external DNS on hosted webservers

  • Thread starter Thread starter Sam
  • Start date Start date
S

Sam

Hi,

I run MS DNS as the main DNS system for the sites we host
on two mirrored webservers. Both are W2KS, one is
installed a little over 2 years ago and is hosted in the
United Kingdom, while the other is installed early this
year and hosted in Madrid (Spain).

DNS wise, the Madrid server is a secondary for the one in
the UK. I installed forwarders to the hosting provider's
DNS servers.

Therefor that server is resolving all .es domains on the
server as well. The one in the UK is not (I entered the
same forwarders there as well). I suspect them not
responding to the forwarder.

Two questions:
- I think I do not need this kind of resolving as I'm only
bothered about external references to be resolved
correctly.
- On the other hand, should this not be resolved from the
root references? Therefor, did I miss a maintenance
subject? Should I maintain root references? There seems to
be no difference in both servers...

I searched everywhere for documentation, but I did not
encounter related documentation. Any hints that help to
increase my Knowledge are very welcome!

Thanks,
Sam
 
In
Sam said:
Hi,

I run MS DNS as the main DNS system for the sites we host
on two mirrored webservers. Both are W2KS, one is
installed a little over 2 years ago and is hosted in the
United Kingdom, while the other is installed early this
year and hosted in Madrid (Spain).

DNS wise, the Madrid server is a secondary for the one in
the UK. I installed forwarders to the hosting provider's
DNS servers.

Therefor that server is resolving all .es domains on the
server as well. The one in the UK is not (I entered the
same forwarders there as well). I suspect them not
responding to the forwarder.

Two questions:
- I think I do not need this kind of resolving as I'm only
bothered about external references to be resolved
correctly.
- On the other hand, should this not be resolved from the
root references? Therefor, did I miss a maintenance
subject? Should I maintain root references? There seems to
be no difference in both servers...

I searched everywhere for documentation, but I did not
encounter related documentation. Any hints that help to
increase my Knowledge are very welcome!

Thanks,
Sam
Click to expand...

Using both the same forwarders and only the one from UK is not resolving
..es? Strange. Maybe you have "do not use recursion" set on the one in UK?
That checked stops it from using the Roots.

Not really necessary to resolve .es unless you're sitting at the machine
trying to get to a website on the .es TLD. It wouldn't matter for hosting
your sites.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
Hi,

Thanks for your quick reply.

No, "do not use recursion" is unchecked on both servers. I
forgot to tell that the Madrid server (the OK one) passes
the "monitoring" recursive test, while the UK one fails it
(ofcourse).

The problem is that I do not trust the UK server as I do
not understand where this comes from.... So I'd like to
sort it out.

Any troubleshooting ideas?

Thanks,
Sam
 
In
Sam said:
Hi,

Thanks for your quick reply.

No, "do not use recursion" is unchecked on both servers. I
forgot to tell that the Madrid server (the OK one) passes
the "monitoring" recursive test, while the UK one fails it
(ofcourse).

The problem is that I do not trust the UK server as I do
not understand where this comes from.... So I'd like to
sort it out.

Any troubleshooting ideas?

Thanks,
Sam
Click to expand...


If one does not pass the recursive test, I would usually look at the
Forwarder address, or probably more so at a possible firewall blocking it.
Do you have a firewall in Madrid?

Tell you what, if you can from the Madrid server, try a couple tests using
nslookup and Dig to see if you can get to the .es namespace. Test such as
(replace somedomainname.es with one that you are aware of):

nslookup
set type=ns
somedomainname.es

And it should list the name servers for that domain.

Then type in:
set type=all
somedomainname.es

If anything is blocking it, it won't come back with the responses. If you
think it's the forwarder, try chaning the server that nslookup is using from
your server to another, with this command that shows how to change the
server (in this example) to 4.2.2.2:

server 4.2.2.2


And try the tests again.
4.2.2.2 is a reliable server and can be used as a forwarder.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory
 
S> - I think I do not need this kind of resolving as I'm only
S> bothered about external references to be resolved
S> correctly.

If your DNS server is publishing DNS database content to the rest
of Internet, best practice, as recommended by a list of people
(me among them) as long as your arm, is to _not_ have that server
attempt to provide proxy DNS service as well. (If you want proxy
DNS service, use a separate, non-public, server for that purpose.)

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-server-roles.html#ProxyIP>

Enable the "disable recursion" option on your content DNS servers.

S> - On the other hand, should this not be resolved from the
S> root references? Therefor, did I miss a maintenance
S> subject? Should I maintain root references?

Your separate proxy DNS server may well need "root hints". That
depends from what its particular situation warrants, and whether
you choose for it to be a resolving or a forwarding proxy DNS server.

<URL:http://homepages.tesco.net./~J.deBoynePollard/FGA/dns-monolithic-server-as-proxy.html>
 
Back
Top