I'm trying to figure out how one goes about setting up DNS in a setup like at my work. We have:
- A "business" DSL line that is just a home DSL line with a dedicated IP address
- A Sonicwall router (NAT/VPN) appliance connected to the DSL modem (192.168.1.1)
- A Windows Server 2008 R2 box running Active Directory and DNS (192.168.1.2)
Each PC on our network is configured to use 192.168.1.2 as DNS, using manually-configured IP addresses. DHCP is enabled on the Sonicwall for VPN clients, not used for our workstations.
The server's NIC is configured to use:
127.0.0.1
75.154.132.100
75.154.132.68
The second and third entries are our ISP's DNS servers.
The problem is that while everything works, DNS resolution is absurdly slow for internet sites. Using GRC's DNSBench.exe, uncached requests to 192.168.1.2 are taking 3849 ms! Connecting to our ISP's DNS servers directly takes about 100 ms for the same uncached requests.
Thanks for any help – I really don't know what I'm doing here. Hah.
Best Answer
Drop your ISP's DNS servers out of your client's and your server's config. Once you've done that, add those servers as "forwarders" in the DNS server setup on the 2008R2 box.
With this setup, your clients will send all of their DNS queries to the server, and for queries the server is not authoritative for (basically anything outside your AD domain), it will recursively query your upstream ISP's DNS servers and then return the answer to your clients.