Nameserver Issue

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Good Evening, I am having problems with my nameservers.

I have 6 of them, ns1 - ns3 were setup by microsoft.
ns4 - ns6 is what I am trying to get working. I have setup
the firewall exceptions for dns on those ports. I have deleted
the zone and recreated it. It has its pointers and A records.

What did I forget to do that microsoft showed me how to do?
The funny thing, is when I first set it up, ns4 was working (slowly)
but then went down upon reboot. dnsreport.com shows 3 as not
responding, but before I added them to the parent server, all 3
showed as responding, just missing from the parent????

Help!

John

The domain is three3denterprises.com.
Remove the numeral three from the domain (to protect the innocent :)
 
Update -

Everytime I reboot now, the servername gets added back to the servername
zone and the domain I originally referenced and the reverse dns. When I go
in to remove it, it only asks me if I want to remove 4 of the 6 pointer
records.
Of course I say no, but why is it adding my servername back each reboot now?

Thanks
 
In
John McLagan said:
Good Evening, I am having problems with my nameservers.

I have 6 of them, ns1 - ns3 were setup by microsoft.
ns4 - ns6 is what I am trying to get working. I have
setup
the firewall exceptions for dns on those ports. I have
deleted
the zone and recreated it. It has its pointers and A
records.

What did I forget to do that microsoft showed me how to
do?
The funny thing, is when I first set it up, ns4 was
working (slowly) but then went down upon reboot.
dnsreport.com shows 3 as not responding, but before I
added them to the parent server, all 3 showed as
responding, just missing from the parent????

Help!

John

The domain is three3denterprises.com.
Remove the numeral three from the domain (to protect the
innocent :)
Click to expand...

Did you map UDP and TCP 53 from the public addresses to the DNS servers'
local IP in your router? (If behind NAT)
 
In
John McLagan said:
Update -

Everytime I reboot now, the servername gets added back to
the servername zone and the domain I originally
referenced and the reverse dns. When I go in to remove
it, it only asks me if I want to remove 4 of the 6
pointer records.
Of course I say no, but why is it adding my servername
back each reboot now?
Click to expand...

Is the zones Active Directory integrated?

AD integrated zones will always recreate the NS records for all DNS servers
it is on using the local computer names and IP addresses.

Is the zone allowing dynamic updates?
 
Hey Kevin -

The server is in Workgroup mode, so no AD.
No router, just one nic, 6 ips, basic firewall in RRAS.
I turned off auto update after I made my dns changes.
That did stop my servername from being added back
to the zone.

But still no joy on ns3 - ns6 responding. Any ideas?

Thanks,

John
 
In
John McLagan said:
Hey Kevin -

The server is in Workgroup mode, so no AD.
No router, just one nic, 6 ips, basic firewall in RRAS.
I turned off auto update after I made my dns changes.
That did stop my servername from being added back
to the zone.

But still no joy on ns3 - ns6 responding. Any ideas?
Click to expand...

So you are using the Win2k3 as the router?
Using RRAS to forward these to the correct machines on the Services and
ports tab in RRAS NAT on the public interface
You have to do more than just open the ports, you have to map them to the
correct machine.

As for it adding the server name to the zone, it is self registering itself.
There was a KB on this but, I can't seem to find it now. Maybe someone has
it archived and can post it.
 
Hey Kevin -

I guess W2k3 is being used as a router. But not to other machines.
This is one nic with 6 ip addresses. As far as I know, I am just opening
the ports to allow the communication through that ip.

My services and ports have a rule setup for each ip and each protocol.
example ns1 has .96 listed in public and private and port 53 for incoming/
outgoing port. I have one for tcp and one for udp.

As far as I know, this is the routing. If not, where else should i be
looking?
I totally removed the rras setup and re-setup my rules. Why is only the 3 new
nameservers being effected? I have the same exact rules for ns1 as I do for
ns4?

When I shut off the firewall and run a dnsreport. Instead of non
responding, it shows returns 0 answers for each of the ips. A different
response, but still no joy.
Removing the firewall and still no joy means its dns, not firewall......Right?

I think the problem with my parent server being added back got solved by me
shutting off updates to the zones. Any other ideas?

Thanks,

John
 
In
John McLagan said:
Hey Kevin -

I guess W2k3 is being used as a router. But not to other
machines.
This is one nic with 6 ip addresses. As far as I know, I
am just opening
the ports to allow the communication through that ip.

My services and ports have a rule setup for each ip and
each protocol. example ns1 has .96 listed in public and
private and port 53 for incoming/ outgoing port. I have
one for tcp and one for udp.

As far as I know, this is the routing. If not, where
else should i be looking?
I totally removed the rras setup and re-setup my rules.
Why is only the 3 new nameservers being effected? I have
the same exact rules for ns1 as I do for ns4?

When I shut off the firewall and run a dnsreport.
Instead of non
responding, it shows returns 0 answers for each of the
ips. A different response, but still no joy.
Removing the firewall and still no joy means its dns, not
firewall......Right?

I think the problem with my parent server being added
back got solved by me shutting off updates to the zones.
Any other ideas?
Click to expand...

On the DNS server properties, interfaces tab, is DNS listening on all these
IP addresses?
While you can do it this way, this is outside the spirit of this RFC, you
are really supposed to map these addresses to their own DNS server.
 
Hey Kevin -

Thanks, thats what I forgot to do.

