Re: DNS resolving issue with new child domain

Tech-Archive recommends: Speed Up your PC by fixing your registry

From: Dana Brash (dbrash_at_NOSPAM.gmail.com)
Date: 11/16/04 

Date: Wed, 17 Nov 2004 00:54:59 +0800

Hi Brian,

nslookup's ability to resolve a hostname is not related to WINS.
nslookup's ability to resolve IP => Domain Name is related to Reverse Lookup
Zones being properly confiugred in DNS.
If nslookup can resolve a hostname, then DNS is working. If you really want
to test it, turn WINS off, you probably don't need it anyway.
You can also try pinging back and forth using FQDN.

Let's back up for a minute though..... What exactly are you actually trying
to do when you receive an error? My understanding from your original post
was that you can not resolve NSLookup queries from the parent to the child
domain, but that nslookup queries from the child domain resolve parent
domain hosts.

You also mentioned that you had a router routing between the domains:

> > > DC which is also acting as a router (additional NIC added) between the
> > > domains

and so I assumed that the parent was on one side and child domain was on the
other side. I would also assume that the parent and child domains would be
on separate subnets, which would make some logical sense as well (hence the
need for routing). It is this router between the two subnets that needs to
be able to pass port 53 for DNS lookup. Both subnets should be behind a
firewall, and incoming port 53 requests should be blocked at the firewall.
However, IF both parent and child domains are on the same subnet, then they
both want to be using the same reverse lookup zone. You can host a
secondary lookup zone in the child domain.

What can you tell us about your DNS setup?
Where are the servers?
Which zones are on which servers? Forward Lookup? Reverse Lookup?
Delegation?
What type of zones are they? AD integrated? Primary? Secondary?
Are the servers properly configured to use themselves ONLY for DNS? What
forwarders do you have configured?
What client are you testing from? Which DNS server is the client using? 

-- 
HTH,
=d=
Dana Brash
MCSE, MCDBA, MCSA
dbrash@NOSPAM.gmail.com
"ITOpMan" <ITOpMan@discussions.microsoft.com> wrote in message
news:EF634D4A-781F-448B-8023-F461FE94AEBB@microsoft.com...
> Hi...The child domain is inside the firewall so there is no issues with
> firewall but worth asking.  I have just tested nslookup from the main
domain
> server and this works fine now with the secondary zone resolves ntebios
and
> ip addresses for the child domain, But the server in the child domain
solves
> netbios names to ip (which i think is using wins) but can not resolve ip
> addresses.
>
> all dns servers have reverse lookup zones.
>
> How can I test if dns is working? nslookup as i said waorks on netbios
names
> but can not resolve ip addresses so believe its the wins thats resolving
the
> netbios names.
>
> Any help would be greatfully recieved.
>
> Brian
>
> "Dana Brash" wrote:
>
> > Hi,
> >
> > If the parent zone and child zone are on either side of a router, you'll
> > need to route port 53 for DNS resolution between DNS servers.
> >
> > If it's not simply a routing problem, this should get you on the right
> > track...
> > http://support.microsoft.com/default.aspx?scid=kb;en-us;255248
> >
> > Can the child domain perform successful DNS lookups for itself?  If so,
> > where is the child zone hosted?
> >
> >
> > -- 
> > HTH,
> > =d=
> >
> >
> > Dana Brash
> > MCSE, MCDBA, MCSA
> >
> > dbrash@NOSPAM.gmail.com
> >
> > "ITOpMan" <ITOpMan@discussions.microsoft.com> wrote in message
> > news:53F2B58E-93C4-4A10-AE4B-28442EDA1EC4@microsoft.com...
> > > We have just added a new child domain to our network and installed a
> > win2000
> > > DC which is also acting as a router (additional NIC added) between the
> > > domains, We are running DNS with AD and we can resolve nslookup
querrys
> > from
> > > this child domain for the main domain but can not resolve anything
from
> > the
> > > main domain for the child domains.
> > >  'none-existing domain'
> > >
> > > Has any one any idea why this is happening and How we can resolve it.
> > >
> > > Cheer's
> > >
> > > I have now moved the routing to a new machine as I read some were that
you
> > > shpould not put routing on a DC!  any way same probem with dns.
> > >
> > >
> >
> >
> >

Relevant Pages

  • Re: recursion & zone delegation tangle
    ... Alll DNS servers: Windows 2003 SP1 ... DNS zone: parent.com ... Allow clients to resolve names of delegated child domain zone. ...
    (microsoft.public.windows.server.dns)
  • Re: Ghost DNS record
    ... We have 3 zones, 1 AD integrated, 1 Secondary Internet domain zone, ... that server for starters. ... the servers were able resolve the name. ... Are you using WINS for DNS resolution? ...
    (microsoft.public.windows.server.dns)
  • Re: Create a DNS-record
    ... It has to resolve to an IP address somewhere, ... with a DNS name without getting an IP address. ... If it does, right click in the microsoft.com zone, select new Alias, ... If you are wanting a redirection, so the when you enter www.microsoft.com ...
    (microsoft.public.windows.server.dns)
  • Re: External DNS Resolution
    ... I have removed the webex.com Zone records. ... Your client's DNS server, and forwarders, and all of the DNS ... Unable to resolve target system name asipay.webex.com. ... Please advise on how to correct this issue with the one external website. ...
    (microsoft.public.windows.server.dns)
  • Re: External DNS Resolution
    ... I have removed the webex.com Zone records. ... Server: file1.asioffice.com ... Unable to resolve target system name asipay.webex.com. ... Please advise on how to correct this issue with the one external website. ...
    (microsoft.public.windows.server.dns)