DNS servers

Discussion in 'MCDST' started by Keith Chilton, Apr 23, 2007.

  1. I was curious if anyone knew of any legality articles concerning DNS servers
    out there on the Internet? If your ISP gives you a DNS server but you use a
    different one? Is that so wrong?

    --
    Keith Chilton - MCDST, MCP
    Data Services Technician
    River Valley Financial Bank
    430 Clifty Drive
    Madison, IN 47250
    812-273-4949 ext 348
    Phone (812) 273-4949 Ext. 348 Fax (812) 265-6730

    ****River Valley Financial Bank, Internet Email Confidentiality Footer****
    Privileged/Confidential Information may be contained in this message. If you
    are not the addressee indicated in this message (or responsible for delivery
    of the message to such person), you may not copy or deliver this message to
    anyone. In such case, you should destroy this message, and notify us
    immediately. If you or your employer does not consent to Internet email
    messages of this kind, please advise us immediately. Opinions, conclusions
    and other information expressed in this message are not given or endorsed by
    my firm or employer unless otherwise indicated by an authorized
    representative independent of this message.
     
    Keith Chilton, Apr 23, 2007
    #1
    1. Advertising

  2. Keith Chilton

    catwalker63 Guest

    Keith Chilton piffled away vaguely:

    > I was curious if anyone knew of any legality articles concerning DNS servers
    > out there on the Internet? If your ISP gives you a DNS server but you use a
    > different one? Is that so wrong?
    >

    I'm not sure what you mean by your ISP giving you one. Weird. I don't
    reference my ISP's DNS server from my workstation if that's what you
    mean. I have my own. And that's not wrong. Micrsoft's DNS client,
    that's another story. That's a crime, that's what that is.
    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
     
    catwalker63, Apr 24, 2007
    #2
    1. Advertising

  3. If you have a "sticky" IP address given to you (because you requested it),
    you will also be given DNS servers to use because you're not DHCP enabled.
    Just checking out your own IP configuration will show you the DNS servers
    you have been assigned by your ISP. My question is if you manually set those
    to other DNS servers out there on the internet, is that "wrong"? DNS is a
    distributed database so I don't see that much wrong with it. Especially if
    the DNS server you have been given tends to get "maintenanced" quite a bit
    by your ISP. It's always fun not being told about the "maintenance" and not
    having Internetion connectivity.

    "catwalker63" <> wrote in message
    news:D...
    > Keith Chilton piffled away vaguely:
    >
    >> I was curious if anyone knew of any legality articles concerning DNS
    >> servers
    >> out there on the Internet? If your ISP gives you a DNS server but you use
    >> a
    >> different one? Is that so wrong?
    >>

    > I'm not sure what you mean by your ISP giving you one. Weird. I don't
    > reference my ISP's DNS server from my workstation if that's what you
    > mean. I have my own. And that's not wrong. Micrsoft's DNS client,
    > that's another story. That's a crime, that's what that is.
    > --
    >
    > Catwalker
    > MCNGP #43
    > www.mcngp.com
    > "I have a gun. It's loaded. Shut up."
    >
     
    Keith Chilton, Apr 24, 2007
    #3
  4. Keith Chilton

    catwalker63 Guest

    Keith Chilton piffled away vaguely:

    > If you have a "sticky" IP address given to you (because you requested it),
    > you will also be given DNS servers to use because you're not DHCP enabled.
    > Just checking out your own IP configuration will show you the DNS servers
    > you have been assigned by your ISP. My question is if you manually set those
    > to other DNS servers out there on the internet, is that "wrong"? DNS is a
    > distributed database so I don't see that much wrong with it. Especially if
    > the DNS server you have been given tends to get "maintenanced" quite a bit
    > by your ISP. It's always fun not being told about the "maintenance" and not
    > having Internetion connectivity.


    Turn off the ones the ISP gave you and build your own. Lock 'em out.

    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
     
    catwalker63, Apr 24, 2007
    #4
  5. I wouldnt have the foggiest about doing that. Nor would I probably have the
    time to do that... haha

    "catwalker63" <> wrote in message
    news:...
    > Keith Chilton piffled away vaguely:
    >
    >> If you have a "sticky" IP address given to you (because you requested
    >> it),
    >> you will also be given DNS servers to use because you're not DHCP
    >> enabled.
    >> Just checking out your own IP configuration will show you the DNS servers
    >> you have been assigned by your ISP. My question is if you manually set
    >> those
    >> to other DNS servers out there on the internet, is that "wrong"? DNS is a
    >> distributed database so I don't see that much wrong with it. Especially
    >> if
    >> the DNS server you have been given tends to get "maintenanced" quite a
    >> bit
    >> by your ISP. It's always fun not being told about the "maintenance" and
    >> not
    >> having Internetion connectivity.

