Tony_W

I have 5 Desktop Pcs, with XP Pro SP2 on them, and a server running SBS 2003.
the Pc's route to the server via a hub. the server has 2 lanports: 1 to the hub and 1 to the broadband router.

They all have static IP addresses. The Desktop PCs log onto the server straight away.
My problem is I can't get them to access the internet with the settings I have at the moment.

If I change (on the desktop PC) the primary dns in network properties to the isp's primary dns then I get internet access no problem...BUT..it then takes 5 mins to logon each time.

Can someone point me in the right direction..this is driving me nuts.

I'm assuming it's something to do with DNS, but haven't a clue how to fix it.

BlkKnight

Sounds like your LAN DNS server is not doing external DNS lookups.

Have you specified the ISP's DNS Servers on the LAN DNS server?

Does the LAN DNS Server have a route out to the www?

Does the LAN DNS server have a forward & reverse lookup zone configured?

David_Wallis

Configure you clients to use the server as the DNS server, (if using dhcp, then you need to modify the scope options) then configure your dns on the server to use a forwarder (ISP's DNS Server)

Alternatively if you dont dare, set your primary DNS as server secondary as ISP.

Drop to a command prompt and try nslookup domainname.local (or whatever) and also nslookup www.google.com

David

Tony_W

If I go onto the sevrer I can acess the internet via the router no problem.
I've checked the DNS forward and reverse and it had forwarding setup to my ISP primary and secondary DNS

I'm now thinking of starting full SBS2003 from scratch with a single lan port from the server to the hub and run the router also from the hub, plus not use static IP adresses, but it will take ages and I would like to crack this. ANy ideas.

anything would be much appreciated.

Thank

Tony

Tony_W

Solved it after doing this for a while

I ran MMC (via RUN), added a group policy snap in, and then went into Computer Configuration, AdministrativeTemplates, System, Logon and then changed the "Always wait for the network at computer start up and logon". I made this disabled and saved it.

At the same time I set my default gateway in Network Properties/NIC to my server NIC, plus set the primary DNS to the server NIC and under advanced added the ISP DNS primary and secondary...and... bang...fast as anything both logging on and accessing the internet.

Just got Office SBE 2003 to load and then configure exchange on the server for several email aliases and log ins.. ..I might just be coming back for help on this though!!

Thanks to you all for your help..much relieved at this moment in time

Tony

stevencotton

Do not set up your primary as your own and your secondary as your ISPs, DNS is NOT designed to work that way, primary and secondary don't have anything to do with failover or passthrough.

Tony_W

Steven,

How should I set it up then? I'm open to instruction

It seems to be the only way I can get both fast logon to the server AND internet access.

If I set the defualt gateway and primary DNS in Network connections to the server, it logs on fast but I don't have internet access.

If I set up the primary and secondary DNs in network connecitons to the ISP it take sup to 5 mins to logon but I have internet access.

What to do you mean by "failover or passthrough"

Tony

stevencotton

A secondary nameserver is purely to do zone transfers off of the SOA for the zone, what I mean with failover or passthrough is, your primary and secondary have zero to do with "if you can't look it up here, look it up there". The secondary just shares the load with the primary, or handle all of it if the primary is down.

I can't offer you any assistance with the Windows problem, but I can try and prevent people from installing broken DNS

stevencotton

What you probably need is a caching nameserver. You set it to be authorative for your local domain, but forward queries it doesn't know about to your ISP. The 5 minute wait to log on sounds like a reverse DNS lookup timing out.

Tony_W

Thanks Steven,

Should I remove the reverse dns lookup then? (Well, I would if I could remember how..was it in Server Management?)

stevencotton

If your DNS server is set up correctly you won't need to, because it will be able to get the reverse - assuming that is what the long login problem is.

David_Wallis

If it is reverse lookup problem then you can just do that easilly in DNS admin...

I should have thought better about what I was typing but Im not suggesting that you configure it permanantley like that..

The config should be say.. server IP add 10.0.0.1, isp 192.168.0.1 & 192.168.0.2

Server DG - Router IP Add - only on the network card that connects to the router, leave the other one blank!
Primary DNS 10.0.0.1
Secondary Blank

Configure the forwarders to 192.168.0.1 192.168.0.2 (see above) (go into DNS management - might be slightly different in the toy version (SBS) right click on the server icon at the top - properties and then forwarders.

What do you get when you do nslookup www.google.com

do you get something like...

*** Can't find server name for address 192.168.0.1:

If you do then you dont have a PTR record for the server name (ie It cant do a reverse lookup on its own name) - which probably means the reverse lookup zone hasnt been created..

Under Forward Lookup zones you should have one... _msdcs.domainname.local or similar

and one for domainname.local or similar.

PS.. If your using AD I wouldnt recommend you reconfigure DNS by turnining into a caching only server, the _MSDCS entries are kinda important!

Expand Reverse lookup zones.. if its empty then right click on this and choose new zone choose primary zone, accept defaults on next boxes... When it asks for the network ID enter 10.0.0 (or appropriate for your network), click next, next finish.

You can then right click on the 10.0.0.x subnet entry and choose new pointer for the host number enter the last digit of the server ip add, in my example 1 10.0.0.1

then enter the hostname as servername.domainname.local (replace with your details)

The reverse lookup zones dont effect windows 2003's ability to forward the dns requests to an ISPs dns server though.

The slow network logon, was probably down to the gpo you had set, but that also prevents things from starting up before the network is up.

also do the nslookup on domainname.local and let us know the results.

David

Tony_W

Thaks David.

Unfortunately I got this after deciding to rebuild the Server again.

Having disconnected the RAID drives and DVD R/W plus other bit sn bats it reloaded perfectly and I now have a fully working server and 5 Pc's.
The login was solved by making the primary DNS the Server LAN IP. It's fast as anything now.

Thanks for your help (and Steves) anyway. I knew Scoobynet wouldn't let me down