Dns question!

michaelharvey1945 · 2013-12-12T15:45:35.000Z

Hi

Just wondering if anyone can help, I’m currently setting up AD, DNS on windows server 2008, I have created my own domain locally “Home.local” also dns forward lookup and reverse is now configured, 10.0.0.0/24. My question is now i have created my private dns zone " this is a test enviroment that id like to put into play one day" how does my dns resolves queries to access websites like www.google.com or www.yahoo.com as this dns zone is only authoritative for itself? is this the point were i need to create a forward to the isp’s dns to resolve external queries! please excuse my ignore if im way off the mark!!!

any help is much appriciated.

Mike

ls-it · 2013-12-12T18:11:34.000Z

Yes create forwarders, that is all that is needed.

learn.microsoft.com

Configure a DNS Server to Use Forwarders

coloradogeek · 2013-12-12T18:11:50.000Z

By default, the DC will direct DNS queries using root hints in the DNS server. You can configure the server to also use dynamic host services like OpenDNS, Dyn, your ISP’s DNS servers, etc.

jasonf · 2013-12-12T18:16:02.000Z

You Configure DNS forwarders to forward your internet traffic look ups to a public (or your ISPs) dns servers.

Rui-Meleiro · 2013-12-12T18:16:42.000Z

If that’s Windows Server DNS, it will have root hints defined by default and you may add forwarders, as stated before. Just be sure the firewall is not blocking DNS queries via UDP port 53.

Rui-Meleiro · 2013-12-12T18:23:24.000Z

Rui Meleiro:

If that’s Windows Server DNS, it will have root hints defined by default and you may add forwarders, as stated before. Just be sure the firewall is not blocking DNS queries via UDP port 53.

and TCP 53, for failover

ronnie3 · 2013-12-12T18:37:20.000Z

DNS Forwarders are not needed anymore, Windows servers will use root hint as mentioned, so basically their is nothing you need to do. If you configure DNS forwarders to your ISP’s DNS and your IP changes their DNS server you’ll have an outage.

jasonf · 2013-12-12T18:44:36.000Z

RonnieMagic:

DNS Forwarders are not needed anymore, Windows servers will use root hint as mentioned, so basically their is nothing you need to do. If you configure DNS forwarders to your ISP’s DNS and your IP changes their DNS server you’ll have an outage.

Very unlikely that a DNS server IP address is going to change - especially if you have a Business Class service with an SLA they’d need to notify you in advance. Though I wouldn’t recommend listing your ISPs first as they are likely the slowest DNS servers out there.

ls-it · 2013-12-12T18:56:22.000Z

Have a look at this thread, it clearly shows that no one agrees but either way is fine

http://community.spiceworks.com/topic/109784-do-you-use-dns-root-hints-or-forwarders?page=2

ronnie3 · 2013-12-12T19:51:53.000Z

Trust me, it’s happened. Yes an ISP has an SLA but smaller ISPs even large one will send a few emails to the contact on file who may no longer work at the company, is not the true IT person, or they simply just don’t read it. Root hints are more fault tolerant. If 4.2.2.1 or 8.8.8.8 ever went down systems would fail all over the place, all though its not likely.

michaelharvey1945 · 2013-12-13T12:23:59.000Z

Thanks for all the replies very helpful but if i use root hints instead of forwarders how does dns know exactly where to look, I know root hints are tld’s etc but if my dns zone is private how does it determine what to find if that makes sense as its not a public dns?

again please excuse my ignorance as i’ve done a lot of theory around dns and trying to get my head around it fully!!

Rui-Meleiro · 2013-12-13T12:39:07.000Z

When a query hits the Windows DNS server for the domain it will first look for the local domain zone (your 10.0.0.0/24), if the domain suffix is present (eg ping machine.domain.local). Afterwards (and only if not found) it will use forwarders and root hints.