reverse DNS zone question

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

recently, i setup reverse dns on windows 2003 using the wizard it seems to be
running ok, but i dont see any entries in the reverse dns zone database
since i set it up about 3 weeks ago..(just the domain controllers in the
zone) is there something is should add to my DHCP settings? or, how do i
test this to verify reverse dns is working?
thanks
rob davis
 
davisr65 said:
recently, i setup reverse dns on windows 2003 using the wizard it
seems to be running ok, but i dont see any entries in the reverse dns
zone database since i set it up about 3 weeks ago..(just the domain
controllers in the zone) is there something is should add to my DHCP
settings? or, how do i test this to verify reverse dns is working?
Click to expand...

Are all your clients and DCs using the DCs' addresses only for DNS?
 
In
davisr65 said:
yes, only for DNS
Click to expand...


I assume that means your ISP's DNS is not being used on any internal
machines (which is good).

Does your current internal IP range the clients and servers are on match the
zone you created? Give us an example of a client's IP address, the exact
name of the reverse zone, and if you have updates set to allow in the zone
properties.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.

It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
 
My clients are pointing to my DC's for DNS, which in turn is forwarding to
DNS Servers at the Corporate office which then goes to the internet....

Ace Fekay said:
In
davisr65 said:
yes, only for DNS
Click to expand...


I assume that means your ISP's DNS is not being used on any internal
machines (which is good).

Does your current internal IP range the clients and servers are on match the
zone you created? Give us an example of a client's IP address, the exact
name of the reverse zone, and if you have updates set to allow in the zone
properties.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.

It's easy:
How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only thing in life is change. Anything more is a blackhole consuming
unnecessary energy. - [Me]
Click to expand...
 
In
davisr65 said:
My clients are pointing to my DC's for DNS, which in turn is
forwarding to DNS Servers at the Corporate office which then goes to
the internet....
Click to expand...

Ok, thanks for responding to that.

Here's a dumb question on my part and I;m only asking because I don't see
anywhere in this thread if it's been addressed:
Are updates allowed on the reverse zone?

Ace
 
yes, they are

Ace Fekay said:
In

Ok, thanks for responding to that.

Here's a dumb question on my part and I;m only asking because I don't see
anywhere in this thread if it's been addressed:
Are updates allowed on the reverse zone?

Ace
Click to expand...
 
As per the one of the previous questions... i used the wizard to create the
reverse zone,... the IP setup is as follows... i am on a 172.19.104.0
subnet using 255.255.252.0 mask.... so i have
172.19.104.
172.19.105.
172.19.106.
172.19.107.

in DNS under Reverse Lookup Zone Folder, there are 3 folders:
0.in-addr.arpa standard primary
127.in-addr.arpa standard primary
172.19.104.in-addr.arpa AD integrated
255.in-addr.arpa standard primary
 
In
davisr65 said:
As per the one of the previous questions... i used the wizard to
create the reverse zone,... the IP setup is as follows... i am on a
172.19.104.0 subnet using 255.255.252.0 mask.... so i have
172.19.104.
172.19.105.
172.19.106.
172.19.107.

in DNS under Reverse Lookup Zone Folder, there are 3 folders:
0.in-addr.arpa standard primary
127.in-addr.arpa standard primary
172.19.104.in-addr.arpa AD integrated
255.in-addr.arpa standard primary
Click to expand...

If a client machine has an address of, eg., 172.19.104.56, and as long as
the client is pointing to the DNS server that is hosting the
172.19.104.in-addr.arpa zone which is allowing updates, then the client will
register. If updates are set to Secure Only, then the client must be joined
to the domain in order to register, otherwise if it is not a joined machine,
then it will not unless you allow Secure and NonSecure updates.

That is the basic rule. Registration pretty much just "works". There must be
something else going on that we are not aware of that is causing your
dilemma. How about the Event viewer, any errors in the App or System logs?

Ace
 
davisr65 said:
As per the one of the previous questions... i used the wizard to
create the reverse zone,... the IP setup is as follows... i am on a
172.19.104.0 subnet using 255.255.252.0 mask.... so i have
172.19.104.
172.19.105.
172.19.106.
172.19.107.

in DNS under Reverse Lookup Zone Folder, there are 3 folders:
Click to expand...
172.19.104.in-addr.arpa AD integrated<--? Wrong name for this zone
Click to expand...
When you ran the wizard, you reversed the subnet for the Subnet ID. This
zone when in Advanced view should be 104.19.172.in-addr.arpa.
 
In
When you ran the wizard, you reversed the subnet for the Subnet ID.
This zone when in Advanced view should be 104.19.172.in-addr.arpa.
Click to expand...

Good eye. Didn't even catch that!

Ace
 
Do i have to delete the who DNS zone?, i do not see any options to just
delete the reverse dns zone.......

thanks
 
davisr65 said:
Do i have to delete the who DNS zone?, i do not see any options to
just delete the reverse dns zone.......
Click to expand...

Yes, delete the 172.19.104.in-addr.arpa zone, it is named wrong and useless.
 
Ok, i created the zone correctly.. it reads 104.19.172.in-addr.arpa

how would i test this to verify that it works....

thank you
 
davisr65 said:
Ok, i created the zone correctly.. it reads 104.19.172.in-addr.arpa

how would i test this to verify that it works....
Click to expand...

Create a PTR for the IP of the DNS server, then invoke nslookup from a
command prompt. If the reverse zone works, it will give you the name of the
PTR you gave the PTR. If it doesn't nslookup will say "Can't server name for
address <IPaddressofDNSserver>.
 
Back
Top