G
Guest
I have a single Windows 2000 AD domain: corp.mydomain.com. I have two
Windows 2000 DNS servers: DNS1 is standard primary and DNS2 is standard
secondary to DNS1. Both are configured with forwarders to our ISP's two DNS
servers. Neither DNS server is accessible from the Internet, we have
split-brain DNS.
DNS2 is also running Exchange 2000 SP3. It is configured to query itself
for host name resolution (I do not have DNS servers configured on the SMTP
server). DNS1 is also configured to query itself for hostname resolution.
The problem I am troubleshooting is Internet message delivery. Once in a
while, I have a user forward me an NDR with the following error: "The
destination server for this recipient could not be found in Domain Name
Service (DNS). Please verify the email address and retry. If that fails,
contact your administrator." I will try to use nslookup to locate the MX
record like this:
C:\>nslookup -q=mx somedomain.com
Server: dns2.corp.mydomain.com
Address: 172.16.0.3
DNS request timed out.
timeout was 2 seconds.
*** Request to dns2.corp.mydomain.com timed-out
If I try the same steps from DNS1, I return the correct results. I have
eliminated our firewall as a potential problem; I can see DNS queries passing
from both DNS servers (most of the time). When the lookup fails, I do not
see traffic coming from DNS2 in our firewall logs (it is as though DNS2 is
not "asking"). A few hours later, it will start working correctly.
I have seen some references to a -d2 switch for nslookup but the output is
"robust". At the end of the output, it gives me the same error: "timed-out".
Any advice on how to troubleshoot this is much appreciated.
McR
Windows 2000 DNS servers: DNS1 is standard primary and DNS2 is standard
secondary to DNS1. Both are configured with forwarders to our ISP's two DNS
servers. Neither DNS server is accessible from the Internet, we have
split-brain DNS.
DNS2 is also running Exchange 2000 SP3. It is configured to query itself
for host name resolution (I do not have DNS servers configured on the SMTP
server). DNS1 is also configured to query itself for hostname resolution.
The problem I am troubleshooting is Internet message delivery. Once in a
while, I have a user forward me an NDR with the following error: "The
destination server for this recipient could not be found in Domain Name
Service (DNS). Please verify the email address and retry. If that fails,
contact your administrator." I will try to use nslookup to locate the MX
record like this:
C:\>nslookup -q=mx somedomain.com
Server: dns2.corp.mydomain.com
Address: 172.16.0.3
DNS request timed out.
timeout was 2 seconds.
*** Request to dns2.corp.mydomain.com timed-out
If I try the same steps from DNS1, I return the correct results. I have
eliminated our firewall as a potential problem; I can see DNS queries passing
from both DNS servers (most of the time). When the lookup fails, I do not
see traffic coming from DNS2 in our firewall logs (it is as though DNS2 is
not "asking"). A few hours later, it will start working correctly.
I have seen some references to a -d2 switch for nslookup but the output is
"robust". At the end of the output, it gives me the same error: "timed-out".
Any advice on how to troubleshoot this is much appreciated.
McR