    >
    > Turn off the ones the ISP gave you and build your own. Lock 'em out.
    >
    > --
    >
    > Catwalker
    > MCNGP #43
    > www.mcngp.com
    > "I have a gun. It's loaded. Shut up."
    >
     
    Keith Chilton, Apr 24, 2007
    #5
  6. Keith Chilton

    John R Guest

    "Keith Chilton" <> wrote in message
    news:...
    > If you have a "sticky" IP address given to you (because you requested it),
    > you will also be given DNS servers to use because you're not DHCP enabled.
    > Just checking out your own IP configuration will show you the DNS servers
    > you have been assigned by your ISP. My question is if you manually set
    > those to other DNS servers out there on the internet, is that "wrong"? DNS
    > is a distributed database so I don't see that much wrong with it.
    > Especially if the DNS server you have been given tends to get
    > "maintenanced" quite a bit by your ISP. It's always fun not being told
    > about the "maintenance" and not having Internetion connectivity.
    >


    As I recall, when we setup one of our WAN connections, the ISP gave us the
    addresses of a couple of their DNS servers that we could use if we wanted.
    But, like most companies, we had our own. We didn't want to have to get
    them involved everytime we wanted to put a new hostname up, or change the
    address of our mail server. Once your registered name (if you have one) is
    associated with your IP, the ISPs DNSs are simply a freebee, not a
    requirement. Your DNS servers are more than capable of recursive
    resolution, there is nothing special about the ISPs. If you want, point
    your DNS forwarders to their servers and let their servers do the work.
    However, that is considered impolite by most people, even if it does
    conserver a little bandwidth on your end.

    John
     
    John R, Apr 25, 2007
    #6
  7. We just use the DNS servers given to us because that is what works, not
    because we're being impolite. If nothing is in the DNS forwarders, how do
    you get your DNS requests to access the Internet? You said something about
    recursive resolution so I'm sure that has to do with it. Do you just put the
    IP address of yourself in the forwarder section? I've never attempted that.
    I just don't know DNS in great detail but I plan on learning it much more
    thoroughly pretty soon. Thanks John!

    "John R" <jsr^^^813@zoom^^^internet.net> wrote in message
    news:...
    >
    > "Keith Chilton" <> wrote in message
    > news:...
    >> If you have a "sticky" IP address given to you (because you requested
    >> it), you will also be given DNS servers to use because you're not DHCP
    >> enabled. Just checking out your own IP configuration will show you the
    >> DNS servers you have been assigned by your ISP. My question is if you
    >> manually set those to other DNS servers out there on the internet, is
    >> that "wrong"? DNS is a distributed database so I don't see that much
    >> wrong with it. Especially if the DNS server you have been given tends to
    >> get "maintenanced" quite a bit by your ISP. It's always fun not being
    >> told about the "maintenance" and not having Internetion connectivity.
    >>

    >
    > As I recall, when we setup one of our WAN connections, the ISP gave us the
    > addresses of a couple of their DNS servers that we could use if we wanted.
    > But, like most companies, we had our own. We didn't want to have to get
    > them involved everytime we wanted to put a new hostname up, or change the
    > address of our mail server. Once your registered name (if you have one)
    > is associated with your IP, the ISPs DNSs are simply a freebee, not a
    > requirement. Your DNS servers are more than capable of recursive
    > resolution, there is nothing special about the ISPs. If you want, point
    > your DNS forwarders to their servers and let their servers do the work.
    > However, that is considered impolite by most people, even if it does
    > conserver a little bandwidth on your end.
    >
    > John
    >
     
