Re: DNS resolcing externally for local machines..

From: GaryB <GaryB@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 25 Apr 2006 08:40:02 -0700

OK Kevin, here we go, I am sure it means something to you!!....We now also
have a LAN client who cannot connect to a CITRIX client (443), even though
they are setup to connect to WAN via the proxy! May not be connected to this
issue..

From xp machine: nslookup -d2 -qtype=ns . 192.168.45.10

------------
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
10.45.168.192.in-addr.arpa, type = PTR, class = IN

------------
------------
Got answer (85 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0

QUESTIONS:
10.45.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 10.45.168.192.in-addr.arpa
type = PTR, class = IN, dlen = 29
name = lanserver.corp.ghlplc.co.uk
ttl = 1200 (20 mins)

------------
Server: lanserver.corp.ghlplc.co.uk
Address: 192.168.45.10

------------
SendRequest(), len 17
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
(root), type = NS, class = IN

------------
------------
Got answer (449 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 13, authority records = 0, additional = 13

QUESTIONS:
(root), type = NS, class = IN
ANSWERS:
-> (root)
type = NS, class = IN, dlen = 20
nameserver = b.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = c.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = d.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = e.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = f.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = g.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = h.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = i.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = j.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = k.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = l.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = m.root-servers.net
ttl = 84420 (23 hours 27 mins)
-> (root)
type = NS, class = IN, dlen = 4
nameserver = a.root-servers.net
ttl = 84420 (23 hours 27 mins)
ADDITIONAL RECORDS:
-> b.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.228.79.201
ttl = 84420 (23 hours 27 mins)
-> c.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.33.4.12
ttl = 84420 (23 hours 27 mins)
-> d.root-servers.net
type = A, class = IN, dlen = 4
internet address = 128.8.10.90
ttl = 84420 (23 hours 27 mins)
-> e.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.203.230.10
ttl = 84420 (23 hours 27 mins)
-> f.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.5.5.241
ttl = 84420 (23 hours 27 mins)
-> g.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.112.36.4
ttl = 84420 (23 hours 27 mins)
-> h.root-servers.net
type = A, class = IN, dlen = 4
internet address = 128.63.2.53
ttl = 84420 (23 hours 27 mins)
-> i.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.36.148.17
ttl = 84420 (23 hours 27 mins)
-> j.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.58.128.30
ttl = 84420 (23 hours 27 mins)
-> k.root-servers.net
type = A, class = IN, dlen = 4
internet address = 193.0.14.129
ttl = 84420 (23 hours 27 mins)
-> l.root-servers.net
type = A, class = IN, dlen = 4
internet address = 198.32.64.12
ttl = 84420 (23 hours 27 mins)
-> m.root-servers.net
type = A, class = IN, dlen = 4
internet address = 202.12.27.33
ttl = 84420 (23 hours 27 mins)
-> a.root-servers.net
type = A, class = IN, dlen = 4
internet address = 198.41.0.4
ttl = 84420 (23 hours 27 mins)

------------
(root)
type = NS, class = IN, dlen = 20
nameserver = b.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = c.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = d.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = e.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = f.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = g.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = h.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = i.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = j.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = k.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = l.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = m.root-servers.net
ttl = 84420 (23 hours 27 mins)
(root)
type = NS, class = IN, dlen = 4
nameserver = a.root-servers.net
ttl = 84420 (23 hours 27 mins)

