Re: RDNS Timeout problems

Hum.....good suggestion.

I removed the entries (as listed above) in 67.114.160.112 zone. And then I
used the script "new pointer (PTR)" from the right click drop down when you
click in the zone. It opens a dialog box which allows you to identify the
"Host IP Number" and Host name. I enter only the 114 IP. I enter the Host
Name: Holly.wlmsburg.org. Then I hit enter. The dialog box closes and an
entry appears that looks like the entries below.

It doesn't appear to be possible to enter just 114 (etc.)

Does this then translate into a MS bug??? It worked just 10 days ago. WHat
has changed??


"Michael Dragone" wrote:

In the 67.114.160.112 zone.

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:03D5FEF8-9F24-4737-BBA0-633AEDEF3EE9@xxxxxxxxxxxxxxxx
i'm sorry......in which section? in the 67.114.160.112 section or the
xsubnet
section.

It seems to me that both forced me to use the MS scripts and nither
allowed
me to put in just the last octet. (These are AD integrated)



"Michael Dragone" wrote:

Try changing your hosts to look like:

114 PTR holly.wlmsburg.org
115 PTR holly.wlmsburg.org

And so on.

Also, take a look at the KB article below for some more details.

How to configure a subnetted reverse lookup zone on Windows NT, Windows
2000, or Windows Server 2003
http://support.microsoft.com/kb/174419

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:53947CBE-0B75-4BB6-8681-E85DCFE38A80@xxxxxxxxxxxxxxxx
Thank you for your continued instruction. Unfortunately I still don't
seem
to
have it correct.

While I have been schooled in classful and classless subnets, I am
certain
I
still do not have a full understanding of how/where to use them.
Consequenstly I have both entries in my RDNS table (could this be the
source
of the problem?)

If I open the DNS control panel here is what I see:
DNS
- holly
- - Event Viewer
- - Forward Lookup Zones
- - Reverse Lookup Zones
- - - 192.168.0.x Subnet

- - - 67.114.160.112
- - - - (same as parent folder) Start of Authority (SOA)
holly.wlmsburg.org
- - - - (same as parent folder) Name Server (NS)
holly.wlmsburg.org
- - - - 67.114.160.112.114 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.112.115 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.112.116 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.112.117 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.112.118 Pointer (PTR) sophie.wlmsburg.org

- - - 67.114.160.xSubnet
- - - - (same as parent folder) Start of Authority (SOA)
holly.wlmsburg.org
- - - - (same as parent folder) Name Server (NS) sophie wlmsburg.org
- - - - (same as parent folder) Name Server (NS) holly.wlmsburg.org
- - - - 67.114.160.114 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.115 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.116 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.117 Pointer (PTR) holly.wlmsburg.org
- - - - 67.114.160.118 Pointer (PTR) sophie.wlmsburg.org

What am I missing??

"Michael Dragone" wrote:

Since you have your domain name in your posts, I did some digging for
you.

It appears you have everything set up correctly, except for one little
bit.
I can point nslookup directly to your DNS server and receive query
answers
for PTR records for your IP addresses. So it's not a connectivity
issue.

The problem is that you have a smaller than /24 address range, so your
ISP
is using classless in-addr.arpa delegation. When the DNS server,
ns1.pbi.net, at your ISP is asked for one of your PTR records, it
receives a
CNAME referral. Your DNS server is eventually queried, but because
it's
asked to resolve an address that it doesn't contain a record for, it
fails.
See below.

Asking NS1.PBI.NET. for 114.160.114.67.in-addr.arpa PTR record: Got
CNAME
referral to 114.112.160.114.67.in-addr.arpa.

Resolution then starts all over again from the root nameservers, and
your
DNS server is finally asked to resolve 114.112.160.114.67, which it
doesn't
have an entry for. The solution would be to add a new zone to your DNS
server (112.160.114.67.in-addr-arpa) and put your various IPs in that
zone
(113, 114, 115, etc.).

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CF90110B-F31D-4C5B-9890-11F2C1645697@xxxxxxxxxxxxxxxx
Michael,

Thank you for continuing to help me focus on the problem. When I use
nslookup from inside my network, I get a prompt reply. I have not
had
the
opportunity to use NSLOOKUP from another network, but when I use any
of
several external tooks (DNSSTUFF.com or dnsadvisor@xxxxxxxxxxxx) I
am
informed that my DNS does not respond - it "times-out".

Since network solutions provides forward pointers to my domain, most
of
the
dns checks are clean. Only the revers inquireys (that would come
from
IP)
seem to have timeout problems. That brings me back to thinking the
problem
is
wither with Port 53, or something is slowing my server down.

