JSI Tip 6666. How do I use a Windows Server 2003 internal root DNS server to provide name resolution for Internet top-level domains?

Internal root DNS servers do not have root hints and do not forward or resolve any names beyond itself.

If you implement this tip, Down-level DNS servers in your organization are then able to resolve iterative queries to your root DNS servers for top-level domains.

NOTE: You must protect the root DNS server with a firewall.

To delegate all Internet top-level domains:

01. Move %SystemRoot%\System32\DNS\Cache.dns to another folder.

02. Download root.zone.gz from ftp://ftp.rs.internic.net/domain.

03. Extract the root.zone file and rename it Cache.dns. Move it to the %SystemRoot%\System32\DNS folder.

04. Open a CMD prompt on the root DNS server and type:

        net stop "dns server"
        net start "dns server"

05. Open the DNS snap-in.

06. Right-click Forward Lookup Zone and and press New Zone.

07. Press Next in the New Zone Wizard.

08. Check Primary zone and clear the Store the zone in Active Directory box.

09. Press Next.

10. Type . into the Name box and press Next.

11. Check Use this existing file, type cache.dns, and press Next.

12. Check Do not allow dynamic updates (default) and press Next.

13. Press Finish.

TAGS: Windows 8
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.