How to configure DNS for Internet access in Windows Server 2003 (323380)
The information in this article applies to:
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, 64-Bit Datacenter Edition
- Microsoft Windows Server 2003, 64-Bit Enterprise Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
This article was previously published under Q323380 For a Microsoft Windows 2000 version of this article,
see
300202. IN THIS TASKSUMMARY This step-by-step guide describes how to configure Domain
Name System (DNS) for Internet access in the Windows Server2003 products. DNS
is the core name resolution tool that is used on the Internet. DNS handles
resolution between host names and Internet addresses.
back to the topHow to Start with a Stand-Alone Server Running Windows Server 2003 The stand-alone server running Windows Server 2003 becomes a DNS
server for your network. In the first step, you assign this server a static
Internet Protocol (IP) address. DNS servers must not use dynamically assigned
IP addresses because a dynamic change of address could cause clients to lose
contact with the DNS server.
back to the topStep 1: Configure TCP/IP- Click Start, point to Control Panel, point to Network Connections, and then click Local Area Connection.
- Click Properties.
- Click Internet Protocol (TCP/IP), and then click Properties.
- Click the General tab.
- Click Use the following IP address, and
then type the IP address, subnet mask, and default gateway address in the
appropriate boxes.
- Click Advanced, and then click the DNS tab.
- Click Append primary and connection specific DNS
suffixes.
- Click to select the Append parent suffixes of the
primary DNS suffix check box.
- Click to select the Register this connection's
addresses in DNS check box.
Note that DNS servers running
Windows Server 2003 must point to themselves for DNS. If this server needs to
resolve names from its Internet service provider (ISP), you must configure a
forwarder. Forwarders are discussed in the How
to Configure Forwarders section later in this article. - Click OK three times.
NOTE: If you receive a warning from the DNS Caching Resolver service,
click OK to dismiss the warning. The caching resolver is trying to contact
the DNS server, but you have not finished configuring the server.
back to the topStep 2: Install Microsoft DNS Server- Click Start, point to Control Panel, and then click Add or Remove
Programs.
- Click Add or Remove Windows
Components.
- In the Components list, click Networking Services (but do not select or clear the check box), and then click Details.
- Click to select the Domain Name System
(DNS) check box, and then click OK.
- Click Next.
- When you are prompted, insert the Windows Server 2003
CD-ROM into the computer's CD-ROM or DVD-ROM drive.
- On the Completing the Windows Components
Wizard page, click Finish when Setup is complete.
- Click Close to close the Add or Remove Programs
window.
back to the topStep 3: Configure the DNS Server To configure DNS by using the DNS snap-in in Microsoft Management
Console (MMC), follow these steps:
- Click Start, point to Programs, point to Administrative Tools, and then click DNS.
- Right-click Forward lookup zones, and then click New Zone
- When the New Zone Wizard starts, click Next.
You are prompted for a zone type. The zone types
include:
- Primary zone: Creates a copy of a zone that can be
updated directly on this server. This zone information is stored in a .dns text
file.
- Secondary zone: A standard secondary zone copies all of
the information from its master DNS server. A master DNS server can be an
Active Directory, primary, or secondary zone that is configured for zone
transfers. Note that you cannot modify the zone data on a secondary DNS server.
All of its data is copied from its master DNS server.
- Stub zone: A Stub zone contains only those resource
records that are necessary to identify the authoritative DNS servers for that
zone. Those resource records include Name Server (NS), Start of Authority
(SOA), and possibly glue Host (A) records.
There is also an option to the store zone in Active
Directory. This option is only available if the DNS server is a Domain
controller. - The new forward lookup zone must be a primary or an Active
Directory-integrated zone so that it can accept dynamic updates. Click Primary, and then click Next.
- The new zone contains the locator records for this Active
Directory-based domain. The name of the zone must be the same as the name of
the Active Directory-based domain, or be a logical DNS container for that name.
For example, if the Active Directory-based domain is named
"support.microsoft.com", valid zone names are "support.microsoft.com"
only.
Accept the default name for the new zone file. Click Next.
