w2k3 & router

[XtremeMaC]

hi there,

first of all i couldn't decide where to put this so i'm putting it here, sorry if its wrong

anyways my question is:

i've a router and all 4 computers are xp right now, i assigned ip's manually to have more control over the computers, stuff like port forwarding....

now i've installed windows 2003 and obviously going to use it as a server, now how can i use the w2k3 dhcp/dns/etc/ to give ip's from the server while keeping those port forwarding's working?

i'm not sure if this is easily done with w2k3, i haven't used it much so if it has a very obvious answer i do not know right now, sorry

so basically, i only want the server to use the router and i want other computers to work back & forth with the router and the server. a crap something like that i cannot explain well. hope someone gets it

[Incroyable HULK]

Well here is my experience on that matter.

1- Use the default IP adress of your router and build your network around it. Why? because I've seen some SOHO router resetting themselves after a power outage and other obscure reasons. I'll be using 192.168.1.1 for my example

2- Asign a static IP adress to your server like 192.168.1.2 then a subnet mask of 255.255.255.0 then 192.168.1.1 as the gateway and 192.168.1.2 as the Primary DNS server (the W3K server itself)

3- Set up your DHCP service on the Server (deactivate this feature on the router)

a ) Set a Scope of adresses let's says 192.168.1.10 to 192.168.1.30

b ) Set some reservation for your Stations so they always get the same IP adress

4- Start your DNS services or start the Active Directory Service which will set up the DNS service.

Set up your Domain name, User acounts, and so on.

Remember that if you own a private second level domain name and you have an external website or Email adresses you should NOT use this name for your network domain name. (like mydomain.com) Instead, go with a SubDomain name like home.mydomain.com

Why again? Because if you do mydomain.com from now on, your client won't be able to go to the website and get their Email. The Server think he is the authoritative one for the request and won't be able to resolve the external adress (for mydomain.com)

5- Use the port fowarding functions of your router to get the right port to the correct Station...

I hope this help!

EDIT: use the Alternate configuration tab in the TCP/IP configuration panel to assign the same IP, subnet, gateway as the DHCP server would but use the router as the DNS server. This way, if you are taking your server down for some reason, your client will be able to access Internet...

[Coopy]

Well here is my experience on that matter.

1- Use the default IP adress of your router and build your network around it. Why? because I've seen some SOHO router resetting themselves after a power outage and other obscure reasons. I'll be using 192.168.1.1 for my example

2- Asign a static IP adress to your server like 192.168.1.2 then a subnet mask of 255.255.255.0 then 192.168.1.1 as the gateway and 192.168.1.2 as the Primary DNS server (the W3K server itself)

3- Set up your DHCP service on the Server (deactivate this feature on the router)

  a ) Set a Scope of adresses let's says 192.168.1.10 to 192.168.1.30

  b ) Set some reservation for your Stations so they always get the same IP adress

4- Start your DNS services or start the Active Directory Service which will set up the DNS service.

Set up your Domain name, User acounts, and so on.

Remember that if you own a private second level domain name and you have an external website or Email adresses you should NOT use this name for your network domain name. (like mydomain.com) Instead, go with a SubDomain name like home.mydomain.com 

Why again? Because if you do mydomain.com from now on, your client won't be able to go to the website and get their Email. The Server think he is the authoritative one for the request and won't be able to resolve the external adress (for mydomain.com)

5- Use the port fowarding functions of your router to get the right port to the correct Station...

I hope this help!

EDIT: use the Alternate configuration tab in the TCP/IP configuration panel to assign the same IP, subnet, gateway as the DHCP server would but use the router as the DNS server. This way, if you are taking your server down for some reason, your client will be able to access Internet...

I would advise against using the Alternate Configuration tab. This IS static IP addressing. If the client is looking at the router for DNS resolution, they will only be able to resolve external addresses as the router forwards DNS requests to the ISP. Also, Active Directory CANNOT be separated from DNS. If the clients don't resolve DNS requests against the DNS server that is authoritative for the zone, then they will not authenticate against the server and security will be whacked (to state it simply). In addition, Microsoft DNS can be dynamically updated. By using DHCP to assign addresses, DNS will be updated with the host information automatically.

By using static IP addressing, you're completely missing the point of DHCP. Its entire function is to make addressing and TCP/IP host configuration easy. This is how I configured my home network:

1. Turn off the router's DHCP function.

2. Configure DHCP on your server. Create a scope with the start address of 192.168.1.2, end address of 192.168.1.254, subnet mask of 255.255.255.0, DNS server address 192.168.1.2, router (default gateway) address of 192.168.1.1. Create an exclusion range for those devices that require static addressing such as servers, routers, ethernet printers, and etc. 192.168.1.2 - 192.168.1.9. Set your lease duration. Addresses will become available if they have not been renewed before the expiration, but hosts will renew in half the time. If you have many temporary hosts on your network, and your scope has few addresses available, then a shorter lease is recommended. If you have few temporary hosts and/or plenty of addresses, then a longer lease is better and will reduce network traffic.

3. Configure Local Area Connection TCP/IP properties: Set IP=192.168.1.2, DNS Server=192.168.1.2

4. Promote server to primary domain controller allowing dcpromo.exe to configure DNS for your zone. (Best to use home.mydomain.com. See quite)

5. Configure Local Area Connection TCP/IP properties: DNS Server=192.168.1.1

6. Configure DNS Server to use Forwarders. Enter the DNS server addresses provided by your ISP. DO NOT use the router's IP address. (slower performance)

7. Configure Local Area Connection TCP/IP properties: DNS Server=192.168.1.2 (This temporary change is necessary to allow forwarders. If a W2K server looks to itself for DNS resolution, you will not be able to turn on forwarders.

8. Configure all clients to use DHCP.

Microsoft's DNS is great in that it will cache requests. If it receives a request it cannot resolve, it will forward that request to your ISP's DNS server. Before it passes the results back to you, it caches it. The next time you make the request, your DNS server will be able to respond to your request itself. You'll notice faster load times as a result of decreased traffic over your internet connection.

If you want to make sure that the addresses of certain workstations stay the same, don't use static IP addressing; configure reservations in your DHCP server. You'll just need the MAC address of the host you wish to reserve an address for. Then, you can use port forwarding in your router.

DHCP makes IP address administration much easier. Changes in network configuration are made centrally instead of at each workstation. If you add a workstation to the network, they have network functionality immediately.

Using Microsoft's DHCP server allows other things like Remote Installation Services, which can also be quite handy.

DHCP can help prevent wireless pirates from stealing bandwidth. If all of your addresses are reserved, and they can't get an IP address on the subnet, then they can't steal bandwidth or hack your network.

[XtremeMaC]

thanks i'm on it...