In DeathWarrant <
[email protected]> posted a question
Then Kevin replied below:
On Tue, 18 Nov 2003 13:25:41 -0600, "Kevin D. Goodknecht [MVP]"
In DeathWarrant <
[email protected]> posted a question
Then Kevin replied below:
On Tue, 18 Nov 2003 09:16:58 -0600, "Kevin D. Goodknecht [MVP]"
In DeathWarrant <
[email protected]> posted a question
Then Kevin replied below:
On my Windows SBS 2003 Standard box my DNS server cannot seem
to resolve some domain names. Simple and Recursive DNS query
test both PASS. Internal resolution is working fine. If I
flush the DNS cache sometimes it will resolve the offending
Domain, in this case aol.com. But maybe 30 minutes later it
won't resolve again and flushing the cache doesn't always
resolve the problem. Additionally if I set up the Fowarders
given to me by my ISP then it will never resolve aol.com no
matter if I flush the cache or not. The forwarders have been
confirmed by my ISP to accept recursive queries. I set up the
internal domain as xxx.local as recommended during SCS setup.
SBS setup also confimed my internet Domain Name for use with
Exchange. Needless to say this is causing havoc with e-mail
being returned as it cannot resolve. There are some other
domains but I have noticed aol.com more often as we have alot
of customers who use AOL. Port 53 TCP & UDP on my SonicWALL is
open to all incoming traffic. I've seen one or two KB
articles on this and they weren't helpful. Let's see, what
else......Ummm the DNS server is Active Directory Integrated
and will only allow Secure updates. There are no other DC's or
servers of any kind on the internal network other than SBS2K3.
About 6 WinXP clients and 8 Win2K clients. Clients are all
pointed to the internal DNS server only. Just thinking of
everything I can here so sorry if it isn't in any logical
order. I think that's it.
Scott Spencer
Something must be coflicting if DNS won't resolve aol.com maybe
some thing in a hosts file. Without actually seeing the nslookup
output is is hard to diagnose the problem. It could also be
cache polution, too. You might even try nslookup against the
ISP's DNS server.
add the set d2 option to nslookup so you can see exactly what is
happening.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
Well I found something interesting. I enable Advanced View in DNS
and cleared the cache. I immediately did a traceroute of aol.com
and got an "Unable to Resolve" HOWEVER, a new entry in the cache
was there for AOL along with it 4 IP address and 4 name servers.
I tried a tracert again and still unable to resolve even though
clearly the info is in the cache. I tried an e-mail to an AOL
user and still gets returned as unable to locate domain. Here is
my nslookup output:
============================================================================
=================
NSLOOKUP RESULT AGAINST ISP FORWARDER ADDRESS.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>nslookup
Default Server: localhost
Address: 127.0.0.1
server 64.52.192.98
Default Server: ns-rec.isp.nyc.eggn.net
Address: 64.52.192.98
aol.com
Server: ns-rec.isp.nyc.eggn.net
Address: 64.52.192.98
Non-authoritative answer:
Name: aol.com
Addresses: 205.188.145.213, 64.12.187.24, 149.174.130.216
============================================================================
=================
NSLOOKUP RESULT AGAINST MY DNS SERVER
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Administrator>nslookup -d2
------------
SendRequest(), len 40
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0,
additional = 0
QUESTIONS:
1.0.0.127.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (63 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion,
recursion avail.
questions = 1, answers = 1, authority records = 0,
additional = 0
QUESTIONS:
1.0.0.127.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 1.0.0.127.in-addr.arpa
type = PTR, class = IN, dlen = 11
name = localhost
ttl = 3600 (1 hour)
------------
Default Server: localhost
Address: 127.0.0.1
aol.com
Server: localhost
Address: 127.0.0.1
------------
SendRequest(), len 60
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0,
additional = 0
QUESTIONS:
aol.com.PrestigeEquipmentCorporation.local, type = A,
class = IN
------------
------------
Got answer (149 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion,
recursion avail.
questions = 1, answers = 0, authority records = 1,
additional = 0
QUESTIONS:
aol.com.PrestigeEquipmentCorporation.local, type = A,
class = IN
AUTHORITY RECORDS:
-> prestigeequipmentcorporation.local
type = SOA, class = IN, dlen = 43
ttl = 3600 (1 hour)
primary name server =
brain2k3.prestigeequipmentcorporation.local
responsible mail addr = hostmaster
serial = 238
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
------------
SendRequest(), len 25
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0,
additional = 0
QUESTIONS:
aol.com, type = A, class = IN
------------
------------
Got answer (89 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1,
additional = 0
QUESTIONS:
aol.com, type = A, class = IN
AUTHORITY RECORDS:
-> aol.com
type = SOA, class = IN, dlen = 52
ttl = 427 (7 mins 7 secs)
primary name server = dns-01.ns.aol.com
responsible mail addr = hostmaster.aol.net
serial = 2003111802
refresh = 1800 (30 mins)
retry = 300 (5 mins)
expire = 604800 (7 days)
default TTL = 600 (10 mins)
------------
Name: aol.com
Scott
There is something up with this for sure, when you do a lookup
for a type A record for aol.com it returns the SOA record for
aol.com. When I try to resolve it using your ISP's DNS I get
query refused, so I can't tell anything there, obviously they
have outside DNS requests blocked. Why don't you try 4.2.2.2 as a
forwarder to see if that clears this up?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
No Joy using 4.2.2.2. Man this is really baffling me. I wish I
could say the problem was only AOL. But I am having it with other
domains as well AOL is just more prominent.
What zones do you have in DNS?
Do an export list and paste it to a post.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your issue.
To respond directly to me remove the nospam. from my email.
==========================================
