Configure a DNS Server on Windows Server 2012 or 2012 R2 to use OpenDNS

First, make sure that your clients are pointing to your Windows DNS server. I know this sounds pretty obvious, but you’d be surprised how many people miss this step. If you’re in an Active Directory (AD) environment, your clients really need to be pointing to DNS that is running on your Domain Controller (DC). If you only have one Domain Controller (DC), that’s the IP address you want to use; if you have more than one, use both. (Just don’t forget to make this change on all of your DNS servers!).

On your Windows Server 2012/2012 R2 server, bring up the Start Menu and click on Administrative Tools.
01-opendns_on_server_2012

When the Administrative Tools open, double-click the DNS console icon.
02-opendns_on_server_2012

This will open the DNS Manager. In the DNS Manager, double-click on Forwarders.
03-opendns_on_server_2012

You should be taken to the Forwarders tab in the server’s Properties. Click the Edit… button.
04-opendns_on_server_2012

This will open the Edit Forwarders dialog. Type in the IP addresses for OpenDNS: 208.67.222.222 and208.67.220.220.
05-opendns_on_server_2012

It should look something like this when you’re done. Click OK to close the dialog box.
06-opendns_on_server_2012

After clicking OK, you’ll be taken back to the DNS server’s Properties. It should look something like the screenshot below.

07-opendns_on_server_2012

By default, the Use root hints if no forwarders are available will be checked. This option is a double-edged sword: If you leave it checked, your DNS server may consult with the root hints servers to resolve a DNS entry and could bypass OpenDNS. If you don’t check it, you could have DNS timeouts that could result in DNS timeouts.

So, what option do you choose? Well, it really depends on how you’re using OpenDNS. If you’re using OpenDNS as a filter in a situation where the filter always has to work like a school, church, etc., uncheck the box. If it is more important that clients always get timely DNS responses, check the box.

When you’re done, click OK.

Now that you’ve updated your Forwarders. You’ll need to clear the DNS cache. Click the View menu and then Advanced. This will enable you to see the Cached Lookups section in the DNS console.
08-opendns_on_server_2012

Right-click on Cached Lookups in the DNS Manager and choose Clear Cache.

09-opendns_on_server_2012

You’re done! Remember, if you have more than one Windows Server 2012/2012 R2 DNS server, you’ll need to perform this change on each one. You’ll also need to run an ipconfig.exe /flushdns on your clients if you want this to start using OpenDNS immediately. Otherwise, you can wait and they’ll move over on their own as items in the DNS cache expire.

Advertisements

Posted on March 10, 2015, in Smoothwall, Windows Server 2012 - MCSA. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: