Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS forwarders not working

Status
Not open for further replies.
groove200

groove200

Technical User
Sep 26, 2003
4
GB
Hi all ,
Weird one here I just cant get my head around. Currently running NT4 domain and need to get forwarders working on my DNS server.
The reason being we have a server here that is a dns server for a third party company that resolves addresses on their closed intranet. The problems we have is clients all have to have different dns server search orders depending on what they need access to as the third party dns server does not resolve internet addresses only their own.
So my solution was to set up DNS forwarders on my DNS server to try and resolve the third party queries using a forwarder to their server.
However it doesnt work. If I put the IP of their server in the forwarders then clients using my server for DNS can resolve their addresses fine, BUT internet resolution provided by my DNS server stops working.
Ive tried putting an ISP DNS address in the forwarders as well , in both orders thinking interent will resolve using this , and if the interent DNS cannot resolve it will move onto the the third party server and resolve. But this stops third party resolution working.
Even if i have third party server first and ISP second internet resolution stops working.
So in desperation thinking my DNS is somehow broken ive just set up a test 2000 server with fresh install of DNS and I have the exact same symptoms.

Im stuck now and dont really know where else to look ?

Any ideas ?
 
Sort by date Sort by votes
The only time it will use a second DNS forwarder is when it can't reach the first. This means, if you've got the third party server set as primary DNS forwarder, and you need to resolve an internet address, it will send the request to the third party server, which will respond with an 'I dont know the IP' and you will get the familiar 'host not found' error.
 
Upvote 0 Downvote
Ahh thanks for the reply,

But i was under the impression forwarders are worked through in order until one gave "a correct" answer.

So if the 3rd party forwarder didnt resolve an internet address it would move to the seconf forwarder which would.

Conversly if the ISP was first and 3rd party second, the ISP would not resolve the 3rd party address so it would move onto the 3rd party dns server and resolution would be successful.

Am I wrong here then ?

I know on the clients that the primary and secondary work like that, that it doesnt move onto the secondary id the first responds with a failure.

 
Upvote 0 Downvote
You are wrong. If the first forwarder can be reached, any response (whether it can resolve the name or not) is considered a success, and no other forwarder is checked.
 
Upvote 0 Downvote
Ahhh , thanks for that clarification.

So if forwarders are used it wont even use root hint servers first then ? It will JUST use forwarders in the order listed and soon as it gets a reply ( good or bad ) thats where it stops.

If this is the case then Im out of ideas.

I thought about adding there server in a new zone but they dont and wont set up zone transfers.

So has anybody any other ideas how I can resolve these 3rd party addresses and internet queries ?

 
Upvote 0 Downvote
So if forwarders are used it wont even use root hint servers first then ? It will JUST use forwarders in the order listed and soon as it gets a reply ( good or bad ) thats where it stops.
Click to expand...

Correct. If a server is configured with a forwarder then it will not attempt resolution itself using the root servers. It will simply pass all queries to the forwarder as a recursive query and wait for a response from that server. If it gets a reply (either with an answer or without) then it will not query any other servers. The only way that it will pass a recursive query to another forwarder is if the fist does not respond, ie. the box is down.

The best way to be able to query your third party and be able to resolve external domains would be to either use them as a forwarder so that they would respond to any domains that they were authoratative for and do a recursive query for anything else OR you slave of their server for their domains and then your server would be authoratative for your domains, their domains and would be able to resolve external domains via root server/cached data or a forwarder.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************
 
Upvote 0 Downvote
Guys,

Thanks for all your help on this.

I have now resolved it. I managed to get a hard copy of the 3rd party DNS Zones and manually added them to my server and all is working perfectly.

Admittedly its not perfect as if they change any records ( which is unlikely) mine will then be out of date.

The final solution for the future will be to put in a W2K3 server and use conitional forwarding by the looks of it. But other pressing matters mean this can wait a while.

Again thanks for all your help.

Andy
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

A
  • Locked
  • Question
caller id not sending during transfer call
Replies
0
Views
3K
aperolina72
A
KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
11K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
13K
tbright
tbright
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
10K
Richard Carter
Richard Carter

Part and Inventory Search

Sponsor

Back
Top