    Keith Chilton, Apr 25, 2007
    #7
  8. Keith Chilton

    John R Guest

    "Keith Chilton" <> wrote in message
    news:%...
    > We just use the DNS servers given to us because that is what works, not
    > because we're being impolite. If nothing is in the DNS forwarders, how do
    > you get your DNS requests to access the Internet? You said something about
    > recursive resolution so I'm sure that has to do with it. Do you just put
    > the IP address of yourself in the forwarder section? I've never attempted
    > that. I just don't know DNS in great detail but I plan on learning it much
    > more thoroughly pretty soon. Thanks John!
    >
    >>
    >> As I recall, when we setup one of our WAN connections, the ISP gave us
    >> the addresses of a couple of their DNS servers that we could use if we
    >> wanted. But, like most companies, we had our own. We didn't want to have
    >> to get them involved everytime we wanted to put a new hostname up, or
    >> change the address of our mail server. Once your registered name (if you
    >> have one) is associated with your IP, the ISPs DNSs are simply a freebee,
    >> not a requirement. Your DNS servers are more than capable of recursive
    >> resolution, there is nothing special about the ISPs. If you want, point
    >> your DNS forwarders to their servers and let their servers do the work.
    >> However, that is considered impolite by most people, even if it does
    >> conserver a little bandwidth on your end.
    >>
    >> John
    >>

    >

    When you setup DNS, you can have it do recursive resolution, or you can have
    it forward the request to another DNS server. Let's look at each.
    (Learning DNS can take a whole book, this is the reader's digest condensed
    version, with a lot of points left out).

    If your DNS does recursion, and your client submits a request for
    'www.xyz.com', your DNS will check it's cache to see if it has cached the
    address for that. If not, then your DNS will have something called "root
    hints" to contact a root server who is authorative for the ".com" domain.
    Your DNS will then contact that DNS to find out where xyz.com is. Your DNS
    will then contact that DNS for the host record for 'www.xyz.com'. Then,
    your DNS will cache the result and return that result to you so that your
    client can contact the host. This process of finding the desired host is
    called recursion.

    If you like, you can setup your DNS to point to a 'forwarder'. So, if your
    DNS is not authorative for 'xyz.com' and does not have 'xyz.com' or
    'www.xyz.com' cached, it will forward the request to another DNS server who
    will go through the recursion process for you and return the resolution of
    'www.xyz.com' to your DNS server, who then caches it and returns it to the
    client..

    Sometimes, if you have multiple DNS servers in your organization, it would
    not be unusual for all of them to forward requests to a single
    well-connected DNS server (either your's, or someone else's) to do recursive
    lookups and simply return the result. This minimizes the DNS traffic on
    your LAN/WAN since you don't have multiple DNS servers doing recursive
    lookups all over the place. In all cases, DNS servers will cache whatever
    they find out (either through recursion or through the result of a forwarded
    request) so that they don't have to do that again if they don't have to.
    Now you get into TTL times, etc, but I digress.

    In a nutshell, that is a brief outline of how DNS works. Again, there are
    lots of other things about DNS such as zones, zone replications, yada yada,
    but this should explain what I meant. When you get to the MCSA/MCSE core
    tests, you will study this in much much more detail.

    John
     
    John R, Apr 26, 2007
    #8
  9. Thanks John that all makes sense. :) I have seen the root hints before in
    the DNS setup. Is recursion not used by default though? If it were, why
    would we ever fail finding our internet sites when these forwarder sites are
    not working? We wouldnt! So it must not be enabled by default. I will go
    back to the root hints and check that out shortly. I would be glad to get
    rid of the forwarders altogether. I will also be very glad to enhance my
    knowledge on DNS servers in the future.

    What is really kicking my butt at work right now is all of our branches
    different subnets. That coupled with the Computer Browser service seeing PCs
    in Network Neighborhood. ugh. I need to be more educated in these areas.
    Especially the Computer Browser thing. I know it's a service that can be
    enabled and you can designate Master browsers but it still doesnt seem to
    work. I even found it's settings in the registry to modify but to no avail.
    Certain PCs see others on the Network neighborhood and others "just dont"
    see anything but themselves. Stupid things haha

    "John R" <jsr^^^813@zoom^^^internet.net> wrote in message
    news:%...
    >
    > "Keith Chilton" <> wrote in message
    > news:%...
    >> We just use the DNS servers given to us because that is what works, not
    >> because we're being impolite. If nothing is in the DNS forwarders, how do
    >> you get your DNS requests to access the Internet? You said something
    >> about recursive resolution so I'm sure that has to do with it. Do you
    >> just put the IP address of yourself in the forwarder section? I've never
    >> attempted that. I just don't know DNS in great detail but I plan on
    >> learning it much more thoroughly pretty soon. Thanks John!
    >>
    >>>
    >>> As I recall, when we setup one of our WAN connections, the ISP gave us
    >>> the addresses of a couple of their DNS servers that we could use if we
    >>> wanted. But, like most companies, we had our own. We didn't want to
    >>> have to get them involved everytime we wanted to put a new hostname up,
    >>> or change the address of our mail server. Once your registered name (if
    >>> you have one) is associated with your IP, the ISPs DNSs are simply a
    >>> freebee, not a requirement. Your DNS servers are more than capable of
    >>> recursive resolution, there is nothing special about the ISPs. If you
    >>> want, point your DNS forwarders to their servers and let their servers
    >>> do the work. However, that is considered impolite by most people, even
    >>> if it does conserver a little bandwidth on your end.
    >>>
    >>> John
    >>>

