Re: DNS Recursive Query

From: Herb Martin (news_at_LearnQuick.com)
Date: 05/05/04 

Date: Wed, 5 May 2004 12:58:50 -0500

"Roland Hall" <nobody@nowhere> wrote in message
news:OQmLw0mMEHA.3556@TK2MSFTNGP09.phx.gbl...
> "Matt" wrote in message news:85d101c43248$5af2c430$a501280a@phx.gbl...
> : Can someone explaine (or tell me where there is info on)
> : DNS Reversive Query. I have 2 DNS servers, DNS1 will
> : always pass tests, DNS2 will always pass simple query, but
> : fail recursive squrey. Both are configured exactly the
> : same.
>
> DNS2 is not a secondary to DNS1?

Fairly irrelevant to "recursive queries" but it does point out that
it is UNLIKELY the two servers are exactly the same.

Recursive queries are those that must be answered by a DNS
server going to OTHER DNS servers to answer the request.

Such queries can be answer by forwarding to another DNS
server, or by performing the actual recursion from the ROOT
down of the namespace.

In the latter (general) case, the server much have the correct
"root servers" configured (in Root Hints or Cache file) and be
able to reach them through any intevening firewalls.

One example problem would be a firewall that blocked the
internal server from reaching "The Internet" and yet it was
configured with root hints to recurse from the Internet Root
servers.

(In such cases, forwarding usually works better. )

Another example might be a machine which SHOULD be
using an Internal Root or External (Internet) root configured
with the opposite. 

-- 
Herb Martin
>
> -- 
> Roland Hall
> /* This information is distributed in the hope that it will be useful, but
> without any warranty; without even the implied warranty of merchantability
> or fitness for a particular purpose. */
> Online Support for IT Professionals -
> http://support.microsoft.com/servicedesks/technet/default.asp?fr=0&sd=tech
> How-to: Windows 2000 DNS:
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308201
>
>

Relevant Pages

  • Re: netstat - security issue?
    ... >> LAN and the Internet. ... I have now updated most of my packages, I have very few servers running ... you would have to be root to see it all.) ... > 'telnet localhost 25' and see what happens. ...
    (comp.os.linux.security)
  • Re: DNS resolcing externally for local machines..
    ... answer, want recursion, recursion avail. ... nameserver = b.root-servers.net ... internet address = 192.33.4.12 ...
    (microsoft.public.windows.server.dns)
  • Re: DNS excessive traffic root hints
    ... We have internaland external dns servers. ... Root servsers. ... The problem is that internal dns servers wants to connect root dns ... How to Configure OEx for Internet News ...
    (microsoft.public.win2000.dns)
  • RE: Do not use recursion on this domain
    ... my point is to continue to have the name resolution in case if the ... “Do not use recursion on this domain” on the DNS setting. ... Don’t let your internal servers roam the Internet looking for name servers.( ...
    (microsoft.public.windows.server.dns)
  • netstat - security issue?
    ... LAN and the Internet. ... (Not all processes could be identified, non-owned process info ... Active Internet connections (servers and established) ... But I know I am root, what is this "you would have to be root to see it all" ...
    (comp.os.linux.security)
Loading