if i tell nslookup to use the isp dns server... recursion works. if
i
tell
dns to use a bublic ip as a forwarder,
Well tell NSlookup to use PRECISELY the SAME DNS as
you are trying to use in your DNS Forwarder setting.
If that works, then try to tell YOUR DNS to get the same
answer.
Report PRECISELY which works and which doesn't.
nslookup will work if i tell it to use the isp dns server, it doesnt work
when i set up the same ip as a forwarder in dns, and all of this is
testing
from the dns server
Then set the forwarder to what works.
do not use recursion is unchecked, same with the forwarders tab
Most of the time it is CORRECT to check it on the Forwarder's tab.
put the isa server's internal ipaddress as the forwarder. dns is not
installed on my isa. it works though, but i dont like it. for whatever
reason dns stopped forwarding to my isp dns servers.
Why did you put your ISA server address as forwarder if your
ISA has no DNS?
dont ask me... i seen it in another post in another newsfeed, it was a
suggeted kb article i am trying to find it to post back here. another mvp
on
this site said it was a poor design, and he said that he also emailed
microsoft about it.
Well, don't expect it to work. Why would it work?
Key trick to troubleshooting IP: It HAS to make sense. IP is incredibly
logical and ultimately VERY simple. (Sometimes there is lots of 'stuff'
which makes it look complicated but it should never be difficult one
piece or two at a time.)
Set your forwarder to the DNS server you wish to use (ISP, etc.)
It should be the SAME DNS server you can query directly from
the NSLookup.
it was set up that way, and it wouldnt work... thats why i came to the
conclusion that something is wrong with the forwarding part of my dns
server, and was considering a reinstall
Re-install for an unknown problem is pretty silly.
Just set your Forwarder to your CHOSEN DNS server that will
do the Internet recursion.
Failing to forward to a DNS server should not offer a surprise
when it fails to resolve.
the only surprise was when i told ns lookup to use the isp 's dns
server
it
worked, but when i had the same ip as a forwarder in my dnsserver, it
wouldnt work.
That's because your "forwarder" was NOT a DNS server. No one can
get a non-DNS server to resolve DNS for them (short of port/address
mapping which just moves the request TO THE DNS server.)
i know it should, but it doesnt. i cant even figure out how it
is working now seeing that my isa server is not a dns server, but now the
reverse lookups work?
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
we had a conversation a few days ago about my dns servers, and we
came
to
the conclusion that it probably had something to do with my isa
server,
i
have spent sometime looking at that, and everything seems to be ok?
is it possible that there is something wrong with the forwarders
part
of
dns... i put a packet sniffer at my gateway machine, (isa server
2000),
and
i am not seeing much dns traffic from my dns server?
You can quickly determine this by (working from the DNS server)
using the Command prompt NSLookup to try the "forwarder"
directly:
Test things like this:
nslookup
www.google.com IP.Address.Of.Forwarder
If your DNS server command prompt cannot resolve the names
(like this) through the forwarder then you have firewall/ISA,
problems with forwarder itself, or other routing problems.
can i uninstall/reinstall dns to see if this helps?
Sure but it's almost always a waste of time to flail around
re-installing
stuff when you haven't even isolated the problem.
And it is generally counter-productive since all of your other
tests must be re-done and the chance you will introduce a new
problem.
Don't flail -- isolate and simplify the problem.
win2k3/isa2000/exch2k3
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
