Re: Still have problem with DNS forwarding

From: Cris Hanna \(SBS-MVP\) (crisnospamhanna_at_mindspring.com)
Date: 04/28/04 

Date: Wed, 28 Apr 2004 11:44:32 -0500

Well there's the problem
Why is the second nic disabled

The Linux server is set up as a proxy/DNS so all traffic is being routed
through it...

You have two options...
1) Explain to your client/boss/whomever that the SBS box is not properly
configured and the linux box is the problem and it may take a day or two
after removing the linux server to shake it all out but the system will then
function properly and be more secure (linux had more vulnerabilities last
year than windows)
OR
2) leave it the way it is and deal with the unix box

You have two nics in the sbs box for a reason
one for the lan...goes to a switch with all the other workstations
one for external connection which goes to router/cable or dsl modem or some
other device for connecting to the internet

You would contact DYNDNS and tell them about the change and the removal of
the linux box and they can reset their DNS records to point mail to your SBS
box external nic instead of the linux box 

-- 
Cris Hanna (SBS-MVP)
------------------------------------------------------------
Please DO NOT respond directly to me but rather in the newsgroup so that 
everyone can benefit
<anonymous@discussions.microsoft.com> wrote in message 
news:465f01c42baf$c4715790$a301280a@phx.gbl...
>I would dearly like to not only unplug the linux server,
> but also throw it through the window of a very tall
> building overlooking a wrecking yard!! But if i do, i
> know that the client will lose all name resolution, which
> means no internet, mail delivery, etc.
>
> There are 2 nic in the system, one of which is disabled
> through windows. The active nic ip is 192.168.254.1 and
> is connected to the internal LAN.
>
> Regards
>
> Darren
>>-----Original Message-----
>>So unplug the linux server..its acting in the network
> somewhere
>>
>>How many nics in your SBS server
>>What are they connected to??
>>What do you have as the DNS address on them??
>>
>>
>>
>>-- 
>>Cris Hanna (SBS-MVP)
>>---------------------------------------------------------
> ---
>>Please DO NOT respond directly to me but rather in the
> newsgroup so that
>>everyone can benefit
>><anonymous@discussions.microsoft.com> wrote in message
>>news:429201c42b68$a23964c0$a001280a@phx.gbl...
>>> The story so far, well as much of it as i have been
> told!
>>> (Customer has fallen out with original supplier)
>>>
>>> The linux server was part of the original setup which
>>> included a w2k server. The linux server provided imap4
>>> mail facilities, and dns, while the w2k, as far as i
>>> could tell, sat doing nothing. The client save their
>>> files to the linux server (samba) occasionally.
>>>
>>> My brief was to reconfigure the existing setup to
>>> centralise all of the files and email functionality.
>>>
>>> I have installed w2003 sbs on the old w2k server, and
>>> migrated to clients (3 in all!) to the new server.
> Setup
>>> OWA, which works very well, apart from the vaguaries
> of a
>>> satillite broadband connection. I have also installed a
>>> Cisco PIX501 firewall on the gateway to the lan. All
> set-
>>> up and running beautifully, apart from the dns problem.
>>>
>>> The linux baox is still on the network because without
>>> it, i cannot resolve dns queries forwarded to any other
>>> server.
>>>
>>> I understand how to set up the CIECW, and have setup
> the
>>> isp (BTOpenwound) dns server. But without the linux
>>> server being the primary forwarder, names cannot be
>>> resolved.
>>>
>>> Hope this helps
>>>
>>> Regards
>>>
>>> Darren
>>>>-----Original Message-----
>>>>Well...lets step back
>>>>
>>>>Why is the linux box still up and on the network??
>>>>
>>>>SBS should "optimally" have two nics
>>>>1 for internal LAN connections, running to a switch/hub
>>> and all workstations
>>>>connect to the hub as well
>>>>1 for external/internet connection, to either a router,
>>> cablemodem, DSL
>>>>modem, or other device and it is the only thing
