bingboo
asked on
DNS issue. 2 external hosts assoc. with same ip addy.
This started out as:
https://www.experts-exchange.com/questions/21924887/Exchange2003-wins2003-https-2-confirmed-eml-addys-are-being-rejected.html
I closed this previous ticket because it ended up being a dns issue that is still not resolved, so I posted a new one here.
I appreciate all contributions.
QUICK DESCRIPTION:
I have people within my org. trying to send email to mail.servicebrands.com and mail.example.com, If I nslookup or ping either of these within the LAN I receive the same ip addy of 64.20.37.22 which is owned by http://www.njiix.net/ . If I am WAN they both resolve to correct ip addy. I thought perhaps my isp dns server was having an issue. if i force a nslookup through their dns server it resolves correctly so it appears it is something with my server.
I have my isp 2 dns servers configured as forwarders and root-hints as (m-a):
m.root-servers.net -202.12.27.33
198.32.64.12
193.0.14.129
198.41.0.10
192.36.148.17
128.63.2.53
192.112.36.4
192.5.5.241
192.203.230.10
128.8.10.90
192.33.4.12
128.9.0.107
a.root-servers.net - 198.41.0.4
Other than these 2 domains I have not had any problems with eml. I can ping www.servicebrands.com and receive correct ip addy but when i hit their mail server as well as that of www.example.com I receive the exact same ip addy of:64.20.37.22
Very troubling and unfortunately the mail.example.com is a client. Thank you.
https://www.experts-exchange.com/questions/21924887/Exchange2003-wins2003-https-2-confirmed-eml-addys-are-being-rejected.html
I closed this previous ticket because it ended up being a dns issue that is still not resolved, so I posted a new one here.
I appreciate all contributions.
QUICK DESCRIPTION:
I have people within my org. trying to send email to mail.servicebrands.com and mail.example.com, If I nslookup or ping either of these within the LAN I receive the same ip addy of 64.20.37.22 which is owned by http://www.njiix.net/ . If I am WAN they both resolve to correct ip addy. I thought perhaps my isp dns server was having an issue. if i force a nslookup through their dns server it resolves correctly so it appears it is something with my server.
I have my isp 2 dns servers configured as forwarders and root-hints as (m-a):
m.root-servers.net -202.12.27.33
198.32.64.12
193.0.14.129
198.41.0.10
192.36.148.17
128.63.2.53
192.112.36.4
192.5.5.241
192.203.230.10
128.8.10.90
192.33.4.12
128.9.0.107
a.root-servers.net - 198.41.0.4
Other than these 2 domains I have not had any problems with eml. I can ping www.servicebrands.com and receive correct ip addy but when i hit their mail server as well as that of www.example.com I receive the exact same ip addy of:64.20.37.22
Very troubling and unfortunately the mail.example.com is a client. Thank you.
I just went out to dnsstuff.com and checked mail.servicebrands.com, and there is no registered mx record. That would explain why mail is a problem.
ASKER
It was able to hit the A record thought, so it will resolve out. Plus as soon as i pop wan side I am able to get the correct ip addy and send them mail.
ASKER
i hit dnsstuff/dnsreport to double check and i hit mx record:
http://www.dnsstuff.com/tools/mail.ch?domain=servicebrands.com
I appreciate your help
http://www.dnsstuff.com/tools/mail.ch?domain=servicebrands.com
I appreciate your help
I guess you checked for mail.....
servicebrands.com. MX IN 3600 mail.servicebrands.com. [Preference = 10]
mail.servicebrands.com. A IN 3600 152.160.68.126
Their DNS should be fine.
Are you sure there is no HOSTS table entry on your server. What happens iff you
nslookup
server yourserverip
set type=mx
servicebrands.com
server yourisp
servicebrands.com
server 158.43.128.1 (A known good DNS at Pipex, UK)
servicebrands.com
Steve
servicebrands.com. MX IN 3600 mail.servicebrands.com. [Preference = 10]
mail.servicebrands.com. A IN 3600 152.160.68.126
Their DNS should be fine.
