router, setup the dial up
connection in the router, turned off DHCP and set the IP
to 192.168.1.254 in the router. Server settings are:
Windows 2000 IP Configuration

Host Name................:scott-hv50k7edd
Primary DNS Suffix.......:srsys.srsys
Node Type................:Broadcast
IP Routing Enabled.......:Yes Does
this need to be on???? We don't have outside connections.
WINS Proxy Enabled.......:No
DNS Suffix Search List...:stsys.srsys

Ethernet adapter Local Area Connection
Connection-specific DNS Suffix.:
Description....................:Intel(R) PRo

Physical Address...............:00-90-27-1A-3A-2A
DHCP Enabled...................:No
IP Address.....................:192.168.1.2
Default Gateway................:192.168.1.254
DNS Servers....................:192.168.1.2

Also set DNS forwarders to our ISP's primary and
secondaryDNS servers. Problem is I get a DNS error when
using IE on almost all web pages.
Click to expand...

Have you verified you are using your ISP's correct DNS servers?
Some ISP's, especially the large ones, have recursion disabled on the DNS
servers they use for authority over domains they host. The only domains they
can resolve are the domains they host. These ISP's have other caching only
DNS servers you are supposed to use as your forwarder.
I'm not sure of your ISP, since you didn't post the DNS addresses you are
using, but you can put 4.2.2.2 in as a forwarder to see if it fixes your
problem.
Email works Outlook. I
can ping the router but not the ISP's DNS servers.
Click to expand...

This may only mean that ICMP is disabled on the DNS IP address, ping is not
the proper tool to use, it uses the wrong protocol. You can use nslookup to
see if the DNS server is resolving any name and to see if recursion is
disabled. Use these commands to test the DNS server:
nslookup -d2
server <ispdnsaddress>

Resolve a name.

Look at the answer section, it should say "want recursion, recursion avail."
If it does not say recursion avail. You'll need to use a different DNS
server as a forwarder.

I also notice in your follow-up post that your Win2k member client is using
the router for DNS, Do Not do this in an Active Directory domain. All domain
members must use your DC for DNS. No exceptions, no ISP or any DNS that does
not support the AD domain is allowed in any position on any interface. You
will notice that using the router for DNS extends the logon time to
authenticate with the domain takes several minutes and you may not be able
to access local domain resources.
 
In

Have you verified you are using your ISP's correct DNS servers?
Some ISP's, especially the large ones, have recursion disabled on the
DNS servers they use for authority over domains they host. The only
domains they can resolve are the domains they host. These ISP's have
other caching only DNS servers you are supposed to use as your
forwarder. I'm not sure of your ISP, since you didn't post the DNS
addresses you are using, but you can put 4.2.2.2 in as a forwarder to
see if it fixes your problem.


This may only mean that ICMP is disabled on the DNS IP address, ping
is not the proper tool to use, it uses the wrong protocol. You can use
nslookup to see if the DNS server is resolving any name and to see if
recursion is disabled. Use these commands to test the DNS server:
nslookup -d2
server <ispdnsaddress>

Resolve a name.

Look at the answer section, it should say "want recursion, recursion
avail." If it does not say recursion avail. You'll need to use a
different DNS server as a forwarder.

I also notice in your follow-up post that your Win2k member client is
using the router for DNS, Do Not do this in an Active Directory
domain. All domain members must use your DC for DNS. No exceptions, no
ISP or any DNS that does not support the AD domain is allowed in any
position on any interface. You will notice that using the router for
DNS extends the logon time to authenticate with the domain takes
several minutes and you may not be able to access local domain
resources.
Click to expand...
Here is an update. I logged a workstation out of the domain and logged in
locally, that's why it has the routers dns. My ISP is Mindspring (now
Earthlink) the dns servers are 207.69.188.187 and 207.69.188.186. The
router will dial up and connect, when I type in an address in the browser
the status bar says: web page found...loading web page..then just hangs.
I run nslookup -d2, set server to 207.69.188.187, want recursion,
recursion found is in the answer, but when I resolve www.google.com it
times out. Now I have an Earthlink account at my home with a different
access number, when I set the router to dial up my home number (not local
here at work) everything works. So I tried 5 or 6 local numbers here at
work it does not work. I called tech support....that's a joke to try to
explain this to them.(no help at all) Also my home number uses the same
dns servers as the work numbers just defferent gateway and ip. Thanks for
your time
 
Back
Top