Netmask order on DNS Server

  • Thread starter Thread starter William Stacey
  • Start date Start date
W

William Stacey

Use a stub zone and just point to the working server(s), or forward zone
(both require w2k3) or setup a primary on your side with same name. Then
add the public records you need yourself pointing to the correct IPs.

--
William Stacey, MVP

Markus Brassel said:
We use W2k DNS servers to resolve DNS in the Internet. Usually it is
Click to expand...
working fine except for one domain. This domain has a flow in there NS
records, as one of there servers does not know the domain itself.
The Domain seems to be set up like this (simplyfied):

company.com:
NS ns1.provider.com
NS ns2.provider.com
MX 10 smtp.company.com
cs NS ns1.provider.com
cs NS ns2.provider.com

mail.company.com:
NS ns1.provider.com
NS ns2.provider.com
smtp A x.z.z.z

provider.com:
NS ns1.provider.com
NS ns2.provider.com
ns1 A x.z.z.z
ns2 A y.z.z.z

This looks just fine to me, except the mail.company.com zone does not
Click to expand...
exist on the ns2.provider.com. But even this would not be a big problem as
DNS can alway check the ns1.provider.com.
But as our DNS Server has a IP similar to y.z.z.z (same A class net) it
Click to expand...
always asks the buggy DNS until this server is not available.
We have tested the DNS with logging enabled and found out that our server
Click to expand...
does always use the buggy one becaus of the netmask ordering. As the
response from the other side does not look like ordered in anyway we are
convinced, that the ordering is doen by the DNS service itself. I expected
this to be a feuture only used when sending replies to a client and not
internaly.
Now I'd like to know if someone knew a setting to disable this behavior on
Click to expand...
the DNS server but not to disable netmask ordering in the responses to the
clients.
We already tried to disable the ordering an the server, but it seemed to have no effect.

I know, I cannot do alot on my side and have informed there admin about
Click to expand...
there configuration. First awnser was "it's everything OK, as we can recieve
mails from everywhere except from You". As my client is not very happy with
not beeing able to send mails to his subsidiary, I'd like to present them a
quick solution from our side.
 
We use W2k DNS servers to resolve DNS in the Internet. Usually it is working fine except for one domain. This domain has a flow in there NS records, as one of there servers does not know the domain itself
The Domain seems to be set up like this (simplyfied)

company.com
NS ns1.provider.co
NS ns2.provider.co
MX 10 smtp.company.co
cs NS ns1.provider.co
cs NS ns2.provider.co

mail.company.com
NS ns1.provider.co
NS ns2.provider.co
smtp A x.z.z.

provider.com
NS ns1.provider.co
NS ns2.provider.co
ns1 A x.z.z.
ns2 A y.z.z.

This looks just fine to me, except the mail.company.com zone does not exist on the ns2.provider.com. But even this would not be a big problem as DNS can alway check the ns1.provider.com
But as our DNS Server has a IP similar to y.z.z.z (same A class net) it always asks the buggy DNS until this server is not available

We have tested the DNS with logging enabled and found out that our server does always use the buggy one becaus of the netmask ordering. As the response from the other side does not look like ordered in anyway we are convinced, that the ordering is doen by the DNS service itself. I expected this to be a feuture only used when sending replies to a client and not internaly

Now I'd like to know if someone knew a setting to disable this behavior on the DNS server but not to disable netmask ordering in the responses to the clients
We already tried to disable the ordering an the server, but it seemed to have no effect

I know, I cannot do alot on my side and have informed there admin about there configuration. First awnser was "it's everything OK, as we can recieve mails from everywhere except from You". As my client is not very happy with not beeing able to send mails to his subsidiary, I'd like to present them a quick solution from our side

thanks and regard
Marku
 
In the meantime we decided to let it be worked out from the other side, as
we could prove the error to our customer.

That is the best option. Glad you could work it out with them. Cheers!
 
Well, the stub and forward zones have already crossed my mind, but as you suggested it needs W2k3 which is currently not an option.
Your last option would work, is not quite "standard procedure", but would help for our problem.
In the meantime we decided to let it be worked out from the other side, as we could prove the error to our customer.

Regards
Markus
 
Back
Top