>>> connected to that device
>>>>
>>>>These two nics should be on different IP subnets   The
>>> IP address of the
>>>>internal nic should be the DNS address for the LAN
>>>>When you run the CEICW you would specify the IP
>>> addresses of your ISPs DNS
>>>>servers.
>>>>
>>>>Who set this linux server up and why??
>>>>
>>>>-- 
>>>>Cris Hanna (SBS-MVP)
>>>>-------------------------------------------------------
> --
>>> ---
>>>>Please DO NOT respond directly to me but rather in the
>>> newsgroup so that
>>>>everyone can benefit
>>>><anonymous@discussions.microsoft.com> wrote in message
>>>>news:3a6a01c429ce$05765760$a101280a@phx.gbl...
>>>>>I don't know, not being over familiar with linux
>>>>> (Microsoft born and bred!). How would i find out?
>>>>>
>>>>> I certainly do not reference the linux server in
> anyway
>>>>> on the sbs, and it still has problems when it comes
> to
>>>>> dns. How could the linux server do this? The only
> thing
>>>>> that i could think of is that it in some way has
>>> promoted
>>>>> itself to be the authoritive dns server on the lan.
> It
>>>>> was running the dns in the old set-up, the install of
>>> the
>>>>> sbs was a fresh one (Not upgrade).
>>>>>
>>>>> The other thing i thought of was that when i
> installed
>>>>> the sbs on the server, it had two nic's installed. Is
>>>>> there anyway that it could be trying to use the
>>> disabled
>>>>> nic for dns in preference to the enabled nic?
>>>>>
>>>>> Regards
>>>>>
>>>>> Darren Woodman
>>>>>>-----Original Message-----
>>>>>>Sorry I haven't jumped into this before and you
> started
>>>>> a new thread so I
>>>>>>don't know the history
>>>>>>
>>>>>>Is there a nic running from your SBS box to your
> Linux
>>>>> box and then your
>>>>>>linux box to the internet...in otherwords is the
> linux
>>>>> box acting as some
>>>>>>sort of proxy server??
>>>>>>
>>>>>>-- 
>>>>>>Cris Hanna (SBS-MVP)
>>>>>>-----------------------------------------------------
> --
>>> --
>>>>> ---
>>>>>>Please DO NOT respond directly to me but rather in
> the
>>>>> newsgroup so that
>>>>>>everyone can benefit
>>>>>>"Darren Woodman"
> <anonymous@discussions.microsoft.com>
>>>>> wrote in message
>>>>>>news:2f7f01c428c9$7be5ece0$a601280a@phx.gbl...
>>>>>>> Subject:  Re: DNS
>>>>>>> From:  "anonymous@discussions.microsoft.com"
>>>>>>> <anonymous@discussions.microsoft.com> Sent:
>>> 4/22/2004
>>>>>>> 1:26:55 PM
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Well spotted, this was the result of my work LATE
>>> last
>>>>>>> night. I have ammended this (Although it was OK
>>> before
>>>>> i
>>>>>>> changed it for some other clients network address
> by
>>>>>>> mistake), and i have run the CEICW.
>>>>>>>
>>>>>>> I still have the same problem, if i make anything
>>> other
>>>>>>> than the linux server (192.168.254.15) the first
>>>>> forward
>>>>>>> resolution path, anything relying on name
> resolution
>>>>>>> fails, email, internet access, etc, etc....
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>> Darren
>>>>>>>>-----Original Message-----
>>>>>>>>If your server has IP 192.168.254.1 than DNS should
>>> be
>>>>>>> the same.
>>>>>>>>
>>>>>>>>-- 
>>>>>>>>Regards,
>>>>>>>>
>>>>>>>>Marina
>>>>>>>>Microsoft SBS-MVP
>>>>>>>>
>>>>>>>><anonymous@discussions.microsoft.com> schreef in
>>>>> bericht
>>>>>>>>news:29e401c4283a$81b20bc0$a301280a@phx.gbl...
>>>>>>>>> Hi
>>>>>>>>>
>>>>>>>>> Below is the output of the ipconfig /all
>>>>>>>>>
>>>>>>>>> C:\Documents and
>>> Settings\Administrator>ipconfig /all
>>>>>>>>>
>>>>>>>>> Windows IP Configuration
>>>>>>>>>
>>>>>>>>>    Host Name . . . . . . . . . . . . : epd1
>>>>>>>>>    Primary Dns Suffix  . . . . . . . : EPD.co.uk
>>>>>>>>>    Node Type . . . . . . . . . . . . : Hybrid
>>>>>>>>>    IP Routing Enabled. . . . . . . . : No
>>>>>>>>>    WINS Proxy Enabled. . . . . . . . : No
>>>>>>>>>    DNS Suffix Search List. . . . . . : EPD.co.uk
>>>>>>>>>                                        co.uk
>>>>>>>>>
>>>>>>>>> Ethernet adapter Server Local Area Connection:
>>>>>>>>>
>>>>>>>>>    Connection-specific DNS Suffix  . :
>>>>>>>>>    Description . . . . . . . . . . . : Intel(R)