Outside the spirit of the RFC. I am using separate ips for separate smtp
domains. Microsoft set me up this way, so I could allow zone transfers
easily between the ips. I know I shouldn't have more than 7 nameservers, so
my last one will be a hosted service by someone else. I just haven't gotten
that far yet.

Since you seem to be a resident expert on dns. My next step is to delegate
servername.domain.com to the dyndns.net service, so I can get to one of my
customers dynamic servers. Is it as easy as just clicking the domain in dns
and following the wizard. Or what other tweaks do I need to do to make it
delegate properly?

Thanks for everything,

John
 
In
John McLagan said:
Hey Kevin -

Thanks, thats what I forgot to do.

Outside the spirit of the RFC. I am using separate ips
for separate smtp domains. Microsoft set me up this way,
so I could allow zone transfers easily between the ips.
I know I shouldn't have more than 7 nameservers, so my
last one will be a hosted service by someone else. I
just haven't gotten that far yet.

Since you seem to be a resident expert on dns. My next
step is to delegate servername.domain.com to the
dyndns.net service, so I can get to one of my customers
dynamic servers. Is it as easy as just clicking the
domain in dns and following the wizard. Or what other
tweaks do I need to do to make it delegate properly?
Click to expand...

Other than creating the delegation there is nothing else you need to do for
the delegation to work, other than making sure the DNS you are delegating
the name to is Authoritative for the domain name you are delegating.

As for whether it will work in your particular situation, that depends on
what exactly you are trying to accomplish.
 
Hi Kevin -

I and my customer want to be able to login to their server (which has a
dynamic ip address), by servername.domainname.com. I bought a custom dns
service through dyndns and setup a pointer record with them for
servername.domainname.com

Now I just need to make sure if servername.--- is addressed, the request is
passed to dyndns. Anything else gets resolved locally.

Thanks,

John
 
In
John McLagan said:
Hi Kevin -

I and my customer want to be able to login to their
server (which has a dynamic ip address), by
servername.domainname.com. I bought a custom dns service
through dyndns and setup a pointer record with them for
servername.domainname.com

Now I just need to make sure if servername.--- is
addressed, the request is passed to dyndns. Anything
else gets resolved locally.
Click to expand...

OIC, I don't think it is not a delegation you need, it would be a CNAME
record.
Name the CNAME record servername, then in the FQDN field type in the dydns
name "user.dydns.org"
I believe this is how the dydns service works, the user has a client that
logs into dydns.org and register an "A" record for the username they logon
with dydns.org with the dynamic IP they are on. At least that is how TZO
works, I assume its the same. I did the same thing for a client that had a
dynamic IP, he set up an account with the TZO service, and with a client on
his machine he logged in and registered an "A" record in tzo.com with his
dynamic IP address. The "A" record had a 300 second Ttl so every 300 seconds
(5 Min) the client registered the current IP address. If the client went
offline, the last known IP was re-registered in tzo.com.
The CNAME works great for every thing but a mail server or MX record, the MX
record had to point to user.tzo.com because CNAMES are not allowed in MX
records.

If all works as it should, when someone types servername.domainname.com in
their browser, it sends a DNS request to your DNS server for that name,
which returns a CNAME record with the dydns.org name. This slows the process
down a bit because it requires an extra lookup, but it is about all someone
with a dynamic IP address can do to host a public site on a dynamic IP
address.
 
In
John McLagan said:
Dyndns wants me to use their nameservers.
https://www.dyndns.org/support/services/custom/howto.html
is their how to article. They tell me I need to use
ns1.mydyndns.org and ns2.mydyndns.org.

So do I setup 2 cnames to those server addresses?
Or do I need to delegate?
Click to expand...

If you bought a domain name and dydns.org is hosting the DNS for the name on
their DNS and their DNS is updated with your clients current IP address, I
don't see a reason for you to do anything on your DNS.

If they just use the dydns.org service and client to update a record in
dydns.org then you need a cname.

How ever you've set it up you don't need a delegation, the delegation they
are talking about is when you by a domain name and dydns.org is going to
host the public zone. That domain name is delegated to dydns.org's name
servers by the gTLD DNS servers. Then the user logs into dydns.org and
updates the "A" records in that zone with their current IP address.
 
Hi Kevin -

I didn't buy the domain from dyndns. It is a domain I already own and host
at a different location. At my registrar, the nameservers for this domain
all point to my local box. They do not host my entire dns schema.

They only host 1 record servername.domainname.com on dyndns
How do I get my local dns zone to allow the transfer to this record
to their dns server, but keep any other request local?

John
 
In
John McLagan said:
Hi Kevin -

I didn't buy the domain from dyndns. It is a domain I
already own and host at a different location. At my
registrar, the nameservers for this domain all point to
my local box. They do not host my entire dns schema.

They only host 1 record servername.domainname.com on
dyndns
How do I get my local dns zone to allow the transfer to
this record
to their dns server, but keep any other request local?
Click to expand...

Why don't you email me direct by following the instructions in my signature
line giving mere the full details and names. Because in order for Dydns to
host the servername.domainname.com and be authoritative for it, they would
have to be Authoritative over the domainname.com public domain.

What I need to know is what domain does your customer register its dynamic
address in at Dydns.org?
I cannot possibly tell you whether you need a CNAME or a delegation without
knowing this.
Does Dydns.org host your customer's public domain zone, there by registering
the dynamic IP in your customers owned domain.
-or-
Does your customer just have an account that allows them to register the
dynamic address in one of Dydns.org's owned domains under a username, e.g.
user.dydns.org.
 
Back
Top