b.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.228.79.201
ttl = 84420 (23 hours 27 mins)
c.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.33.4.12
ttl = 84420 (23 hours 27 mins)
d.root-servers.net
type = A, class = IN, dlen = 4
internet address = 128.8.10.90
ttl = 84420 (23 hours 27 mins)
e.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.203.230.10
ttl = 84420 (23 hours 27 mins)
f.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.5.5.241
ttl = 84420 (23 hours 27 mins)
g.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.112.36.4
ttl = 84420 (23 hours 27 mins)
h.root-servers.net
type = A, class = IN, dlen = 4
internet address = 128.63.2.53
ttl = 84420 (23 hours 27 mins)
i.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.36.148.17
ttl = 84420 (23 hours 27 mins)
j.root-servers.net
type = A, class = IN, dlen = 4
internet address = 192.58.128.30
ttl = 84420 (23 hours 27 mins)
k.root-servers.net
type = A, class = IN, dlen = 4
internet address = 193.0.14.129
ttl = 84420 (23 hours 27 mins)
l.root-servers.net
type = A, class = IN, dlen = 4
internet address = 198.32.64.12
ttl = 84420 (23 hours 27 mins)
m.root-servers.net
type = A, class = IN, dlen = 4
internet address = 202.12.27.33
ttl = 84420 (23 hours 27 mins)
a.root-servers.net
type = A, class = IN, dlen = 4
internet address = 198.41.0.4
ttl = 84420 (23 hours 27 mins)

From xp machine: nslookup -d2 <DCsNetBIOSName>

From the DC. nslookup -qtype=ns . 192.168.45.1

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.45.1

DNS request timed out.
timeout was 2 seconds.

From the DC. nslookup -d2 -qtype=ns . <IPofForwarder>

------------
SendRequest(), len 42
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
57.6.72.192.in-addr.arpa, type = PTR, class = IN

------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
Server: UnKnown
Address: 192.72.6.57

------------
SendRequest(), len 17
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
(root), type = NS, class = IN

------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)

There are a couple of reasons your DNS is not forwarding, the first nslookup
above should answer that.

The others are for my information that the Forwarder is a valid forwarder
and that the firewall can or cannot act as a DNS proxy.

If the firewall can be a DNS proxy, I would make it your forwarder.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Follow-Ups:
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]

References:
- Re: DNS resolcing externally for local machines..
  - From: Lanwench [MVP - Exchange]
- Re: DNS resolcing externally for local machines..
  - From: GaryB
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolcing externally for local machines..
  - From: GaryB
- Re: DNS resolcing externally for local machines..
  - From: Lanwench [MVP - Exchange]
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]
- Re: DNS resolcing externally for local machines..
  - From: Kevin D. Goodknecht Sr. [MVP]

Prev by Date: Re: dns best practices
Next by Date: Re: classless reverse lookup zone
Previous by thread: Re: DNS resolcing externally for local machines..
Next by thread: Re: DNS resolcing externally for local machines..
Index(es):
- Date
- Thread

Relevant Pages

Re: nslookup fails
... Does this DNS server have a Forwarder configured? ... you may need to run the root query several times to resolve ... google.com nameserver = ns1.google.com ... ns1.google.com internet address = 216.239.32.10 ...
(microsoft.public.windows.server.dns)
Re: Urgent!! Exchange Server 2000 cannot received emails....
... Default Server: webmail.wecl.com.hk ... nameserver = m.root-servers.net ... l.root-servers.net internet address = 198.32.64.12 ...
(microsoft.public.exchange.admin)
Re: DNS Forwarders not working?
... > DC is pointing to itself in the DNS on the NIC, ... If you are not using a forwarder verify that you can query the root servers ... nameserver = A.ROOT-SERVERS.NET ... H.ROOT-SERVERS.NET internet address = 128.63.2.53 ...
(microsoft.public.win2000.dns)
Re: DNS Recursive Query
... server going to OTHER DNS servers to answer the request. ... or by performing the actual recursion from the ROOT ... configured with root hints to recurse from the Internet Root ...
(microsoft.public.win2000.dns)
Re: Cant resolve certain domains
... sun.com nameserver = ns1.sun.com ... ns1.sun.com internet address = 192.18.128.11 ... Should have this in the final answer after it goes through the DNS Suffix ... response, want recursion, recursion avail. ...
(microsoft.public.windows.server.dns)