Re: RDNS Timeout problems
- From: "Michael Dragone" <newsgroup@xxxxxxxxxxxxxx>
- Date: Thu, 7 Aug 2008 16:57:17 -0400
Try changing your hosts to look like:
114 PTR holly.wlmsburg.org
115 PTR holly.wlmsburg.org
And so on.
Also, take a look at the KB article below for some more details.
How to configure a subnetted reverse lookup zone on Windows NT, Windows 2000, or Windows Server 2003
http://support.microsoft.com/kb/174419
"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:53947CBE-0B75-4BB6-8681-E85DCFE38A80@xxxxxxxxxxxxxxxx
Thank you for your continued instruction. Unfortunately I still don't seem to.
have it correct.
While I have been schooled in classful and classless subnets, I am certain I
still do not have a full understanding of how/where to use them.
Consequenstly I have both entries in my RDNS table (could this be the source
of the problem?)
If I open the DNS control panel here is what I see:
DNS
- holly
- - Event Viewer
- - Forward Lookup Zones
- - Reverse Lookup Zones
- - - 192.168.0.x Subnet
- - - 67.114.160.112
- - - - (same as parent folder) Start of Authority (SOA) holly.wlmsburg.org
- - - - (same as parent folder) Name Server (NS) holly.wlmsburg.org
- - - - 67.114.160.112.114 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.112.115 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.112.116 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.112.117 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.112.118 Pointer (PTR)
sophie.wlmsburg.org
- - - 67.114.160.xSubnet
- - - - (same as parent folder) Start of Authority (SOA) holly.wlmsburg.org
- - - - (same as parent folder) Name Server (NS) sophie wlmsburg.org
- - - - (same as parent folder) Name Server (NS) holly.wlmsburg.org
- - - - 67.114.160.114 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.115 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.116 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.117 Pointer (PTR)
holly.wlmsburg.org
- - - - 67.114.160.118 Pointer (PTR)
sophie.wlmsburg.org
What am I missing??
"Michael Dragone" wrote:
Since you have your domain name in your posts, I did some digging for you.
It appears you have everything set up correctly, except for one little bit.
I can point nslookup directly to your DNS server and receive query answers
for PTR records for your IP addresses. So it's not a connectivity issue.
The problem is that you have a smaller than /24 address range, so your ISP
is using classless in-addr.arpa delegation. When the DNS server,
ns1.pbi.net, at your ISP is asked for one of your PTR records, it receives a
CNAME referral. Your DNS server is eventually queried, but because it's
asked to resolve an address that it doesn't contain a record for, it fails.
See below.
Asking NS1.PBI.NET. for 114.160.114.67.in-addr.arpa PTR record: Got CNAME
referral to 114.112.160.114.67.in-addr.arpa.
Resolution then starts all over again from the root nameservers, and your
DNS server is finally asked to resolve 114.112.160.114.67, which it doesn't
have an entry for. The solution would be to add a new zone to your DNS
server (112.160.114.67.in-addr-arpa) and put your various IPs in that zone
(113, 114, 115, etc.).
"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CF90110B-F31D-4C5B-9890-11F2C1645697@xxxxxxxxxxxxxxxx
> Michael,
>
> Thank you for continuing to help me focus on the problem. When I use
> nslookup from inside my network, I get a prompt reply. I have not had > the
> opportunity to use NSLOOKUP from another network, but when I use any of
> several external tooks (DNSSTUFF.com or dnsadvisor@xxxxxxxxxxxx) I am
> informed that my DNS does not respond - it "times-out".
>
> Since network solutions provides forward pointers to my domain, most of
> the
> dns checks are clean. Only the revers inquireys (that would come from > IP)
> seem to have timeout problems. That brings me back to thinking the > problem
> is
> wither with Port 53, or something is slowing my server down.
>
> Where would you check next??
>
> "Michael Dragone" wrote:
>
>> Just to be clear, when you query your DNS servers for a PTR record in >> a
>> zone
>> you host from off your network (from your house/hotel/another
>> office/whatever) with nslookup, you receive the correct reply? No
>> timeouts?
>> I only ask because you mentioned in your post that it works fine when
>> queried from a workstation on your network.
>>
>> That's a good test, but you need to make sure that PTR queries are
>> passing
>> from the Internet through whatever perimeter and host protection you >> have
>> to
>> the DNS servers themselves.
>>
>> "Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:96EEC68B-1584-40C7-972E-71FA1268ED02@xxxxxxxxxxxxxxxx
>> > Interesting you should mention DNS patch. I am on the phone with >> > AT&T
>> > DNS
>> > support and they are finally escalating my problem. If finally
>> > registered
>> > with me today that if the problem was with my mail server, then >> > another
>> > of
>> > my
>> > outward looking servers (the DSN secondary) should at least respond.
>> > When
>> > I
>> > used the AOL RDNS check tool on that IP, it failed also >> > "serverfail".
>> > While
>> > talking to AT&T them mentioned a masive amount of calls today. (Has >> > the
>> > whole
>> > world come to an end?)
