Archived from groups: microsoft.public.win2000.dns (
More info?)
In article <ORA6OT$yEHA.2568@TK2MSFTNGP11.phx.gbl>, admin@nospam.WFTX.US
says...
> In news:MPG.1c035a415259fa25989a63@news-server.columbus.rr.com,
> Leythos <void@nowhere.org> commented
> Then Kevin replied below:
> > In article <eQmEUX5yEHA.3336@TK2MSFTNGP11.phx.gbl>,
> > lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com
> > says...
> >> Murray wrote:
> >>> Hi Everyone,
> >>> I have been reading some posts and I just thought that
> >>> I should double check to make sure I was doing the
> >>> right / wrong thing.
> >>>
> >>> I should not use the secondary DNS server spot in my
> >>> client workstations to enter the ISP's DNS server as a
> >>> backup.
> >>
> >> Right. Nor on your servers themselves. No
> >> external/public DNS server IPs in your IP configs.
> >
> > I have the DHCP scope setup with DNS1 as the DNS server
> > in the LAN, and it has forwarders to the ISP. I have DNS2
> > and DNS3 setup for the ISP's DNS servers. There is no
> > problem on the network with this that I can see, and it
> > works quite well.
> >
> >>> If I had what would've happened?
> >>
> >> Your computers would eventually start looking for your
> >> domain controllers on the Internet. And wouldn't find
> >> them.
> >
> > Wrong, it will only look for the DNS from the public
> > servers if it can't find the DNS records locally on the
> > internal DNS server. I've used internal DNS with
> > Forwarders and secondary DNS of the ISP in every scope
> > for years, and we're always able to find internal network
> > resources by name.
> >
> > If you add your ISP's DNS it means that you can still
> > resolve external DNS should you take down the DNS server
> > inside your network.
>
> No, you're wrong. If the internal server answers with a not found the query
> will not go to the external DNS, the query stops. If the Preferred
> (internal) DNS responds slowly, as it would if it were busy, the query goes
> to the Alternate DNS if the Alternate responds with either a positive or
> negative answer, it is still considered an answer, then the system will
> consider the Alternate DNS as the best DNS to use and moves it to the
> Preferred position until the system resets the DNS server list (default is
> 15 minutes). Then when the system needs a local query it sends it to the
> external DNS, when the external DNS answers negatively, and it will because
> it cannot possibly know the answer, the query fails and the internal DNS
> will NOT be queried, even though it holds the record.
>
> If you want DNS servers to always use the servers in the order listed in
> TCP/IP properties you will have to modify the registry to reset the server
> list in less than 15 minutes.
I understand what you are staying, but it's not working that way in our
networks, or anywhere else I've set it up that way.
If I query for foobar.zzz I get a not found and can see the ISP's DNS
being queried. If I query for station.mydomain.lan, I get a result and
never see it go outbound. If I take the server down, DNS server, flush
the dsn locally, and query, station.mydomain.lan, it does not go to the
ISP's DNS, it just fails. If I take the dns server down, query for
yahoo.com, it hits the ISP's DNS server just fine. If I have the DNS
server running and query yahoo.com, it hits the ISP's DNS server also.
For any of the forward zones that I've created, none of the queries
against them leave the local network - I can see that they don't go to
the ISP because there is no DNS traffic at that time.
Maybe it's because our internal DNS server never gets busy enough to no
respond? The server, DNS, in most cases, is a single server network,
doing all user auth, files, profiles, and sometimes even SQL 2000. We
have never experienced anything like you suggest.
I will setup a test server like you and one other have posted and try it
to see if there is any difference, but I'm not expecting to see any.
--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
Facebook
Twitter
Instagram