Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS should serve only internal

Status
Not open for further replies.
electraboy

electraboy

ISP
Joined
Oct 23, 2001
Messages
119
Location
BE
Hi,

My DNS is currently configured to serve requests to both my NICs.
Over the second NIC shouldn't any requests be served (if you like, correct my english too) because it's the connection to my isp.
Although if i change the settings to only serve requests for my LAN, the simple query (@ the monitoring tab) fails (and the other too).
Is this normal ? It is impossible to make anything foolproof because fools are so ingenious.
Murphy's Laws
 
Sort by date Sort by votes
so, if you go into DNS administrator, on the properties of your server, you've changed the interfaces to just the internal NIC, and then you can't resolve anything?
 
Upvote 0 Downvote
No, i still can resolve hostnames, but i can do this without the server too (cache i suppose).
Which i can't do anymore is access the internet from a client, succesfully do a nslookup and succesfully run the queries from the DNS monitor.
(The nslookup and the failing or not from the monitor is less important, but accessing the internet is important) It is impossible to make anything foolproof because fools are so ingenious.
Murphy's Laws
 
Upvote 0 Downvote
First I should say that you have to understand the way DNS is working. But will not be my mission this.
Second, is to decide what kind of internet access are you offering to your clients.
I can just offer you a (the) solution.
If you are using AD then sure you have a DNS server installed. So, your internal network should have this DNS server. Before to go further be sure that the DNS server is working properly for that position (just internal) (using monitor tool, nslookup).
Configure your DNS server as a non root server (do not have "." domain in its authoritative zone). Add as a forwarder there the DNS server from your provider.
Suppose that you decided to use NAT. You install NAT, and configure the interfaces involved. Configure all your clients to use automatically assigned IP. Go to NAT/Properties/Name resolution and check that clients will use DNS.
And, that should be all.
There are no difficult configuration issues. Just follow the track. Gia Betiu
giabetiu@chello.nl
Computer Eng. CNE 4, CNE 5, soon MCSE2k
 
Upvote 0 Downvote
My DNS is indeed configured like mentioned above.
I use indeed AD and i use also routing and remote access using NAT.
It took me a while too find out how to de-root my server.
But now everything works and if fine except the problem that my server still serves DNS-requests to my ISP (which is not a very hugh problem because the provider probably doesn't let DNS-requests reach my server. But we are not allowed to have a server at the side of the ISP (it's a multihomed server) It is impossible to make anything foolproof because fools are so ingenious.
Murphy's Laws
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

rzammit82
  • Locked
  • Question Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
1K
suncit
suncit
MaioMaio
  • Locked
  • Question Question
Server Remote Desktop License
Replies
0
Views
721
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
923
Aquiles Vidal
Aquiles Vidal
fredmartinmaine
  • Locked
  • Question Question
Domain Controller without DNS Server
Replies
4
Views
1K
fredmartinmaine
fredmartinmaine
antonio_dsanchez
  • Locked
  • Question Question
post-installation WSUS windows server 2016
Replies
0
Views
755
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top