You want your internal clients to use your DC's for their DNS, and your DC's to do root hint lookups or use your ISP's (or Google, or OpenDNS or whoever's) DNS servers as forwarders.
From: Tom Miller [mailto:[email protected]] Sent: 17 November 2010 16:19 To: NT System Admin Issues Subject: DNS question Folks, I have an AD system with mostly 2008 servers. All DCs provide DNS services. DHCP provides internal servers first as DNS servers, then several of our ISP DNS servers are listed. This has never been an issue until recently when staff have begun to report internal addresses/names cannot be resolved, and they get a Cox (our ISP) page not found display in their browsers. Also this only happens at some locations even though DHCP is similar at all WAN locations. So I'm wondering why the clients are not using the first servers in the list (they are on-line, no issues). And perhaps I should not provide external DNS servers via DHCP; provide internal only, and have only ISP DNS servers on my servers that provide DNS services. It's been ages since I set this up so a best practices would be helpful if anyone has them. Tom Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin -- MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
