Configuring DNS for Windows Networks – The Basics

I’ve seen a lot of basic DNS done wrong; and it can wreak havoc on your internal network, as well as cause slow internet browsing. What we’re going to review today is your basic DNS configuration on a Windows network, to make sure you’ve got a solid baseline. I’d recommend trying the troubleshooting techniques and tools within, as they will come in handy if you work with computers in any capacity.

What is DNS? DNS is Domain Name Service, and it converts IP addresses to Domain and host names, so you don’t have to remember an IP address. It does much more than that of course, however that is the base use. We’ll get into more DNS uses later.

Example: Microsoft.com is actually hosted at the IP address 134.170.188.221

This is for my North American location, this IP will be different depending on where you are in the world because you will be routed to different servers. Isn’t Microsoft.com easier to remember?

The items within this article may seem a little sporadic, but if you go through the steps methodically, you’ll see why it’s important to check all of these areas. You will also find helpful commands throughout.

Basically, there are 3 steps to ensure proper DNS resolution in a Windows network.

  1. Ensure your local DNS server works.
  2. Ensure you have DNS forwarders setup correctly.
  3. Ensure your DHCP Server is handing out the right DHCP server to clients.

Does my DNS Server work?

The NSLOOKUP command will be the fastest, easiest option here. It’s going to use your primary DNS server to lookup DNS entries. I use this basic troubleshooting technique ALL THE TIME. If you cannot connect to a server, a website, or a computer; you need to check and see if it can be found on your DNS Server. If it does come back with an IP address; you can PING that IP address to ensure the host or server is up. (That option may not work for everything, as many domains and hosts are not ‘pingable’ across the web – as in, just because you can’t ping it, doesn’t mean it’s not alive. This technique mostly applies to internal networks).

 

NSlookup

As you see here, my DNS server is 64.59.135.145 – That is my Internet Service Providers’ DNS server. Like most ISP’s; it is only usable if you are using one of their internet connection. You may have your DNS server set to ‘192.168.1.1’, which is more than likely your routers’ IP address. You may be using an internal DNS server; which will come later.

Check your DNS Forwarders

  1. Log into your DNS server (you will get the IP address from IPCONFIG /all)
  2. Open DNS Manager from All Programs -> Administrative Tools -> DNS. Or type ‘DNSmgmt.msc’ in the command prompt.
  3. Follow the steps below to check your forwarders.

 DNSForwarder

Your first forwarder is likely your Internet service providers’ DNS. If you don’t know what this is, you should have gotten an email when you setup your internet connection. Note this may change, so you should call your provider from time to time to ensure you have the most recent DNS server.

Why would you want to use your ISP’s DNS? Most likely, it’s going to be the fastest DNS server available. A lot of providers today are also setting up some basic protection for DNS, such as blocking known bad sites.

Other DNS servers you may see are Google’s DNS servers. (8.8.8.8 and 8.8.4.4). These are generally safe and fairly fast. In the even your ISP’s DNS doesn’t work, Google is certainly a good alternative.

DNS Servers such as 4.2.2.2 and 4.2.2.1 are very popular, long used DNS servers and are generally seen as safe and reliable, but again they are not usually as fast as your ISP.

You’ll see whether or not they are validated in the right hand pane. This means Windows has tested the server and it does indeed do DNS resolution.

DNS for DHCP

In a Windows network, your DHCP server is giving your client machines their DNS servers. Make sure the primary and secondary DNS servers are working and accessible. If you don’t know what the current DNS server is, you can check it by running IPCONFIG /ALL from the command prompt. (Without the /ALL switch, it won’t show you your DNS servers).

DHCP

I go to client sites all the time that don’t have the proper DNS servers listed for clients. By checking your DNS servers using the command above, you should be able to log into that server and ensure it has the DNS role installed and forwarders are setup correctly. See below for how to check this in DHCP.

Check your DHCP settings

  1. Log into your DHCP server (you can tell what it is by looking at the results of IPCONFIG /all)
  2. Open DHCP Manager from All Programs -> Administrative Tools -> DHCP. Or type ‘dhcpmgmt.msc’ in the command prompt.
  3. Follow the steps below to check your DNS servers given out by DHCP.

DHCPServer

Note that this will ensure that your client PC’s can access local servers, and also that you have access to working forwarders, in the event that you need to find DNS names for servers out in the wild.

DNS Queries:

Use the following methods to do a DNS query; this comes in handy for troubleshooting DNS no matter what your goals.

  1. Type Microsoft.com (or a local server name, or your favorite website) in your internet browser – your computer may have the address in the DNS cache already; so the DNS query may stop there.
    1. How do I figure out if it’s in my cache? I use ‘ipconfig /displaydns | more’ in the command prompt.
      1. ‘IPCONFIG /displaydns’ will show all the current entries in your dns cache, the only problem is that it will skip past to the end.
      2. When you use ‘ipconfig /displaydns | more’ ; the | MORE part of the command will ensure it only displays entries one page at a time, so you don’t skip past all the entries. *Note that using | MORE can be used in almost every command to show you one page at a time.
  • If you want to output the entries to file for later review; you can use the following command to pipe the output to a file. ‘ipconfig /displaydns > C:\DNScache.txt’ . The ‘>’ after the command tells the command prompt that you want to output to a file. C:\DNScache.txt is the filename, and you can choose what name and format you’d like to use.
  • Have you changed an internal server IP address? If so, your PC or laptop may be using an old DNS entry from your cache. Use ‘ipconfig /flushdns’

Additional items of note:

  1. Checking your DNS servers may help you indicate whether a machine is infected with malware or a virus. Oftentimes, Malware will have your machine point to another DNS server so it can re-direct your web traffic.
  2. Sometimes, people will bring home routers in that will have a DHCP server built in. This will often hands out incorrect IP addresses and DNS servers. If you have machines that are getting weird IP addresses and DNS servers – you probably want to check if there is a rogue DHCP server on the network. Download the simple app from created by Microsoft here.

 

These basics will get you through the day, however your needs may be far more complex – we can help! Contact us at support@mountaininfosys.ca and we can do an audit for you.

References:

http://www.tummy.com/articles/famous-dns-server/

http://en.wikipedia.org/wiki/Domain_Name_System

http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol

https://technet.microsoft.com/en-ca/library/cc754941.aspx

2 comments on “Configuring DNS for Windows Networks – The Basics”

  1. Elaiyavanan Reply

    Hi Mr.Justin MacKinnon
    First i convey my thanks to you your post is very useful for DNS basics and troubleshooting

Leave a Reply

Your email address will not be published. Required fields are marked *

Google+