    >>

    > When you setup DNS, you can have it do recursive resolution, or you can
    > have it forward the request to another DNS server. Let's look at each.
    > (Learning DNS can take a whole book, this is the reader's digest condensed
    > version, with a lot of points left out).
    >
    > If your DNS does recursion, and your client submits a request for
    > 'www.xyz.com', your DNS will check it's cache to see if it has cached the
    > address for that. If not, then your DNS will have something called "root
    > hints" to contact a root server who is authorative for the ".com" domain.
    > Your DNS will then contact that DNS to find out where xyz.com is. Your
    > DNS will then contact that DNS for the host record for 'www.xyz.com'.
    > Then, your DNS will cache the result and return that result to you so that
    > your client can contact the host. This process of finding the desired
    > host is called recursion.
    >
    > If you like, you can setup your DNS to point to a 'forwarder'. So, if
    > your DNS is not authorative for 'xyz.com' and does not have 'xyz.com' or
    > 'www.xyz.com' cached, it will forward the request to another DNS server
    > who will go through the recursion process for you and return the
    > resolution of 'www.xyz.com' to your DNS server, who then caches it and
    > returns it to the client..
    >
    > Sometimes, if you have multiple DNS servers in your organization, it would
    > not be unusual for all of them to forward requests to a single
    > well-connected DNS server (either your's, or someone else's) to do
    > recursive lookups and simply return the result. This minimizes the DNS
    > traffic on your LAN/WAN since you don't have multiple DNS servers doing
    > recursive lookups all over the place. In all cases, DNS servers will
    > cache whatever they find out (either through recursion or through the
    > result of a forwarded request) so that they don't have to do that again if
    > they don't have to. Now you get into TTL times, etc, but I digress.
    >
    > In a nutshell, that is a brief outline of how DNS works. Again, there are
    > lots of other things about DNS such as zones, zone replications, yada
    > yada, but this should explain what I meant. When you get to the MCSA/MCSE
    > core tests, you will study this in much much more detail.
    >
    > John
    >
     
    Keith Chilton, Apr 26, 2007
    #9
  10. Keith Chilton

    catwalker63 Guest

    Keith Chilton piffled away vaguely:

    > Thanks John that all makes sense. :) I have seen the root hints before in
    > the DNS setup. Is recursion not used by default though? If it were, why
    > would we ever fail finding our internet sites when these forwarder sites are
    > not working? We wouldnt! So it must not be enabled by default. I will go
    > back to the root hints and check that out shortly. I would be glad to get
    > rid of the forwarders altogether. I will also be very glad to enhance my
    > knowledge on DNS servers in the future.
    >
    > What is really kicking my butt at work right now is all of our branches
    > different subnets. That coupled with the Computer Browser service seeing PCs
    > in Network Neighborhood. ugh. I need to be more educated in these areas.
    > Especially the Computer Browser thing. I know it's a service that can be
    > enabled and you can designate Master browsers but it still doesnt seem to
    > work. I even found it's settings in the registry to modify but to no avail.
    > Certain PCs see others on the Network neighborhood and others "just dont"
    > see anything but themselves. Stupid things haha
    >

    Actually, forwarders and caching servers make things more secure and
    reduce DNS traffic, so you don't wanna get rid of them. You shouldn't
    need to check your root hints either. Recursion is the default for DNS
    servers, usually.

    Network browsing, however, depends on NETBIOS which is a broadcast based
    resolution process by default. If your clients are on other subnets and
    you are not using WINS or some other NBNS on every subnet with
    replication going across the routers, you will have trouble seeing stuff
    in Network Neighborhood. Also, browser elections can create all sorts
    of heavy traffic so you need to make sure all your clients are not
    initiating browser elections every time they boot.
    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
     
    catwalker63, Apr 26, 2007
    #10
  11. Thanks for the great advice catwalker63 It is appreciated. Hopefully I can
    help you sometime..