>> >
>> > To your other questions, when quired from any workstation in >> > network,
>> > nslookup responds romptly with the appropriate name/ip etc. I am >> > using
>> > Symantec Endpoint protection, but configured without network >> > protection
>> > for
>> > the servers. I did review the firewall configuration and I am told >> > that
>> > it
>> > will "automatically" pass DNS requests. Just make sure, I added a >> > hole
>> > in
>> > the
>> > firewall for port 53 (TCP & UDP) I have created an equivalent hole >> > in
>> > the
>> > Routing and Remote Access WAN port. Is there anything else I should
>> > check?
>> > What is really frustrating is that up until a week ago, things were
>> > fine.
>> >
>> > I'm still trying to figure it out.
>> >
>> > "Michael Dragone" wrote:
>> >
>> >> Did you test it yourself by issuing queries from off of your own
>> >> network?
>> >> Do
>> >> you have any type of firewall or perimeter gateway between the
>> >> Internet
>> >> and
>> >> your SBS box?
>> >>
>> >> If you're sure it's a DNS and not an Exchange issue, you should
>> >> probably
>> >> try
>> >> asking in microsoft.public.windows.server.dns. Perhaps it has
>> >> something
>> >> to
>> >> do with the massive multivendor DNS patch that was recently >> >> released.
>> >>
>> >> "Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> news:33AE2A26-D11F-4A1A-9C67-C41ADB248D84@xxxxxxxxxxxxxxxx
>> >> > At present, I handle them my self. I could return control to >> >> > AT&T,
>> >> > but
>> >> > if
>> >> > I
>> >> > am slow to respond, then I probabily have other problems I should >> >> > be
>> >> > addressing. I would like to find the root cause and deal with >> >> > that.
>> >> > Any
>> >> > suggestions would be appreciated.
>> >> >
>> >> > Still searching....
>> >> >
>> >> > "Michael Dragone" wrote:
>> >> >
>> >> >> Who handles your PTR records? Your ISP or have they delegated
>> >> >> control
>> >> >> of
>> >> >> those zones to you and you host them yourself?
>> >> >>
>> >> >> "Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> >> news:780417BF-4A6B-4FFC-99A9-0418BC284A39@xxxxxxxxxxxxxxxx
>> >> >> > Two weeks ago (shortly after some updates from MS) I started
>> >> >> > having
>> >> >> > rejected by AOL & CS domains. (This is not the first time I >> >> >> > have
>> >> >> > had
>> >> >> > this
>> >> >> > problem.) But now there is a new twist.
>> >> >> >
>> >> >> > After talking to everyone on the network from my exchange >> >> >> > server
>> >> >> > to
>> >> >> > AOL's
>> >> >> > mail server (AT&T DSL / DNS support and AOL's postmaster) I >> >> >> > have
>> >> >> > determined
>> >> >> > that no one claims to be blocking port 53, but my DNS server >> >> >> > is
>> >> >> > not
>> >> >> > responding to RDNS requests from AOL; the request "times out"; >> >> >> > it
>> >> >> > appears
>> >> >> > that my server "is not responding to the request" (You may
>> >> >> > already
>> >> >> > know
>> >> >> > that
>> >> >> > unless your server responds to an RDNS request from AOL, your
>> >> >> > will
>> >> >> > not
>> >> >> > be delivered in the AOL domain.)
>> >> >> >
>> >> >> > Is anyone else seeing this problem? Does anyone have a >> >> >> > suggestion
>> >> >> > as
>> >> >> > to
>> >> >> > how
>> >> >> > I can get my server to respond faster? I had been fine for a >> >> >> > year
>> >> >> > (the
>> >> >> > last
>> >> >> > time I had problems with AOL's postmaster). I have made no >> >> >> > recent
>> >> >> > changes
>> >> >> > to
>> >> >> > my "public" network. I have made not recent changes to my DSN
>> >> >> > configuration.
>> >> >> > I am running Exchange 2003 in an SBS 2003 environment with all >> >> >> > of
>> >> >> > the
>> >> >> > current
>> >> >> > service packs and updates.
>> >> >> >
>> >> >> > Any suggestions would be appreciated.
>> >> >>
>> >> >>
>> >>
>>
- Follow-Ups:
- Re: RDNS Timeout problems
- From: Todd
- Re: RDNS Timeout problems
- References:
- Re: RDNS Timeout problems
- From: Michael Dragone
- Re: RDNS Timeout problems
- From: Todd
- Re: RDNS Timeout problems
- From: Michael Dragone
- Re: RDNS Timeout problems
- From: Todd
- Re: RDNS Timeout problems
- From: Michael Dragone
- Re: RDNS Timeout problems
- From: Todd
- Re: RDNS Timeout problems
- From: Michael Dragone
- Re: RDNS Timeout problems
- From: Todd
- Re: RDNS Timeout problems
- Prev by Date: Re: RDNS Timeout problems
- Next by Date: Re: OWA stops working
- Previous by thread: Re: RDNS Timeout problems
- Next by thread: Re: RDNS Timeout problems
- Index(es):
Relevant Pages
|
