Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


DNS server does not resolve external queries.

Posted on 2006-04-07
Medium Priority
Last Modified: 2012-08-14
I have 2 DNS servers for my internal network.  One is the main domain controller, running win2K.  It works fine.  The second is a 2003 server and is also a domain controller...  When I try to resolve internal addresses it works fine... external addresses always fail though... I've looked through the settings and can'tsee anything wrong...

Any ideas?
Question by:cymrich

Expert Comment

ID: 16403941
what is the DNS on the 2003 server pointing to?

Author Comment

ID: 16403987
by "pointing" do you mean "what is it set to under the forwarding tab"?  

If so, it is set to "all other DNS domains"... same as the one that is working.

Expert Comment

ID: 16404022
Make sure your DNS forwarder is set correctly. Also, make sure there's is not rule on your firewall to blocking ping to go out.
Were you able to ping by IP externally?
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Author Comment

ID: 16404024
just turned on some logging... tried going to google.. this is what I came up with...

11:51:49 404 PACKET  UDP Snd    0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:50 404 PACKET  UDP Rcv    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:51 370 PACKET  UDP Rcv    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:52 7DC PACKET  UDP Snd     0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:53 404 PACKET  UDP Rcv    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:56 7DC PACKET  UDP Snd      0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:56 7DC PACKET  UDP Snd  0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:57 404 PACKET  UDP Rcv    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:52:00 7DC PACKET  UDP Snd  0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:52:00 7DC PACKET  UDP Snd     0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:52:04 7DC PACKET  UDP Snd    22d5 R Q [8281   DR SERVFAIL] (3)www(6)google(3)com(0)

Author Comment

ID: 16404050
all ICMP is blocked at the firewall, incoming and outgoing, but DNS does not need that to work.  It did work fine for a long time, and I don't see anything in event viewer that tells me when it stopped working... the primary DNS server has worked fine the whole time so it was not noticable when the second one stopped working, and the only reason i found it was because I configured a WAP that would only allow 1 DNS server entry, and I put in both... it overwrote the first one entered with the 2nd.


Expert Comment

by:Valentin Nikolov
ID: 16404348
it looklike  that

if you put forwarder - the IP of main domain controller (running win2K)

on the win 2003 domain controller

will work


Author Comment

ID: 16404412
but wouldn't that just make it so it sends all the queries to the main domain controller and doesn't actually work itself?    I can see how that would indeed work, but I need it to work independently (it's supposed ot be a backup DNS in case the primary dies).

Author Comment

ID: 16404724
I googled the error from the log and found a post about disabling EDNS... after installing the support tools so I could use the dnscmd command line utility, I ran "dnscmd /config /enableednsprobes 0".

This has fixed the issue...

Thanks for all the suggestions though everyone.

Expert Comment

by:Valentin Nikolov
ID: 16406285
ok its better:)

Accepted Solution

GranMod earned 0 total points
ID: 16796603
PAQed with points refunded (500)

Community Support Moderator

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question