Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS issues

Status
Not open for further replies.
adfreek

adfreek

IS-IT--Management
Jul 22, 2003
227
US
In my test lab, we have a native 2003 server environment. I have about 5 server 2003 virtual machines built and in the DNS settings, I added the static IP for my ISP dns servers. This allowed all the machines to successfully get onto the internet and use Windows Update. I then installed DNS on one of the servers and pointed all my other boxes to this internal DNS server. I went into the properties of the dns server and under "Forwarders", simply added the two public IP addresses of my ISP dns servers. Now none of my servers can hit the internet? I know it's not a firewall issue because I have a rule set up in checkpoint to allow the 172.16.210.x network outbound dns access to those two public IP's, plus, they were able to hit the internet without issues when they were hard coded with the ISP dns servers.

When I do an nslookup, it points to the default internal MS dns server. But if I query something like it fails. What am I missing?

Thanks
 
Sort by date Sort by votes
Not sure if this will help, but make sure your internal DNS server has a valid PTR record for the interanl DNS server. This would be in the Reverse Lookup Zone of your DNS Server, in the x.x.x.in-addr.arpa section.

For example, if your internal DNS server has an internal address of 10.1.1.100, with a subnet of 255.255.255.0, and a name of ns1, you need to have a PTR (pointer) record in the 1.1.10.in-addr.arpa section of the DNS server. This record would have the Host IP number set to 100 and the host name set to ns1.

Hope this helps. Keep us updated...

-deeno
 
Upvote 0 Downvote
actually I should have added that I did indeed already create the reverse zone and a record for the DNS server. Still having the issue

thanks
 
Upvote 0 Downvote
Go to the following FAQ faq96-3017 and follow the instructions for removing the root zone. Make sure there is nothing that you missed on the rest of the FAQ.
 
Upvote 0 Downvote
still no luck. This is a 2003 DNS server and under forward lookup zones, there is no "." root zone to delete. All the remaining steps in the FAQ were already done. Let me add that when I do a recursive query under the "monitoring" tab of the DNS server properties, it fails. ?????

I don't get it
 
Upvote 0 Downvote
1.Who's doing the NAT? Is it the server, the router or firewall?

2.Can you ping server name and ip addresses from one server to another?

3.Can you post all the server's ipconfig/all?

4.Any diagram on how are they connected?

Internet-> router(NAT)->firewall->???
 
Upvote 0 Downvote
I figured it out. See Q article Q828731. It has to do with UDP DNS packets that exceed 512 bytes which were getting dropped by my firewall. There is a command to disable EDNSO (Extension mechanisms for DNS) which is a new feature in 2003 DNS.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

KenMeans
  • Locked
  • Question
DNS Issues with wireless router behind Atlantic Broad band Business Modem
Replies
0
Views
10K
KenMeans
KenMeans
alpha76
  • Locked
  • Question
Advice on DNS setup/configuration
Replies
3
Views
11K
technome
technome
tbright
  • Locked
  • Question
DNS reverse lookup errors: zone 1.168.192.in-addr.arpa/IN: has no NS records
Replies
1
Views
13K
tbright
tbright
Richard Carter
  • Locked
  • Question
Set up BIND on DNS server for local home server
Replies
0
Views
10K
Richard Carter
Richard Carter
rvirene
  • Locked
  • Question
MS DNS / Powershell Script Question
Replies
2
Views
11K
rvirene
rvirene

Part and Inventory Search

Sponsor

Back
Top