Are you sure there is no HOSTS table entry on your server. What happens iff you
nslookup
server yourserverip
set type=mx
servicebrands.com
server yourisp
servicebrands.com
server 158.43.128.1 (A known good DNS at Pipex, UK)
servicebrands.com
Steve
this is what I got at DNSSTUFF and why I posted what I did. but if you found the record, great.
Getting MX record for mail.servicebrands.com (from local DNS server, may be cached)... There is no MX record for mail.servicebrands.com! That's bad.
Checking for an A record... Got it!
Host Preference IP(s) [Country]
mail.servicebrands.com 0 152.160.68.126 [US]
Getting MX record for mail.servicebrands.com (from local DNS server, may be cached)... There is no MX record for mail.servicebrands.com! That's bad.
Checking for an A record... Got it!
Host Preference IP(s) [Country]
mail.servicebrands.com 0 152.160.68.126 [US]
Oh, I see! servicebrands.com has an MX record that points to mail.servicebrands.com, but mail.servicebrands.com does not have an MX record--just the host or A record.
When sending mail--are you sending it to servicebrands.com or mail.servicebrands.com? you should be sending it to servicebrands.com.....
When sending mail--are you sending it to servicebrands.com or mail.servicebrands.com? you should be sending it to servicebrands.com.....
You check the domain, not the host. mail.servicebrands.com is a host record. The domain is servicebrands.com and you have to do the MX record check at that level (i.e. they are expecting mail sent to fred . bloggs @ service#rbands.com rather than fred . bloggs @ mail.service#rbands.com
(deliberately misspelt to save them a source of spam...)
Steve
(deliberately misspelt to save them a source of spam...)
Steve
Lots of cross postings.... :-)
Oh, I understand that. I just missed that in the initial post the asker indicated that they are trying to send mail to mail.servicebrands.com -- and therein I think the problem lies. Send it to servicebrands.com
ASKER
Yes - Ican send to example@servicebrands.com outside of wan...cannot within LAN
and if i ping mail.servicebrands.com LAN side I receive 64.20.37.22 not 152.160.68.126 -- this also happens with the other mail.client1.com (I get the 64 address LAN side and the correct address WAN side)
and if i ping mail.servicebrands.com LAN side I receive 64.20.37.22 not 152.160.68.126 -- this also happens with the other mail.client1.com (I get the 64 address LAN side and the correct address WAN side)
ASKER
USING MY SERVER:
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.COM
com
servicebrands.com nameserver = buydomains2.domaindiscover .com
servicebrands.com nameserver = buydomains1.domaindiscover .com
mail.servicebrands.com internet address = 152.160.68.126
buydomains1.domaindiscover .com internet address = 216.104.162.10
buydomains2.domaindiscover .com internet address = 216.104.163.10
---
Pinging MAIL.SERVICEBRANDS.COM [64.20.37.22] with 32 bytes of data:
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.COM
com
servicebrands.com nameserver = buydomains2.domaindiscover
servicebrands.com nameserver = buydomains1.domaindiscover
mail.servicebrands.com internet address = 152.160.68.126
buydomains1.domaindiscover
buydomains2.domaindiscover
---
Pinging MAIL.SERVICEBRANDS.COM [64.20.37.22] with 32 bytes of data:
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
Reply from 64.20.37.22: bytes=32 time=53ms TTL=47
ASKER
sorry disregard mx record info above -- that was WAN side:
LAN side:
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>
LAN side:
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>
Then it looks like DNS is returning the correct IP (152.....) but PING isn't. It therefore must surely be a HOSTS or vaguely possibly LMHOSTS entry for this host. Can't see why mind.
So again, if you do an nslookup inside:
nslookup
server yourserverip
set type=A
mail.servicebrands.com
server externalip
mail.servicebrands.com
Do both return the correct address or not?
