Managing DNS with IPCONFIG

You've probably used the ipconfig command to view TCP/IP settings and renew a DHCP lease. In addition to these tasks, ipconfig can also help you manage DNS settings on a computer.

Windows 2000 Professional
Managing DNS with IPCONFIG

You've probably used the ipconfig command to view TCP/IP settings and renew a DHCP lease. In addition to these tasks, ipconfig can also help you manage DNS settings on a computer.

For example, the DNS resolver cache tracks the results of DNS name resolution queries so that subsequent queries can be resolved from the cache for better performance. However, Windows caches failed DNS lookups as well as successful ones. If a DNS lookup fails because of a network problem (e.g., a DNS server is offline), you must clear the cache to enable the resolution to work after the network problem is resolved. To clear the resolver cache, use this command:

ipconfig /flushdns

On occasion, you might want to view the contents of the resolver cache. For example, you might want to determine how long before a value expires or identify the IP address for a given host name. Use this command to view the resolver cache:

ipconfig /displaydns

Finally, you can use ipconfig to refresh all DHCP leases and re-register the host's DNS names in its target DNS server:

ipconfig /registerdns

Windows 2000 Server


Create a secure, persistent connection using RRAS

As you may know, Windows 2000 Server includes the Routing and Remote Access Service (RRAS). In addition to other tasks, you can use RRAS to establish a secure, persistent connection between two remote networks.

For example, you can use RRAS to create a VPN tunnel across the Internet between a branch office and the corporate office to enable users at one site to seamlessly access network resources at the other site (such as Exchange Server, a file server, or printers). This capability can be useful in situations where Windows 2000 Server acts as the router for the network or where an existing router or firewall doesn't offer VPN capability.

You have several options for creating the VPN tunnel. You must first decide whether to use Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP).

PPTP is easier to implement because it doesn't require installing a certificate on the servers, while L2TP requires a certificate to support the L2TP-over-IPSec connection. However, L2TP offers better security because of the certificate-based encryption, and you can use Windows 2000's Certificate Services to generate the required certificate.

You must also decide how you'll route the traffic between the two networks. You can add static routes in RRAS, or you can use a routing protocol such as Routing Information Protocol (RIP) to enable the routers to discover appropriate routes.

There are several steps to take to establish a router-to-router VPN connection using Windows 2000 Server. To learn more about the process and the required steps, consult the Help content in the RRAS, and drill down to Routing And Remote Access | Routing | Concepts | Using Routing | Deploying Routing | Setting Up Router-To-Router VPNs.