DNS question
Default Server: mydnsserver
Address: 10.10.10.5
> 10.10.10.45
Server: mydnsserver
Address: 10.10.10.5
*** mydnsserver can't find 10.10.10.45: Query refused
> server12
Server: mydnsserver
Address: 10.10.10.5
*** mydnsserver can't find client: Non-existent domain
I spoke to the person who manage the DNS server, he said "You have the incorrect DNS servers listed here, this is in the prod domain not dev domain
What I don't understand is I am able to resolve another server which is in the same domain as where server12 is sitting.
He made some some changes in DNS server and it worked. I need to know what exactly the problem and trying to understand the issue. He doesn't want to explain and putting me the problem on my side.
please help.
doesn't this mean the issue on the DNS server side?
*** mydnsserver can't find 10.10.10.45: Query refused
Address: 10.10.10.5
> 10.10.10.45
Server: mydnsserver
Address: 10.10.10.5
*** mydnsserver can't find 10.10.10.45: Query refused
> server12
Server: mydnsserver
Address: 10.10.10.5
*** mydnsserver can't find client: Non-existent domain
I spoke to the person who manage the DNS server, he said "You have the incorrect DNS servers listed here, this is in the prod domain not dev domain
What I don't understand is I am able to resolve another server which is in the same domain as where server12 is sitting.
He made some some changes in DNS server and it worked. I need to know what exactly the problem and trying to understand the issue. He doesn't want to explain and putting me the problem on my side.
please help.
doesn't this mean the issue on the DNS server side?
*** mydnsserver can't find 10.10.10.45: Query refused
BillBondo
Sounds like to separate networks? Did he include both DNS servers in the ip config? Change default gateways? Need more information.
If that happens again, you can try pinging the address itself to make sure it can see the address. If it can, then it would be a DNS issue.
To resolve the issue, he could have reloaded/refreshed the DNS records. It might be possible that the IP address had once been assigned to another name and he had to clear it out of cache for it to resolve correctly.
It could be possible that he entered it incorrectly, and didn't want to admit it...
Hope that helps
To resolve the issue, he could have reloaded/refreshed the DNS records. It might be possible that the IP address had once been assigned to another name and he had to clear it out of cache for it to resolve correctly.
It could be possible that he entered it incorrectly, and didn't want to admit it...
Hope that helps
ASKER
Here is the scenario
I have four servers and when I did nslookup in dev environment.
from my windows 7 pc when I tried to do nslookup I see three servers working fine. for one server I am getting the following message. What does it mean?
*** mydnsserver can't find 10.10.10.45: Query refused (by IP address)
*** mydnsserver can't find client: Non-existent domain (by Name)
I have four servers and when I did nslookup in dev environment.
from my windows 7 pc when I tried to do nslookup I see three servers working fine. for one server I am getting the following message. What does it mean?
*** mydnsserver can't find 10.10.10.45: Query refused (by IP address)
*** mydnsserver can't find client: Non-existent domain (by Name)
ASKER
""It could be possible that he entered it incorrectly, and didn't want to admit it..."
Can I able to see the log and see what change he made on the DNS server.
Can I able to see the log and see what change he made on the DNS server.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
here is the setup on my company. I have two DNS servers such as dnsA and dnsB.
Both domains are not trusted.
If I create a record on dnsA and anybody pointing to dnsB should be able to resolve the name. what should be done?
Both domains are not trusted.
If I create a record on dnsA and anybody pointing to dnsB should be able to resolve the name. what should be done?
You are going to need to add either a forwarder on dnsB pointing to a DNS server on dnsA network for that domain, or add a zone onto dnsB. Although, if they are not trusted, I don't know if adding a zone will work for sure.
Right now, are you able to ping IP addresses on dnsA from dnsB?
Right now, are you able to ping IP addresses on dnsA from dnsB?
If you can ping a DNS server on dnsA network, a test you can try is to add a secondary DNS server address to a pc of dnsA DNS server, and than see if you can resolve names.