Steve
So again, if you do an nslookup inside:
nslookup
server yourserverip
set type=A
mail.servicebrands.com
server externalip
mail.servicebrands.com
Do both return the correct address or not?
Steve
ASKER
my isp dns is returning the correct ip but internally returns incorrect:
LAN side:
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>>>
I have searched entire C drive of DNS server for anything containing 64.20.37.22, and i have nothing other than dns.log telling me about error.
>>>
per: type a lookup request: 64 address is returned.
LAN side:
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>>>
I have searched entire C drive of DNS server for anything containing 64.20.37.22, and i have nothing other than dns.log telling me about error.
>>>
per: type a lookup request: 64 address is returned.
A quick fix would be to modify the host file on the exchange server. At least, until you can get the DNS is resolved correctly from another server.
Check your DNS entry for SMTP, in exchange manager. Make sure it is pointing to your public DNS servers.
Check your DNS entry for SMTP, in exchange manager. Make sure it is pointing to your public DNS servers.
ASKER
K -- getting ready to jump out the window....2 different results within five min of each other.
--------
3 minutes ago(((RESOLVED CORRECTLY))):
> server my.server.ip.address
Default Server: server1.domain.com
Address: my.server.ip.address
> set type=mx
> servicebrands.com
Server: server1.domain.com
Address: my.server.ip.address
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
servicebrands.com nameserver = buydomains2.domaindiscover .com
servicebrands.com nameserver = buydomains1.domaindiscover .com
mail.servicebrands.com internet address = 152.160.68.126
buydomains1.domaindiscover .com internet address = 216.104.162.10
buydomains2.domaindiscover .com internet address = 216.104.163.10
***
IMMEDIATELY AFTER THIS I DID IT AGAIN AND IT FAILED
***
> server my.server.ip.address
Default Server: server1.domain.com
Address: my.server.ip.address
> set type=mx
> servicebrands.com
Server: server1.domain.com
Address: my.server.ip.address
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>
--------
3 minutes ago(((RESOLVED CORRECTLY))):
> server my.server.ip.address
Default Server: server1.domain.com
Address: my.server.ip.address
> set type=mx
> servicebrands.com
Server: server1.domain.com
Address: my.server.ip.address
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
servicebrands.com nameserver = buydomains2.domaindiscover
servicebrands.com nameserver = buydomains1.domaindiscover
mail.servicebrands.com internet address = 152.160.68.126
buydomains1.domaindiscover
buydomains2.domaindiscover
***
IMMEDIATELY AFTER THIS I DID IT AGAIN AND IT FAILED
***
> server my.server.ip.address
Default Server: server1.domain.com
Address: my.server.ip.address
> set type=mx
> servicebrands.com
Server: server1.domain.com
Address: my.server.ip.address
Non-authoritative answer:
servicebrands.com MX preference = 10, mail exchanger = mail.servicebrands.
com
mail.servicebrands.com internet address = 64.20.37.22
>
1. Disable DNS recursion lookup. Make sure it contacts the internet root server.
2. Check log to see if your DNS cache is polluted. See DNS server Help for more information and defend
3.Try to remove/disable root hints and Forwarders one by one, to see which one has errors
4. On DNS server, issue the command ipconfig /flushdns
Open DNS mmc , right click on your server name, select Clear cache.
2. Check log to see if your DNS cache is polluted. See DNS server Help for more information and defend
3.Try to remove/disable root hints and Forwarders one by one, to see which one has errors
4. On DNS server, issue the command ipconfig /flushdns
Open DNS mmc , right click on your server name, select Clear cache.
ASKER
ok -- i selected secure cache / scavenged files / cleared cache and updated server files. i am now able to resolve the correct ip address nslookup/ping. any ideas on how this could happen?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thank you very much
You're welcome. Glad it's kinda useful to you :)