Where would you check next??

"Michael Dragone" wrote:

Just to be clear, when you query your DNS servers for a PTR record
in
a
zone
you host from off your network (from your house/hotel/another
office/whatever) with nslookup, you receive the correct reply? No
timeouts?
I only ask because you mentioned in your post that it works fine
when
queried from a workstation on your network.

That's a good test, but you need to make sure that PTR queries are
passing
from the Internet through whatever perimeter and host protection
you
have
to
the DNS servers themselves.

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:96EEC68B-1584-40C7-972E-71FA1268ED02@xxxxxxxxxxxxxxxx
Interesting you should mention DNS patch. I am on the phone with
AT&T
DNS
support and they are finally escalating my problem. If finally
registered
with me today that if the problem was with my mail server, then
another
of
my
outward looking servers (the DSN secondary) should at least
respond.
When
I
used the AOL RDNS check tool on that IP, it failed also
"serverfail".
While
talking to AT&T them mentioned a masive amount of calls today.
(Has
the
whole
world come to an end?)

To your other questions, when quired from any workstation in
network,
nslookup responds romptly with the appropriate name/ip etc. I am
using
Symantec Endpoint protection, but configured without network
protection
for
the servers. I did review the firewall configuration and I am
told
that
it
will "automatically" pass DNS requests. Just make sure, I added a
hole
in
the
firewall for port 53 (TCP & UDP) I have created an equivalent
hole
in
the
Routing and Remote Access WAN port. Is there anything else I
should
check?
What is really frustrating is that up until a week ago, things
were
fine.

I'm still trying to figure it out.

"Michael Dragone" wrote:

Did you test it yourself by issuing queries from off of your own
network?
Do
you have any type of firewall or perimeter gateway between the
Internet
and
your SBS box?

If you're sure it's a DNS and not an Exchange issue, you should
probably
try
asking in microsoft.public.windows.server.dns. Perhaps it has
something
to
do with the massive multivendor DNS patch that was recently
released.

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:33AE2A26-D11F-4A1A-9C67-C41ADB248D84@xxxxxxxxxxxxxxxx
At present, I handle them my self. I could return control to
AT&T,
but
if
I
am slow to respond, then I probabily have other problems I
should
be
addressing. I would like to find the root cause and deal with
that.
Any
suggestions would be appreciated.

Still searching....

"Michael Dragone" wrote:

Who handles your PTR records? Your ISP or have they delegated
control
of
those zones to you and you host them yourself?

"Todd" <Todd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:780417BF-4A6B-4FFC-99A9-0418BC284A39@xxxxxxxxxxxxxxxx
Two weeks ago (shortly after some updates from MS) I
started
having
mail
rejected by AOL & CS domains. (This is not the first time I
have
had
this
problem.) But now there is a new twist.

After talking to everyone on the network from my exchange
server
to
AOL's
mail server (AT&T DSL / DNS support and AOL's postmaster) I
have
determined
that no one claims to be blocking port 53, but my DNS
server
is
not
responding to RDNS requests from AOL; the request "times
out";
it
appears
that my server "is not responding to the request" (You may
already
know
that
unless your server responds to an RDNS request from AOL,
your
.

Relevant Pages

  • RE: exchange server cannot mount mailbox store
    ... What's the exact detailed DNS Events ... Type desired internal IP address of your SBS server. ... it will delete the reverse lookup zone if the zone no longer ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Re: Event 4515 :another copy of zone has been found
    ... running on the old 2000 server. ... I then installed DNS on ... I seem to remember hearing that if you just delete/remove the zone it ... Container), the Configuration Partition, and the Schema Partition. ...
    (microsoft.public.windows.server.dns)
  • Re: Replication between parent child domains
    ... install dns before i run the dcpromo on the melbourne server. ... DNS server will forward any query it can't answer, Checks zone ...
    (microsoft.public.windows.server.active_directory)
  • Re: Replication between parent child domains
    ... DNS server will forward any query it can't answer, Checks zone ... DNS Servers) all queries will go to tld DNS server (including Internet ... Stub zones: Stub zones contain a read-only copy with specific records ...
    (microsoft.public.windows.server.active_directory)
  • Re: DNS Redesign Issue
    ... -Using DNS console you can right-click the zone and export to a File, ... -To export a Zone and import that Zone in another DNS Server you need to use ... Create a child zone dallas on the DNS server in the child domain ...
    (microsoft.public.windows.server.dns)
Loading