Without DNS, how am I still able to reach the net?

[venomhed]

Without DNS, how am I still able to reach the net?

My friend and I are absolutely confused as to how our
systems are reaching the internet WITHOUT any DNS server!

I setup an MS DNS server service on a Domain controller
here at home where I do my own labs. The server points to
itself for DNS resolution. The one workstations in this
project also is pointing at the Domain controller for DNS
resolution.

The server dubbed (win2k-server) has a non public IP
address of 10.0.2.50
The workstation dubbed (win2k-work) has a non public IP
address of 10.0.2.60

These are static IP addresses.

The gateway/router is a home SMC router that is issuing
out DHCP but not to these machines. The router/gateway
does use the Pacbell DNS routers in its DHCP. If we do an
IPCONFIG on either the server or the workstation the only
DNS server that shows is 10.0.2.50, the Win2k Domian I
created.

In my DNS, I deleted all the Root Hints.

There are NO forwarders.

I right clicked my DNS sever and cleared the cache

I renamed all the "cache.dns" files to "cache-bak.dns".

I flushed the DNS caches on both systems using the
ipconfig /flushdns command and also used
ipconfig /displaydns to see if there were any entries
left and to confirm the flush. There are NO entries shown
short of the self entries that are normal.

Now that the above has been done BOTH machines are STILL
able to go out to the internet and reach websites, ping
addresses and DNS names etc. Sure it takes a bit longer
(about 5-7 seconds as opposed to 1 previously), but HOW
is this happening? What file(s) is MS DNS getting or what
server does it know to contact and retrieve this info
when I thought everything was deleted, renamed and
flushed that MS DNS uses?

If the DNS Server is stopped the workstation stops as
well proving that the workstation is going to the server
for DNS resolution and that the server DNS service is
running correctly.

We are both lost on this one.

Thanks

 

[Kevin D. Goodknecht Sr. [MVP]]

In

Without DNS, how am I still able to reach the net?

My friend and I are absolutely confused as to how our
systems are reaching the internet WITHOUT any DNS server!

I setup an MS DNS server service on a Domain controller
here at home where I do my own labs. The server points to
itself for DNS resolution. The one workstations in this
project also is pointing at the Domain controller for DNS
resolution.

The server dubbed (win2k-server) has a non public IP
address of 10.0.2.50
The workstation dubbed (win2k-work) has a non public IP
address of 10.0.2.60

These are static IP addresses.

The gateway/router is a home SMC router that is issuing
out DHCP but not to these machines. The router/gateway
does use the Pacbell DNS routers in its DHCP. If we do an
IPCONFIG on either the server or the workstation the only
DNS server that shows is 10.0.2.50, the Win2k Domian I
created.

In my DNS, I deleted all the Root Hints.

There are NO forwarders.

I right clicked my DNS sever and cleared the cache

I renamed all the "cache.dns" files to "cache-bak.dns".

I flushed the DNS caches on both systems using the
ipconfig /flushdns command and also used
ipconfig /displaydns to see if there were any entries
left and to confirm the flush. There are NO entries shown
short of the self entries that are normal.

Now that the above has been done BOTH machines are STILL
able to go out to the internet and reach websites, ping
addresses and DNS names etc. Sure it takes a bit longer
(about 5-7 seconds as opposed to 1 previously), but HOW
is this happening? What file(s) is MS DNS getting or what
server does it know to contact and retrieve this info
when I thought everything was deleted, renamed and
flushed that MS DNS uses?

If the DNS Server is stopped the workstation stops as
well proving that the workstation is going to the server
for DNS resolution and that the server DNS service is
running correctly.

We are both lost on this one.

Thanks

Even if you delete the Root hints they will be reloaded out of the Active
Directory Database. What you did is exactly what you do when the root hints
become corrupted.
If you want to stop your server from reloading root hints it is pretty
simple create an empty root "." Forward Lookup Zone. This will convert it to
a root server it will not load root hints, it cannot use a forwarder.
You can also disable recursion on the Advanced tab. This will stop your DNS
from making recursive lookups and prevent it from using its forwarders if
you have defined one. It will still do simple lookups of cached records but
as they expire they will not be refreshed.

 

[Jonathan de Boyne Pollard]

v> In my DNS [server], I deleted all the Root Hints.

You didn't mention restarting the server.

 

[Venomhed]

-----Original Message-----
In venomhed <[email protected]> posted their concerns
Then Kevin made his reply below:

Even if you delete the Root hints they will be reloaded out of the Active
Directory Database. What you did is exactly what you do when the root hints
become corrupted.
If you want to stop your server from reloading root hints it is pretty
simple create an empty root "." Forward Lookup Zone. This will convert it to
a root server it will not load root hints, it cannot use a forwarder.
You can also disable recursion on the Advanced tab. This will stop your DNS
from making recursive lookups and prevent it from using its forwarders if
you have defined one. It will still do simple lookups of cached records but
as they expire they will not be refreshed.




.

Thanks Kevin for the reply. Your theory did work btw.

The last question I have on this topic though is this. Is
there a way to put those Root Hints back into DNS other
than manually? I deleted them but made an image of all
the numbers and DNS names so that I could enter them in
manually if needed. This is my lab so I dont really need
to do that but wanted to know if there was some restore
feature.

Thanks!

 

[venomhed]

-----Original Message-----
In venomhed <[email protected]> posted their concerns
Then Kevin made his reply below:

Even if you delete the Root hints they will be reloaded out of the Active
Directory Database. What you did is exactly what you do when the root hints
become corrupted.
If you want to stop your server from reloading root hints it is pretty
simple create an empty root "." Forward Lookup Zone. This will convert it to
a root server it will not load root hints, it cannot use a forwarder.
You can also disable recursion on the Advanced tab. This will stop your DNS
from making recursive lookups and prevent it from using its forwarders if
you have defined one. It will still do simple lookups of cached records but
as they expire they will not be refreshed.




.

Kevin,

Again thank you for your response. You again were correct
and I was typing in the wrong FQDN! Stupid mistake on my
part. However, why is Netbios over TCP/IP enabled by
default?

Thanks

 

[chris]

For the root hints to be reloaded out of the Active Directory database,
wouldn't the DNS server have to be set as Active Directory-integrated zone ?

thanks
chris