>>>>>>> PRO/1000
>>>>>>>>> MT Network Connection
>>>>>>>>>    Physical Address. . . . . . . . . : 00-07-E9-
> 4D-
>>>>> F3-
>>>>>>> 01
>>>>>>>>>    DHCP Enabled. . . . . . . . . . . : No
>>>>>>>>>    IP Address. . . . . . . . . . . . :
>>> 192.168.254.1
>>>>>>>>>    Subnet Mask . . . . . . . . . . . :
>>> 255.255.255.0
>>>>>>>>>    Default Gateway . . . . . . . . . :
>>>>> 192.168.254.254
>>>>>>>>>    DNS Servers . . . . . . . . . . . :
> 192.168.16.1
>>>>>>>>>    Primary WINS Server . . . . . . . :
>>> 192.168.254.1
>>>>>>>>>
>>>>>>>>> C:\Documents and Settings\Administrator>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> This is the output of nslookup when trying to
>>> resolve
>>>>>>>>> name with the ISP forwarders active
>>>>>>>>>
>>>>>>>>> Default Server:  epd1.epd.co.uk
>>>>>>>>> Address:  192.168.254.1
>>>>>>>>>
>>>>>>>>> > bbc.co.uk
>>>>>>>>> Server:  epd1.epd.co.uk
>>>>>>>>> Address:  192.168.254.1
>>>>>>>>>
>>>>>>>>> DNS request timed out.
>>>>>>>>>     timeout was 2 seconds.
>>>>>>>>> DNS request timed out.
>>>>>>>>>     timeout was 2 seconds.
>>>>>>>>> *** Request to epd1.epd.co.uk timed-out
>>>>>>>>> > google.co.uk
>>>>>>>>> Server:  epd1.epd.co.uk
>>>>>>>>> Address:  192.168.254.1
>>>>>>>>>
>>>>>>>>> DNS request timed out.
>>>>>>>>>     timeout was 2 seconds.
>>>>>>>>> DNS request timed out.
>>>>>>>>>     timeout was 2 seconds.
>>>>>>>>> *** Request to epd1.epd.co.uk timed-out
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>>
>>>>>>>>> Darren Woodman
>>>>>>>>> >-----Original Message-----
>>>>>>>>> >Connect Email and Internet Connection Wizard.
> This
>>>>>>> will
>>>>>>>>> set everything up
>>>>>>>>> >for you.
>>>>>>>>> >Can you post the ipconfig/all from the server
>>>>> please?
>>>>>>>>> >
>>>>>>>>> >--
>>>>>>>>> >Regards,
>>>>>>>>> >
>>>>>>>>> >Marina
>>>>>>>>> >Microsoft SBS-MVP
>>>>>>>>> >
>>>>>>>>> ><anonymous@discussions.microsoft.com> schreef in
>>>>>>> bericht
>>>>>>>>> >news:273a01c427f5$8b3d7cf0$a501280a@phx.gbl...
>>>>>>>>> >> DNS Resolution only works when forwarded to
> the
>>>>>>> Linux
>>>>>>>>> >> server, and yes it is still on the network.
>>> There
>>>>>>> are 2
>>>>>>>>> >> nic in the server, one disabled. What's CEICW?
>>>>>>>>> >>
>>>>>>>>> >> Ragards
>>>>>>>>> >>
>>>>>>>>> >> Darren Woodman
>>>>>>>>> >> >-----Original Message-----
>>>>>>>>> >> >Is that Linuxbox still in the network? 2 nics
>>> in
>>>>>>> the
>>>>>>>>> >> server? Run the
>>>>>>>>> >> >CEICW-wizard?
>>>>>>>>> >> >
>>>>>>>>> >> >--
>>>>>>>>> >> >Regards,
>>>>>>>>> >> >
>>>>>>>>> >> >Marina
>>>>>>>>> >> >Microsoft SBS-MVP
>>>>>>>>> >> >
>>>>>>>>> >> >"Darren Woodman" <drw@ecommdigital.co.uk>
>>> schreef
>>>>>>> in
>>>>>>>>> >> bericht
>>>>>>>>> >> >news:25b001c427ec$24e02150
> $a601280a@phx.gbl...
>>>>>>>>> >> >> I have installed a SBS 2003 Server on my
>>>>> customer
>>>>>>>>> site.
>>>>>>>>> >> >> The installation went well, with no
> errors. I
>>>>>>>>> configure
>>>>>>>>> >> >> the internal dns to use the external dns
>>>>> servers
>>>>>>>>> >> >> recommended by the customer ISP
> (Forwarders).
>>>>> The
>>>>>>>>> >> >> original system before this was running
> IMAP
>>>>> mail
>>>>>>>>> on a
>>>>>>>>> >> >> linux box, and DNS was configured on this
>>>>>>> (external
>>>>>>>>> >> >> resolution via dynamicdns). I cannot get
> the
>>>>> SBS
>>>>>>>>> 2003
>>>>>>>>> >> to
>>>>>>>>> >> >> forward dns requests for external
> resolution,
>>>>>>> unless
>>>>>>>>> >> the
>>>>>>>>> >> >> sbs 2003 dns forwards to the old linux box
>>>>>>> first. I
>>>>>>>>> can
>>>>>>>>> >> >> ping the ISP and other dns servers, so the
>>>>>>> routing
>>>>>>>>> side
>>>>>>>>> >> >> of it is working. There is a Cisco PIX
>>> firewall
>>>>>>> on
>>>>>>>>> the
>>>>>>>>> >> >> gateway, but this is configured correctly.
>>>>>>>>> >> >>
>>>>>>>>> >> >> Any idea's?
>>>>>>>>> >> >
>>>>>>>>> >> >
>>>>>>>>> >> >.
>>>>>>>>> >> >
>>>>>>>>> >
>>>>>>>>> >
>>>>>>>>> >.
>>>>>>>>> >
>>>>>>>>
>>>>>>>>
>>>>>>>>.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>>.
>>>>>>
>>>>
>>>>
>>>>.
>>>>
>>
>>
>>.
>>

Relevant Pages