NOTE: Experienced DNS administrators may want to create a reverse
lookup zone, and are encouraged to explore this branch of the wizard. A DNS
server can resolve two basic requests: a forward lookup and a reverse lookup. A
forward lookup is more common. A forward lookup resolves a host name to an IP
address with an "A" or Host Resource record. A reverse lookup resolves an IP
address to a host name with a PTR or Pointer Resource record. If you have your
reverse DNS zones configured, you can automatically create associated reverse
records when you create your original forward record.
back to the topHow to Remove the Root DNS Zone A DNS server running Windows Server 2003 follows specific steps
in its name-resolution process. A DNS server first queries its cache, it checks
its zone records, it sends requests to forwarders, and then it tries resolution
by using root servers. By default, a Microsoft DNS server connects
to the Internet to process DNS requests more with root hints. When you use the
Dcpromo tool to promote a server to a domain controller, the domain controller
requires DNS. If you install DNS during the promotion process, a root zone is
created. This root zone indicates to your DNS server that it is a root Internet
server. Therefore, your DNS server does not use forwarders or root hints in the
name-resolution process. - Click Start, point to Administrative Tools, and then click DNS.
- Expand ServerName, where ServerName is the name of the
server, click Properties and then expand Forward Lookup Zones.
- Right-click the "." zone, and then click Delete.
back to the topHow to Configure Forwarders Windows Server 2003 can take advantage of DNS forwarders. This
feature forwards DNS requests to external servers. If a DNS server cannot find
a resource record in its zones, it can send the request to another DNS server
for additional attempts at resolution. A common scenario might be to configure
forwarders to your ISP's DNS servers.
- Click Start, point to Administrative Tools, and then click DNS.
- Right-click ServerName, where ServerName is the name of the
server, and then click the Forwarders tab.
- Click a DNS domain in the DNS domain list. Or, click New, type the name of the DNS domain for which you want to forward
queries in the DNS domain box, and then click OK.
- In the Selected domain's forwarder IP
address box, type the IP address of the first DNS server to which you
want to forward, and then click Add.
- Repeat step 4 to add the DNS servers to which you want to
forward.
- Click OK.
back to the topHow to Configure Root Hints Windows can use root hints. The Root Hints resource records can
be stored in either Active Directory or in a text file
(%SystemRoot%\System32\DNS\Cache.dns). Windows uses the standard Internic root
server. Also, when a server running Windows Server 2003 queries a root server,
it updates itself with the most recent list of root servers.
- Click Start, point to Administrative Tools, and then click DNS.
- Right-click ServerName, where ServerName is the name of the
server, and then click Properties.
- Click the Root Hints tab. The DNS server's root servers are listed in the Name
servers list.
If the Root Hints tab is unavailable, your server is still configured as a root
server. See the How to Remove the Root DNS
Zone section earlier in this article. You may have to use custom
root hints that are different from the default. However, a configuration that
points to the same server for root hints is always incorrect. Do not modify
your root hints. If your root hints are incorrect and have to be replaced,
click the following article number to view the article in the Microsoft Knowledge Base:237675 Setting up the Domain Name System for Active Directory
back to the topHow to Configure DNS Behind a Firewall Proxy and Network Address Translation (NAT) devices can restrict
access to ports. DNS uses UDP port 53 and TCP port 53. The DNS Service
Management console also uses RCP. RCP uses port 135. These are potential issues
that may occur when you configure DNS and firewalls.
back to the topREFERENCES
For additional information about how integrate DNS Infrastructure if
Active Directory is enabled in Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
323418
How to integrate DNS with an existing DNS infrastructure if Active Directory is enabled in Windows Server 2003
For additional information about how to integrate a new DNS server into an
existing DNS infrastructure in Windows Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
323417
How to integrate Windows Server 2003 DNS with an existing DNS infrastructure in Windows Server 2003
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
816567
How to troubleshoot DNS name resolution on the Internet in Windows Server 2003
249868 Replacing root hints with the
Cache.dns file
back to the top
Modification Type: | Minor | Last Reviewed: | 11/16/2004 |
---|
Keywords: | kbHOWTOmaster kbNetwork KB323380 kbAudITPro |
---|
|