MS DNS and a hosts file

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,166
I have a Win2K3 active directory structure with two servers serving up DNS records.

I've recently received the list of google services that can be accessed locally and made a hosts file.

I've put the hosts file into c:\windows\system32\drivers\etc on each of the servers.

Each server resolves dns records correctly.

However, the clients are still resolving DNS records to the old IP addresses.

How do I tell MS DNS to look at the hosts file before checking the forwarders?

Thanks.
 

Franna

Expert Member
Joined
Apr 18, 2005
Messages
2,158
Add this to the login script of the AD Domain Controller:

COPY \\server\SYSVOL\domain\scripts\hosts. %windir%\system32\drivers\etc\ /Y
 

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,166
Thank you, Franna, but what about the guys who aren't part of the AD (like smartphones and the like on our network - especially the Android phones) who use the same servers to do their DNS resolution.
 

Franna

Expert Member
Joined
Apr 18, 2005
Messages
2,158
Then you have to add static DNS entries in your DNS server database.
 

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,166
If I go and create a domain google.co.za on my DNS and I then add these hosts:

196.23.168.147 www.google.co.za
196.23.168.147 books.google.co.za
196.23.168.147 maps.google.co.za

MS DNS will serve them up when people query the records, but if somebody does a query for something down the line, let's say newservice.google.co.za, the name lookup will fail.

This is all well and fine as long as I'm around to add newservice. to the DNS records, but what happens if I get run over by a taxi on my way home from work tonight?
 

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,166
If I go and create a domain google.co.za on my DNS and I then add these hosts:

196.23.168.147 www.google.co.za
196.23.168.147 books.google.co.za
196.23.168.147 maps.google.co.za

MS DNS will serve them up when people query the records, but if somebody does a query for something down the line, let's say newservice.google.co.za, the name lookup will fail.

This is all well and fine as long as I'm around to add newservice. to the DNS records, but what happens if I get run over by a taxi on my way home from work tonight?
 

alchamy

Expert Member
Joined
Nov 14, 2004
Messages
1,636
This is all well and fine as long as I'm around to add newservice. to the DNS records, but what happens if I get run over by a taxi on my way home from work tonight?

Then you won't have to worry about DNS host entries for some time...

If I understand correctly you want to force certain subdomain lookups without affecting the domain as a whole using a windows dns server in which case don't create a zone for google.co.za, create a zone for each FQDN and create your A record inside that Zone with a blank host and no PTR record since you won't have reverse.

I slapped this page together quickly to help
 

The_Unbeliever

Honorary Master
Joined
Apr 19, 2005
Messages
103,196
Whilst on this topic, also related.

We got the one Win2k3 server dishing out DHCP and DNS requests. This server also handles out DNS requests for Internet usage. The firewall is a Smoothwall, and the Win2k3 server retrieves its DNS information from the Smoothwall.

Now, I've found that, for some odd reason, our servers DNS records should be pointing to the inside subnet of our network, but it doesn't. Sometimes the IP's get substituted by external IP's, causing hassles for my users as they can't access services on the servers due to the DNS and IP's not matching.

Any way of hardcoding the servers IPs in DNS so that these cannot be replaced by outside IP's?

Regards

Libs
 

alchamy

Expert Member
Joined
Nov 14, 2004
Messages
1,636
Taking a guess at your config and layout but check the following;

1. Clients only see the Win2k3 DNS server and not any others (if smoothwall is secondary you will need to configure smoothwall to use win2k3 as the authority for your domain)
2. The Win2k3 server is configured with your zone as primary and set to lookup everything it does not have (right click on the server name in the DNS manager and check the forwarders TAB)
3. Servers are on Static IP addresses I assume, you could add A (HOST) records to win2k3 and smoothwall if you don't mind a little manual work

Have not played around with Smoothwall in years but I suspect you can just use dnsmasq to forward queries if it is not available in the gui somewhere.

EDIT: Making a huge assumption that its a small-medium network in which case point 3 would be neat since you can offer some redundancy then by having a primary and secondary which both contain all the important information.

The pro way would be to forward your DNS registers etc but thats possibly more than you are after
 
Last edited:

portcullis

Cape Connect Internet Rep
Company Rep
Joined
Oct 7, 2008
Messages
1,166
Then you won't have to worry about DNS host entries for some time...

If I understand correctly you want to force certain subdomain lookups without affecting the domain as a whole using a windows dns server in which case don't create a zone for google.co.za, create a zone for each FQDN and create your A record inside that Zone with a blank host and no PTR record since you won't have reverse.

I slapped this page together quickly to help

Flippin' beaut!!!!

Is there a way to give karma or show thanks on this forum?

Thank you very much this is exactly what I need.
 
Top