    I figured out why i was having problems with the "Computer Brower" for
    network neighborhood. The problem was in our group policy we disable the
    Internet Connection Firewall. Apparently "Computer Browser" (browser.dll in
    system32) is too dependent on the ICF. After 5 minutes if the firewalls not
    there, it decides to quit on you. There is a hotfix from MS out there where
    you just replace the browser.dll file. You have to replace it in safe mode
    in the system32 directory and the i386 directory if there... (if you dont do
    it in safe, Windows replaces it back to the original because of Windows File
    Protection)

    It's working much nicer now that I did all that!

    "catwalker63" <> wrote in message
    news:...
    > Keith Chilton piffled away vaguely:
    >
    >> Thanks John that all makes sense. :) I have seen the root hints before in
    >> the DNS setup. Is recursion not used by default though? If it were, why
    >> would we ever fail finding our internet sites when these forwarder sites
    >> are
    >> not working? We wouldnt! So it must not be enabled by default. I will go
    >> back to the root hints and check that out shortly. I would be glad to get
    >> rid of the forwarders altogether. I will also be very glad to enhance my
    >> knowledge on DNS servers in the future.
    >>
    >> What is really kicking my butt at work right now is all of our branches
    >> different subnets. That coupled with the Computer Browser service seeing
    >> PCs
    >> in Network Neighborhood. ugh. I need to be more educated in these areas.
    >> Especially the Computer Browser thing. I know it's a service that can be
    >> enabled and you can designate Master browsers but it still doesnt seem to
    >> work. I even found it's settings in the registry to modify but to no
    >> avail.
    >> Certain PCs see others on the Network neighborhood and others "just dont"
    >> see anything but themselves. Stupid things haha
    >>

    > Actually, forwarders and caching servers make things more secure and
    > reduce DNS traffic, so you don't wanna get rid of them. You shouldn't
    > need to check your root hints either. Recursion is the default for DNS
    > servers, usually.
    >
    > Network browsing, however, depends on NETBIOS which is a broadcast based
    > resolution process by default. If your clients are on other subnets and
    > you are not using WINS or some other NBNS on every subnet with
    > replication going across the routers, you will have trouble seeing stuff
    > in Network Neighborhood. Also, browser elections can create all sorts
    > of heavy traffic so you need to make sure all your clients are not
    > initiating browser elections every time they boot.
    > --
    >
    > Catwalker
    > MCNGP #43
    > www.mcngp.com
    > "I have a gun. It's loaded. Shut up."
    >
     
    Keith Chilton, Apr 26, 2007
    #11
  12. Keith Chilton

    catwalker63 Guest

    Keith Chilton piffled away vaguely:

    > Thanks for the great advice catwalker63 It is appreciated. Hopefully I can
    > help you sometime..
    >
    > I figured out why i was having problems with the "Computer Brower" for
    > network neighborhood. The problem was in our group policy we disable the
    > Internet Connection Firewall. Apparently "Computer Browser" (browser.dll in
    > system32) is too dependent on the ICF. After 5 minutes if the firewalls not
    > there, it decides to quit on you. There is a hotfix from MS out there where
    > you just replace the browser.dll file. You have to replace it in safe mode
    > in the system32 directory and the i386 directory if there... (if you dont do
    > it in safe, Windows replaces it back to the original because of Windows File
    > Protection)
    >
    > It's working much nicer now that I did all that!
    >

    Bonus. There's something I didn't know.

    --

    Catwalker
    MCNGP #43
    www.mcngp.com
    "I have a gun. It's loaded. Shut up."
     
    catwalker63, Apr 26, 2007
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    0
    Views:
    1,125
  2. Michelle Richards

    Genuity DNS servers down?

    Michelle Richards, Jul 25, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    1,378
    Brian H¹©
    Jul 25, 2003
  3. ‡ GateKeeper ‡

    DNS Blacklist servers ?

    ‡ GateKeeper ‡, Sep 21, 2003, in forum: Computer Support
    Replies:
    10
    Views:
    11,415
  4. =?Utf-8?B?ZG91Z2hib3kzMQ==?=

    Implementing dhcp servers and dns servers

    =?Utf-8?B?ZG91Z2hib3kzMQ==?=, Jun 16, 2006, in forum: MCSE
    Replies:
    20
    Views:
    3,129
    Guest
    Jun 24, 2006
  5. Au79
    Replies:
    0
    Views:
    727
Loading...

Share This Page