Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

DNS server does not resolve external queries.

Posted on 2006-04-07
11
Medium Priority
?
596 Views
Last Modified: 2012-08-14
I have 2 DNS servers for my internal network.  One is the main domain controller, running win2K.  It works fine.  The second is a 2003 server and is also a domain controller...  When I try to resolve internal addresses it works fine... external addresses always fail though... I've looked through the settings and can'tsee anything wrong...

Any ideas?
0
Comment
Question by:cymrich
10 Comments
 
LVL 8

Expert Comment

by:MarkDozier
ID: 16403941
what is the DNS on the 2003 server pointing to?
0
 

Author Comment

by:cymrich
ID: 16403987
by "pointing" do you mean "what is it set to under the forwarding tab"?  

If so, it is set to "all other DNS domains"... same as the one that is working.
0
 
LVL 2

Expert Comment

by:jli168
ID: 16404022
Make sure your DNS forwarder is set correctly. Also, make sure there's is not rule on your firewall to blocking ping to go out.
Were you able to ping by IP externally?
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:cymrich
ID: 16404024
just turned on some logging... tried going to google.. this is what I came up with...

11:51:49 404 PACKET  UDP Snd 193.0.14.129    0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:50 404 PACKET  UDP Rcv 10.102.3.246    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:51 370 PACKET  UDP Rcv 10.102.3.246    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:52 7DC PACKET  UDP Snd 192.33.4.12     0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:53 404 PACKET  UDP Rcv 10.102.3.246    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:51:56 7DC PACKET  UDP Snd 198.41.0.4      0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:56 7DC PACKET  UDP Snd 192.228.79.201  0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:51:57 404 PACKET  UDP Rcv 10.102.3.246    22d5   Q [0001   D   NOERROR] (3)www(6)google(3)com(0)
11:52:00 7DC PACKET  UDP Snd 192.228.79.201  0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:52:00 7DC PACKET  UDP Snd 192.33.4.12     0ab2   Q [0000       NOERROR] (3)www(6)google(3)com(0)
11:52:04 7DC PACKET  UDP Snd 10.102.3.246    22d5 R Q [8281   DR SERVFAIL] (3)www(6)google(3)com(0)
0
 

Author Comment

by:cymrich
ID: 16404050
all ICMP is blocked at the firewall, incoming and outgoing, but DNS does not need that to work.  It did work fine for a long time, and I don't see anything in event viewer that tells me when it stopped working... the primary DNS server has worked fine the whole time so it was not noticable when the second one stopped working, and the only reason i found it was because I configured a WAP that would only allow 1 DNS server entry, and I put in both... it overwrote the first one entered with the 2nd.

0
 
LVL 1

Expert Comment

by:Valentin Nikolov
ID: 16404348
it looklike  that

if you put forwarder - the IP of main domain controller (running win2K)

on the win 2003 domain controller

will work



0
 

Author Comment

by:cymrich
ID: 16404412
but wouldn't that just make it so it sends all the queries to the main domain controller and doesn't actually work itself?    I can see how that would indeed work, but I need it to work independently (it's supposed ot be a backup DNS in case the primary dies).
0
 

Author Comment

by:cymrich
ID: 16404724
I googled the error from the log and found a post about disabling EDNS... after installing the support tools so I could use the dnscmd command line utility, I ran "dnscmd /config /enableednsprobes 0".

This has fixed the issue...

Thanks for all the suggestions though everyone.
0
 
LVL 1

Expert Comment

by:Valentin Nikolov
ID: 16406285
ok its better:)
0
 

Accepted Solution

by:
GranMod earned 0 total points
ID: 16796603
PAQed with points refunded (500)

GranMod
Community Support Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question