Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » How do you tell KMS to use a particular DNS?
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
Hello,

Can someone tell me how to tell KMS to use a specified DNS ip-address and not the one from the Internal Nic? or even to use the one from the External Nic?

Thanks in advance,

Rene.
  •  
jshaw541

Messages: 471
Karma: 0
Send a private message to this user
I don't believe that there is any way to configure this within KMS itself. I'm not sure as to your network setup because you didn't give much information, could you provide us with more information about your motives and goals by doing this?

This would allow me to give you a better answer.

Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
I have a local DNS server on port 127.0.0.1 (same box for Active Directory) but because this one does not work properly I want to use the one that is on the external nic.

Because when I tell the Internal Nic to use the external DNS Server I do not have any problems with checking Spamelimators but with the DNS Server pointing to the Internal DNS Server I get a host not found even that it worked with changing back to the other config.

Also when I leave the Internal Nic of the box pointing to the external DNS Server the internal machines stop finding there webpages. This drives me sometimes a bit insane.

Rene.

Config for this client is:

ADSL Modem (DHCP/DNS/FW) <--> Win2k BOX (AD, DNS, WFG/KMS) <--> Internal Network

[Updated on: Mon, 17 May 2004 18:43]

  •  
RHarmsen.nl

Messages: 189

Karma: 0
Send a private message to this user
I think you could beter fix your local DNS than trying to get Kerio on another DNS server
  •  
jshaw541

Messages: 471
Karma: 0
Send a private message to this user
I'm pretty confused as to why you have things setup the way you do here. This is how things "should be" configured:

- Configure internal network users to use AD/KMS server's internal IP for DNS.

- Configure AD/KMS server as DNS server (already done?). Next, configure your AD/KMS/DNS server to use DNS forwarding, and point the forwarder settings to either your ADSL router's DNS service or much preferably your upstream ISP's DNS servers. I would disable the ADSL router's DNS service and take it out of the equation. Most DSL router implementations of a DNS service seem horribly flakey.

This means that for whatever queries the server cannot provide an authorative answer, it'll ask one of the forward ip's for an answer and return the response to the client.

- Then, configure the AD/KMS server to use the IP of either its internal interface (preferred) or it's external interface. Do not use 127.0.0.1 (loopback).

Properly configured, this will fix all of your listed problems.

Internal network ---DNS---> AD/KMS Server ===FWD DNS===> ISP DNS Servers

HTH


bronco wrote on Mon, 17 May 2004 18:41

I have a local DNS server on port 127.0.0.1 (same box for Active Directory) but because this one does not work properly I want to use the one that is on the external nic.

Because when I tell the Internal Nic to use the external DNS Server I do not have any problems with checking Spamelimators but with the DNS Server pointing to the Internal DNS Server I get a host not found even that it worked with changing back to the other config.

Also when I leave the Internal Nic of the box pointing to the external DNS Server the internal machines stop finding there webpages. This drives me sometimes a bit insane.

Rene.

Config for this client is:

ADSL Modem (DHCP/DNS/FW) <--> Win2k BOX (AD, DNS, WFG/KMS) <--> Internal Network


Kerio MailServer 6.7.1 w/AD
Windows Server 2003 SP 1
Dell PowerEdge 2850 (Dual Xeon 3.2ghz and 2 GB RAM)
~1300 users
~1000+ concurrent IMAPS connections
iPhone users
Outlook 2007 KOFF users
Apple iCal 10.5/10.6 users
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
Hello Guys,

I checked the config and as you say I am using the internal network as suggested 192.168.0.10 on the client pc's as DNS Server and on the Internal Nic site of KMS.

But when I go into MS DNS Server and click on the properties tab of the Server and choose the tab Forwarding it tells me "Forwarders are not available because this is a root server".

So in this way I am stuck with forwarding or is there another way of handeling it.

Rene.

PS.
I have starting to mess with things because of the following messages that I am getting in the Debug log:

[19/May/2004 01:16:19][704] {queue} SEND_MX: Started delivery of queued message id=40aa993f-00000064 sender=<>
[19/May/2004 01:16:19][704] {queue} SEND_MX: Delivering to remote domain ungrateful.co.uk...
[19/May/2004 01:16:19][704] {dns} Searching cache for MX records for host ungrateful.co.uk
[19/May/2004 01:16:19][704] {dns} Searching DNS for MX records for domain ungrateful.co.uk
[19/May/2004 01:16:19][704] {dns} Querying server no. 1, address 192.168.0.10
[19/May/2004 01:16:19][704] {dns} Got answer
[19/May/2004 01:16:19][704] {dns} Host not found
[19/May/2004 01:16:19][704] {queue} SEND_MX: Delivery to domain ungrateful.co.uk finished, 0 recipients succeeded
[19/May/2004 01:16:19][704] {queue} SEND_MX: Delivery finished

Resulting this in the Mail Log:
19/May/2004 01:16:15] DSN: From: <>, To: <ethel<at>ungrateful.co.uk>, Size: 2450, Report: failed

[Updated on: Wed, 19 May 2004 01:40]

  •  
roope.vankka

Messages: 24
Karma: 0
Send a private message to this user
Hi!

Perhaps your MS DNS is not working properly.

If you can not see root hints in MS DNS Root Hints tab, your server's dns do not work.

In W2k Server there was no possibility to get root hints afterwards, and the only way was to recreate the w2k domain.

To get your domain to work perfectly, you must get your DNS to work also.

-Joke
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
Hello Roope,

I looked at the Root Hints tab and it is there except it is grayed out. I am not able to add anything in there because it gives me the same stuff namely "Root hints are not required because this is a root server".

Everything seems to be working on the AD/DNS site of things except when you want to do the more interesting things like getting SpamAssins to work. Could it be because I am using the Active-directory Integrated DNS version instead of files.

When I installed the AD I asked windows setup to configure everything. Do you know if it is possible to maybe replace MS DNS with something else?

Thanks for the quick response.

Rene.
  •  
bronco

Messages: 131
Karma: 1
Send a private message to this user
Hello, for anyone reading this I resolved the Root hints problem. It happens because the DNS Server is named RootServer because of the things that are described in the following MS kb:
http://support.microsoft.com/default.aspx?scid=kb;en-us;229840&Product=win2000

I done the command and a presto it worked and there is not RootServer anymore and I can see Forwarding not grayed and the Root hints are all there. The Kb ommitted one thing and that is that when you do a refresh you also need to say Clear Cache.

Rene.

Update:
I done the changes in the test site from the client and a previously mentioned problems are now gone. In the end it was a badly configured DNS. So this is what happens when you let MS AD install configure your DNS Server. You get CRAP!!. I hope this will help someone in the future. Thanks to everyone that contributed.

[Updated on: Thu, 20 May 2004 02:41]

Previous Topic: McAfee Antivirus not scanning encrypted files
Next Topic: KMS 5.7.8 doesn’t send via SMTP
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 19:03:17 CET 2017

Total time taken to generate the page: 0.00504 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.