 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Windows Server 2003 / DNS / July 2005Misconfigured, need help
Please bear with me as I struggle to explain why I think I have a DNS problem. I'll start with some background first. Our DNS servers are Windows 2003 server. One of the DNS servers was upgraded from Windows 2000 the other was a native install of Windows 2003. DNS has been running as it is currently for years. To me and my limited knowlege of DNS everything looks good. All our computers are in there with the associated records and ip address in the forward and reverse lookup zones. The two DNS servers seem to talk to each other just fine. There arent' any DNS errors in the event log. All this time everything seemed fine to me. A few weeks ago we had some email come back to us as undeliverable. I have been working on it for a long time, and have made some progress. That is what has lead me to a possible DNS problem as it was pointed out to me while troubleshooting email. #1 our internal domain is bsu.com. In the outside world we do not own bsu.com. In the outside world we are bsu.us. In the outside world our DNS is mail.bsu.us NOT mail.bsu.com. Now, it used to be I could go out to the web and type in www.bsu.com and if I remember correctly it used to pull up Ball State University. In any case, in trying to fix my email problem, it was suggested that we should put an entry in DNS for bsu.us. So I created a new zone, put two records in there that pointed to our internal email server ip address. The records were mail.bsu.us and syssb0007.bsu.us, the latter being the server name. Once I did that I could no longer browse to www.bsu.us. The MSN search site came up. I deleted the zone and viola, I could find www.bsu.us. --I thought that if an internal DNS server doesn't have the info it then goes out and queries for it. I don't understand why when that zone was there we could not get to our website, which is hosted outside. Going back to bsu.com, I can't pull anything up for that either now. The MSN search site comes up for that as well. Not that we need to get to that site, it's just I think it's because bsu.com is part of our internal DNS and it's messing us up. So, what do I do from here? It was also suggested we change our internal domain from bsu.com to bsu.local. I don't mind doing that I just don't know what the reprecussions are. Anyone have any ideas or thoughts on this? Thanks in advance! Hi If you make your DNS server authorative for bsu.us as you did when you created the bsu.us zone then your server thinks it knows everything about that zone and thus wont forward requests , if you had added a www record(host A) within that zone as well as the mail and syssb0007 records and gave it your webserver IP . You should then be able to resolve www.bsu.us as your DNS will have a record for www.bsu.us with the correct IP, instead of looking in its bsu.us zone and finding no www record thus failing to resolve the request HTH Regards S >Please bear with me as I struggle to explain why I think I have a DNS >problem. I'll start with some background first. [quoted text clipped - 33 lines] >what the reprecussions are. Anyone have any ideas or thoughts on this? >Thanks in advance! > Please bear with me as I struggle to explain why I think I have a DNS > problem. I'll start with some background first. [quoted text clipped - 35 lines] > just don't know what the reprecussions are. Anyone have any ideas or > thoughts on this? Thanks in advance! You don't have to rename your domain, you just won't be able to access any thing but your DC with the name bsu.com, other records such as www, mail or FTP, you have to add them. Also, if have an internal mail server and you need to send email to bsu.com you will have to add their MX record to your local zone. bsu.com. MX 10 INBOUND.BSU.COM.NETSOLMAIL.NET. In addition, if you have any of your public servers located on your local network, such as the website or mail server. You will need to set up a shadow DNS zone on your local DNS server, with the records you need to access the servers by their local IP addresses. Back to your original complaint of bounced email, this tells me you may have a local mail server using your local DNS server, and you are possibly behind a firewall that blocks UDP packets over 512 bytes. New to Win2k3 DNS is the use of EDNS0 extensions that use UDP packets exceeding 512 bytes, when the external DNS returns the query using EDNS0 your firewall blocks it. You need to increase the UDP packet size on the firewall to 1500 bytes (internet MTU) or disable EDNS0 on the Win2k3 DNS servers. DNS query responses do not travel through a firewall in Windows Server 2003: http://support.microsoft.com/default.aspx?scid=kb;en-us;828263&sd=RMVP  SignatureBest regards, Kevin D4 Dad Goodknecht Sr. [MVP] Hope This Helps =================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue, to respond directly to me remove the nospam. from my email address. =================================== http://www.lonestaramerica.com/ =================================== Use Outlook Express?... Get OE_Quotefix: It will strip signature out and more http://home.in.tum.de/~jain/software/oe-quotefix/ =================================== Keep a back up of your OE settings and folders with OEBackup: http://www.oehelp.com/OEBackup/Default.aspx =================================== |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2010 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.