The DC should be using its own IP address for DNS, and the clients also
should be using only the DC's IP address for DNS. You will have problems
with AD if the clients are using some other DNS service.
DNS on your DC should be set to forward all other domains to a public
DNS server (such as Verizon).
"cgmsys" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
> Here is the overview
>
> A network with 1 server and about 10 clients lost their internet
> access today. they are on Verizon but it appears they were using old
> Covad DNS numbers. I got the clients seeing the internet but can't get
> the server to see the internet.
>
> the server is a Machine running server 2003 (upgraded from 2000).
> - it is the domain controller
> - It is a DNS server
> - It is an Exchange server (I know you aren't supposed to run that
> with DNS Server that's the way I got it)
> - Running a legacy system on foxpro that requires the DNS server
> mappings apparently
> - Fixed IP
> - Verizon ISP
> - Linksys BEFSR41 router.. Some port forwarding for rdp (we did not
> change anything)
>
> - A mix of XP pro clients all running fixed UP addresses.
> - Problem began today when they lost their internet. Apparently, they
> were using old COVAD DNS numbers. My guess is that Covad blocked
> access to their DNS from people running on other ISPs
>
> - I Fixed the clients by using Verizon DNS servers. The linksys
> 192.168.1.1 is the gateway
>
> The Server will not see the internet. Here's what I tried and some
> results
>
> - Set the internet connection settings to the linksys as the gateway
> and the verizon DNS numbers for the DNS. Also tried setting the dns to
> the server's IP of .3
>
> - Netdiag reports - WARNING - Cannot find a primary authoritative DNS
> server for the name .... ERROR_TIMEOUT
> and
> The DNS entries for this DC cannot be verified right now on Dserver
> (Verizon DNS IPS)
>
>
> - Tried adding the Verizon DNS numbers to the server DNS forwarders
> list in the DNS server. That seems to have no effect.
>
> - The Monitor portion of the DNS server shows a pass for a simple DNS
> test but a fail on a recursive test.
>
> - A Ping or traceroute to an internet (non local) IP shows a TTL
> timeout
>
> - A tracert to any internet IP shows every hop being .3 (the server).
> In other words, it appears that nothing is getting out of the server/
> DNS server. I don't think it's even getting to the linksys
>
> - I can ping the linksys and even open the linksys control panel from
> the server.
>
> - If I try to stop the DNS server, it also stops Net LOGIN which stops
> the legacy software from working.
>
> - All of the internal networking including the exchange server seems
> to be working
>
> - I checked the add and remove programs and there does not seem to be
> any firewalls running.
>
> - I could not find a HOSTS file (I thought maybe there was some kind
> of redirect. I did see an LMHOSTS I believe
>
> I should add that the server had not had any antivirus running on it
> prior to me taking over. I just added Norton Corp 10.2. When it ran a
> scan it reported about 30 items. (trojam/virii). There is a possibilty
> that the machine had a hacker in it but I think that the problem is
> more in the configuration.
>
> My guess is that the DNS server isn't configured properly (or perhaps
> the Domain Controller).. Either way, I'm about out of ideas..
>
> thanks....
> I'd appreciate any thoughts or ideas here.
>
> chris
>
|
Similar Threads
Linear Mode
