Re: Prevent Caching of real world domain in W2K3 sp1 DNS.

---

• From: "Herb Martin" <news@xxxxxxxxxxxxxx>
• Date: Fri, 15 Sep 2006 12:12:50 -0500

---

"themeanies" <themeanies@xxxxxxxxxxx> wrote in message
news:12glej9bdnfao38@xxxxxxxxxxxxxxxxxxxxx

Herb Martin wrote:

"themeanies" <themeanies@xxxxxxxxxxx> wrote in message
news:12gis41i2jhdtcb@xxxxxxxxxxxxxxxxxxxxx

Is it possible to prevent the caching of only one domain? I'd like to
keep caching in place just not for this one particular domain.

No, not without writing your own DNS server.

Why would you wish to do this? (It is the responsibility of
the Admin of each zone, and the Authoritative servers of that
zone, to determine how long their records should be cached.)

For some reason we have terrible trouble with the hierarchy of usda.gov
It's not your typical DNS hierarchy, especially in the SMTP delivery
world.

On the surface this sounds like a problem with THEIR DNS
setup which is their admins responsibility and should be referred
to that admin for resolution.

Do other people (can you determine) experience similar problems
since you say it is not a "typical DNS hierarchy"?

If not, what do you mean by it not being typical?

How does the problem manifest PRECISELY?
By this I don't mean the application symptoms but rather
the precise results if you use NSLOOKUP to test specifically
what is in your own DNS server vs. what the usda.gov DNS
server(s) all say?

nslookup EACH_NAME_IN_QUESTION YOUR_DNS_IP_ADDRESS

nslookup EACH_NAME_IN_QUESTION 199.141.126.202

Look for descrepancies. You will of course need to do this perhaps
separately if USDA.gov has child zones served by other DNS servers
(than 199.141.126.202 which I have resolved above.)

usually 10-14 days after a DNS restart, some but not all hosts in the
hierarchy stop resolving.

But only for usda.gov usually?

Clearing the cache is the only way to fix the problem. It mostly
manifests itself in mail delivery failures, but has also shown up in
failed ftp transfers.

Then determine what is DIFFERENT about your cache and what
is returned and what is ACTUALLY CURRENT over on USDA.gov
(ns1.usda.gov)

When this happens there are items in the cache for usda.gov, but not the
items I am looking for and resolution just fails.

Give specific examples so we can help determine if this is
USDA.gov OR YOUR server with the problem.

Perhaps it is a deeper child of usda.gov and a different DNS
server than the one I listed above....

I am currently restarting all three of my DSN servers every week to clear
the cache.

You could just clear the cache rather than restart.

What OS specifically? What Service Pack level?

You don't by any chance have your DNS servers MUTUALLY
FORWARDING to each other do you? (e.g., #1 forwards to #2
which forwards back to #1 -- or even in a circle with #3)

Usually the mutual forwarding problem causes the entire DNS
server or RPC service to either crash or get flakey.

AFAIK this is the only external domain that gives me trouble and I have
over 1000 hosts resolving internal and external off these DNS servers. I
have had no luck what-so-ever in talking with anyone from their ITworld.

IF it is "their problem" then you cannot fix it. Who did you contact
there?

nslookup -q=soa usda.gov
usda.gov
primary name server = NS1.usda.gov
responsible mail addr = dns.list.att.com

So the correct connect for DNS there is SUPPOSED to be:

dns@xxxxxxxxxxxx

(Subdomains/zones might offer additional contacts)

Gov domains don't give much whois info, but I haven't had
need to contact any and so don't know any tricks for getting
the right info beyond the SOA record.

Administrator and/or Postmaster are required (some RFC) to
be monitored for email compliance so you might try those and
explain the problem.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

tM

.

---

• References:
  • Prevent Caching of real world domain in W2K3 sp1 DNS.
    • From: themeanies
  • Re: Prevent Caching of real world domain in W2K3 sp1 DNS.
    • From: Herb Martin
  • Re: Prevent Caching of real world domain in W2K3 sp1 DNS.
    • From: themeanies

• Prev by Date: Re: Hostname resolution from client fails
• Next by Date: Re: Protected Forest with One Child domain
• Previous by thread: Re: Prevent Caching of real world domain in W2K3 sp1 DNS.
• Next by thread: DNS Zone expiring
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: sys vol check ... instead of the local DNS server and two ISP DNS servers. ... I need to configure the DHCP to use all three internal DNS servers ... If DNS zones are AD Integrated are writtable. ... (microsoft.public.windows.server.active_directory) Re: DNS Cache Corrupt for individual zone ... for authoritative DNS of external hosts). ... We have a frustrating issue where the zone for one particular zone ... when the cache is in this state. ... DNS servers are only accessible in our internal DNS network. ... (microsoft.public.windows.server.dns) Re: sys vol check ... You've 3 DC DNS servers one in each Site with different subnets. ... You've A forward lookup Zone named CORP.DLECINC.COM and a reverse lookup ... The clients should use only their local DNSserver in ther NIC ... (microsoft.public.windows.server.active_directory) Re: Win2k3 and Slow Logons ... > various DNS settings from the server and my router set up. ... for internal DNS servers, but it must NOT be listed on any ... >>>>bad world of the Internet. ... (microsoft.public.windows.server.dns) Re: Prevent Caching of real world domain in W2K3 sp1 DNS. ... resolve anything usda.gov on either of my main DNS servers. ... and the cache is quite full. ... (microsoft.public.windows.server.dns)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)