The question will be does dnsB network know how to get to or route to dnsA network. If not, you would need to add a route to your router.
The question will be does dnsB network know how to get to or route to dnsA network. If not, you would need to add a route to your router.
ASKER
based on my existing setup on my windows 7, I was able to resolve 3 servernames on the dev network but not the last one. Where could be the problem. DNS admin keep pointing the finger at me.
ASKER
I logged into both dns servers and I noticed dev.local zone. How do i know how is replicated. Both says secondary running. I am confused.
What are you trying to accomplish? Perhaps you have wrong server name and or ip? Firewall on the server? Can you log on that server? If you cant ping by ip than its not a dns issue.
Ok, a couple possible scenarios to your setup could be as follows:
The below would be the DNS settings for the respective server (this is assuming that DNS services are running on dnsA and dnsB)
dnsA server:
- Should have an active directory integrated zone for the internal domain network
- Could have a secondary zone for the dnsB server network domain with the name server of dnsB server
dnsB server:
- Should have an active directory integrated zone for the internal domain network
- Could have a secondary zone for the dnsA server network domain with the name server of dnsA server.
In this scenario, both network would need to be on separate IP addressing schemes so as not to confuse routing. If they are on the same IP address scheme, it would be hard to know which traffic would be from the remote network
If they are on separate IP addressing networks, there would need to be a routing statement telling the server how to reach the remote network and what would be "interesting" traffic that would be destined for that network
As another possibility:
dnsA Server
- Should have an active directory integrated zone for the internal domain network
- Have a forwarder address pointing the dnsB server
dnsB Server
- Should have an active directory integrated zone for the internal domain network
- Have a forwarder address pointing the dnsA server
The problem with this configuration is that all your Internet bound resolution will be going through the other networks DNS server. It will check it's own network for resolution, if not found would then go to the other networks DNS server, again if not found would then go to the Internet for resolution. This causes much additional unneeded traffic.
It can be a bit confusing. I usually look at it as if I were a packet or address. What would be my path to resolving the name to IP and then what path would I take to get there.
Ask these questions:
- Does the server I am asking know the IP address?
- If not, what is the next server I am going to be sent to and ask the question again
- Once I find the IP address, is it a local address or a remote address?
- If it's a remote address, does my network know how to reach it or where to send it to next?
The below would be the DNS settings for the respective server (this is assuming that DNS services are running on dnsA and dnsB)
dnsA server:
- Should have an active directory integrated zone for the internal domain network
- Could have a secondary zone for the dnsB server network domain with the name server of dnsB server
dnsB server:
- Should have an active directory integrated zone for the internal domain network
- Could have a secondary zone for the dnsA server network domain with the name server of dnsA server.
In this scenario, both network would need to be on separate IP addressing schemes so as not to confuse routing. If they are on the same IP address scheme, it would be hard to know which traffic would be from the remote network
If they are on separate IP addressing networks, there would need to be a routing statement telling the server how to reach the remote network and what would be "interesting" traffic that would be destined for that network
As another possibility:
dnsA Server
- Should have an active directory integrated zone for the internal domain network
- Have a forwarder address pointing the dnsB server
dnsB Server
- Should have an active directory integrated zone for the internal domain network
- Have a forwarder address pointing the dnsA server
The problem with this configuration is that all your Internet bound resolution will be going through the other networks DNS server. It will check it's own network for resolution, if not found would then go to the other networks DNS server, again if not found would then go to the Internet for resolution. This causes much additional unneeded traffic.
It can be a bit confusing. I usually look at it as if I were a packet or address. What would be my path to resolving the name to IP and then what path would I take to get there.
Ask these questions:
- Does the server I am asking know the IP address?
- If not, what is the next server I am going to be sent to and ask the question again
- Once I find the IP address, is it a local address or a remote address?
- If it's a remote address, does my network know how to reach it or where to send it to next?