Can't reach Internet from DNS server using DNS

  • Thread starter Thread starter MC
  • Start date Start date
M

MC

Suddenly our external DNS servers can't access the internet using DNS. We
can use an ip address to get to the internet. DNS seems to be working fine
for the outside world, but not working at all inside. Can someone help?
Thanks
 
MC said:
Suddenly our external DNS servers can't access the internet using DNS. We
can use an ip address to get to the internet. DNS seems to be working fine
for the outside world, but not working at all inside. Can someone help?
Thanks
Click to expand...

What did you change? (Suddenly?)

Some reasons this might happen:

1) Your DNS server forwards but the forwarders (at the ISP)
are not working

2) Someone disabled fowarding on your DNS server

3) Someone disabled recursion (in Advanced properties) on
your DNS server -- this ALSO DISABLES forwarders

4) Some network problem or firewall filter issue

What happens if you go to the DNS server and use NSLOOKUP?

Be explicit and test both against YOUR OWN server and against a
known working server on the Internet (i.e., 4.2.2.1)

Look for differences. What works versus what fails so isolate
the problem.

nslookup www.google.com (NOT explicit enough!!!)

nslookup www.google.com YOUR.DNS.SERVER.IP

nslookup www.google.com YOUR.ISP.DNS.IP

nslookup www.google.com 4.2.2.1


(If all of the above work when AT THE DNS server then try each
of these from a CLIENT that shows the problem.)

Post your IPConfig from a sample client which is affected AND
from the DNS server....
 
You need to fully describe your network design, inside and out, to include
your internal/external DNS architecture, to receive any real help.

-Frank
 
In
MC said:
Suddenly our external DNS servers can't access the internet using
DNS. We can use an ip address to get to the internet. DNS seems to be
working fine for the outside world, but not working at all inside.
Can someone help? Thanks
Click to expand...

Sorry, MC, your post is very vague, as others have noted. We'll need
configuration information to assist you.

Please post:

1. Unedited ipconfig /all from the DC/DNS server and from a sample client
that it is not "working" (as you stated).
2. Do you have a Forwarder configured, and if so, please supply that IP
address.
3. What was changed if this is a "sudden" change?
4. Do you have a firewall such as a personal firewall (like Zone Alarm or
McAfee Internet Security, etc), Windows firewall, PIX, Checkpoint, ISA, etc?
5. Post the results of the nslookup tests Herb suggested (beneficial to help
diagnose this).

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.

It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
 
Thanks, everyone. Recursion was the problem. Someone had disabled it.

Ace Fekay said:
In
MC said:
Suddenly our external DNS servers can't access the internet using
DNS. We can use an ip address to get to the internet. DNS seems to be
working fine for the outside world, but not working at all inside.
Can someone help? Thanks
Click to expand...

Sorry, MC, your post is very vague, as others have noted. We'll need
configuration information to assist you.

Please post:

1. Unedited ipconfig /all from the DC/DNS server and from a sample client
that it is not "working" (as you stated).
2. Do you have a Forwarder configured, and if so, please supply that IP
address.
3. What was changed if this is a "sudden" change?
4. Do you have a firewall such as a personal firewall (like Zone Alarm or
McAfee Internet Security, etc), Windows firewall, PIX, Checkpoint, ISA,
etc?
5. Post the results of the nslookup tests Herb suggested (beneficial to
help diagnose this).

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows
you to easily find, track threads, cross-post, sort by date, poster's
name, watched threads or subject.

It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
Click to expand...
 
Back
Top