| Author |
Message |
LB
Guest
|
 Posted:
Thu Jan 27, 2005 1:33 am Post subject:
simple DNS setup on W2K3? |
|
|
I have a NT4 domain with W2K servers (excluding PDC/BDC's). We use an
MSFT ISA firewall with internal network address scheme of
223.38.50.1-254 for our internal network,. The clients currently use
the firewall client to get out to the internet. I have tried
unsuccessfully to setup a forwarding DNS server, when I do it basically
corrupts my internal traffic. I am currently building a W2k3 server and
will try the DNS again. All I want to do is to forward lookup for
internal clients, so I can use it in my DNS entry in my DHCP. How can I
set it up so that it does not forward out for the 223.38.50 range?
Thanks,
LB |
|
| Back to top |
|
 |
Herb Martin
Guest
|
| Posted:
Thu Jan 27, 2005 1:48 am Post subject:
Re: simple DNS setup on W2K3? |
|
|
"LB" <lkb5@hotmail.com> wrote in message
news:1106768004.612739.157920@c13g2000cwb.googlegroups.com...
| Quote: | I have a NT4 domain with W2K servers (excluding PDC/BDC's). We use an
MSFT ISA firewall with internal network address scheme of
223.38.50.1-254 for our internal network,.
|
How did you get that range for the internal addresses?
| Quote: | The clients currently use
the firewall client to get out to the internet. I have tried
unsuccessfully to setup a forwarding DNS server, when I do it basically
corrupts my internal traffic.
|
Where? All DNS clients should be set to INTERNAL
DNS server (set) ONLY. (NIC->IP properties.)
The internal DNS servers should forward to the ISP
(to external DNS only.) (Forwarding tab of the MMC.)
Remember that DCs and even DNS servers are themselves
DNS clients.
| Quote: | I am currently building a W2k3 server and
will try the DNS again. All I want to do is to forward lookup for
internal clients, so I can use it in my DNS entry in my DHCP. How can I
set it up so that it does not forward out for the 223.38.50 range?
|
Setup an internal Reverse zone for that range.
My guess is you just appropriated this range however.
--
Herb Martin
|
|
| Back to top |
|
|
LB
Guest
|
| Posted:
Thu Jan 27, 2005 4:38 am Post subject:
Re: simple DNS setup on W2K3? |
|
|
Thanks for the quick reply Herb.
The 223 address was already setup when I got here. I have heard of
other companies using this range many years ago (1995) as I believe it
is a reserved unused range so I have not changed it.
I want to point my DHCP clients to this server for DNS, and the gateway
will be my firewall.
This is the only DNS server; I think my solution is the internal
reverse zone.
So in the reverse lookup zones, do I create a primary zone and enter
the PTR and cname entries for my servers?
Thanks,
LB |
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Thu Jan 27, 2005 6:23 am Post subject:
Re: simple DNS setup on W2K3? |
|
|
"LB" <lkb5@hotmail.com> wrote in message
news:1106779093.471557.314730@z14g2000cwz.googlegroups.com...
| Quote: | Thanks for the quick reply Herb.
The 223 address was already setup when I got here. I have heard of
other companies using this range many years ago (1995) as I believe it
is a reserved unused range so I have not changed it.
|
Technically you don't own it.
The correct privately administered ranges are:
192.168.0.0/16
172.16.0.0/12
10.0.0.0/8
| Quote: | I want to point my DHCP clients to this server for DNS, and the gateway
will be my firewall.
|
"This"??? Which server?
| Quote: | This is the only DNS server; I think my solution is the internal
reverse zone.
|
??? Reverse zones are almost never important internally.
| Quote: | So in the reverse lookup zones, do I create a primary zone and enter
the PTR and cname entries for my servers?
|
Yes. If you need reverse zones.
What actual problems are you experiencing now?
What symptoms?
Do you have an INTERNAL DNS servers? (You should
not be doing any of the above externally.)
--
Herb Martin
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Thu Jan 27, 2005 6:47 am Post subject:
Re: simple DNS setup on W2K3? |
|
|
In news:1106779093.471557.314730@z14g2000cwz.googlegroups.com,
LB <lkb5@hotmail.com> commented
Then Kevin replied below:
| Quote: | Thanks for the quick reply Herb.
The 223 address was already setup when I got here. I have
heard of other companies using this range many years ago
(1995) as I believe it is a reserved unused range so I
have not changed it.
I want to point my DHCP clients to this server for DNS,
and the gateway will be my firewall.
This is the only DNS server; I think my solution is the
internal reverse zone.
So in the reverse lookup zones, do I create a primary
zone and enter the PTR and cname entries for my servers?
|
The 223.0.0.0/8 CIDR is a reserved range and really shouldn't be used
without permission from IANA.
To keep these from going to the internet create a reverse lookup zone named
223.in-addr.arpa.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in