Re: DNS Forwarders not working?
- From: "Kevin D. Goodknecht Sr. [MVP]" <admin@xxxxxxxxxxxxxx>
- Date: Wed, 22 Jun 2005 09:10:45 -0500
In news:77992C80-567A-4B10-A9AD-CC4BFF6F62C1@xxxxxxxxxxxxx,
Geoff Hewitt <GeoffHewitt@xxxxxxxxxxxxxxxxxxxxxxxxx> posted this:
> Hi Denis
>
> DC is pointing to itself in the DNS on the NIC, it is the only DNS
> entry. I can successfully ping both ISP DNS IP's and other public
> IP's.
Ping is not the tool to test connectivity to a DNS server since ping uses
ICMP. Use nslookup and change server to the external DNS you are using as
your forwarder.
If you are not using a forwarder verify that you can query the root servers
with this:
nslookup
set type=ns
server 198.41.0.4
..
(yes. that's a dot) If you get an answer back like this then you should
also be able to navigate the firewall to all external DNS servers.
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
A.ROOT-SERVERS.NET internet address = 198.41.0.4
H.ROOT-SERVERS.NET internet address = 128.63.2.53
C.ROOT-SERVERS.NET internet address = 192.33.4.12
G.ROOT-SERVERS.NET internet address = 192.112.36.4
F.ROOT-SERVERS.NET internet address = 192.5.5.241
B.ROOT-SERVERS.NET internet address = 192.228.79.201
J.ROOT-SERVERS.NET internet address = 192.58.128.30
K.ROOT-SERVERS.NET internet address = 193.0.14.129
L.ROOT-SERVERS.NET internet address = 198.32.64.12
M.ROOT-SERVERS.NET internet address = 202.12.27.33
I.ROOT-SERVERS.NET internet address = 192.36.148.17
E.ROOT-SERVERS.NET internet address = 192.203.230.10
D.ROOT-SERVERS.NET internet address = 128.8.10.90
> I can ping all IP's on the internal network.
> Nslookup fails on all external and internal IP's except the server
> (192.168.0.6), message on external fail is:
> *** <server>.<domain>.com can't find www.microsoft.com: server failed
> message on internal nslookup fail on the terminal server is:
> *** <server>.<domain>.com can't find 192.168.0.9: Non-existent domain
You obviously don't have a PTR record registered for this IP address.
If you get a message from nslookup saying
"Can't find server name for address <ipaddressofDNSserver>..."
That is nslookup performing a reverse lookup on the DNS server's address.
>
> I've tried browsing by IP on the server with strange results,
> sometimes a partial page appears but hyperlinks do not work, mostly
> "Page cannot be dispalyed".
This is likely beiong caused by a firewall rule not allowing your DNS server
recurse domain names, for recursion to work, your DNS server must be able to
contact EVERY DNS server on the internet.
If you want your DNS server to contact only its forwarder, make sure the
firewall has a rule allowing connections to the forwarder's IP on UDP & TCP
port 53. Then, on the forwarders tab check the box "Do not use recursion".
If you do this make sure the forwarder is capable of handling all external
DNS queries, if it fails, the external query will fail, because the root
hints won't be used. A couple of very good forwarders to use are 4.2.2.1 &
4.2.2.2
--?
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
.
- Follow-Ups:
- Re: DNS Forwarders not working?
- From: Geoff Hewitt
- Re: DNS Forwarders not working?
- References:
- DNS Forwarders not working?
- From: Geoff Hewitt
- Re: DNS Forwarders not working?
- From: Geoff Hewitt
- DNS Forwarders not working?
- Prev by Date: Re: addig a second dc/ds server
- Next by Date: Re: DNS Forwarders not working?
- Previous by thread: Re: DNS Forwarders not working?
- Next by thread: Re: DNS Forwarders not working?
- Index(es):
Relevant Pages
|
Loading
