Solved

Host external dns, on internal dns server

Posted on 2007-04-06
9
317 Views
Last Modified: 2010-08-05
A while back we were having a problem where our remote centers could not resolve the name etrack.teletrack.com  If I connected to the dns server (windows 2003, Active Directory) it could not resolve the name either. I would then flush and register dns, stop/start netlogon and then stop/start dns. I could then resolve the name. They wanted me to try to host the teletrack.com domain internally, so I setup the teletrack.com zone in here, and added all the records I could find. The remote hosts can now do what they need to do, but if we try to email teletrack, or if they try to email us, it fails. We receive a "(000B09B6) Host unreachable" message. I've attempted to recreate their mx records, but I'm not all that experienced with this. I've added A records for www (67.32.116.71), mail (12.178.11.202), mail2 (67.32.116.75), mail3 (12.178.11.203) and mail4 (67.32.116.74), and also one for just teletrack.com (67.32.116.71). I've also added mx records for mail, mail2 mail3 and mail4. It is currently not working. Is this something that is possible, or should I just remove the zone, and have the remote locations deal with the first problem. I posted the IP's, as they are available on the net, but if they need to be removed, I will do so...
0
Comment
Question by:ptuttle1319
  • 3
  • 3
  • 3
9 Comments
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 250 total points
ID: 18866167
It's generally not a good idea for you to host externally-resolveable records on your internal DNS server except as a temporary troubleshooting measure.  The entire point of externally-resolveable records is that their DNS is not your problem; ie, if they change the IP address of one of their servers, you don't need to care - you point to their DNS, their DNS has the correct update and resolves your query accordingly.  If you're hosting a zone containing their records, you'll have to update your copy of their zone every time they make a change - as an example, can you imagine needing to keep track of every time the IP address for www.microsoft.com or www.google.com changed? :-)

Given that hosting their records internally hasn't corrected your problem, I would recommend that you delete your internal zone that is hosting their records, and work with the remote center to troubleshoot why their DNS server(s) aren't responding as expected.

Hope this helps.

Laura E. Hunter - Microsoft MVP: Windows Server - Networking.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
ID: 18866213
I would completely remove the zone for teletrack.com and instead try setting up a conditional forwarder for that domain.  I ran DNSreports on their domain, and their were some error messages regarding their DNS servers reporting different SOA serial #s.  This could indicate some misconfiguration at their end, which is probably why you've been having problems.  I would recommend using their nameserver at 67.32.116.70 as a conditonal forwarder, since this server reported the latest SOA serial #.
0
 

Author Comment

by:ptuttle1319
ID: 18866221
It did solve the inital problem. Where the hosts couldn't resolve the etrack.teletrack.com address. It's now fixed. So I'm stuck with trying to fix this aspect of it. Their ip addresses are fairly static, so I shouldn't have a problem there. This is also something I've tried to get going in a lab, with the MX records, so i'd like to see how to get it to work...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ptuttle1319
ID: 18866226
where do you set the conditional forwarder, on a microsoft dns server?
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18866237
On your internal DNS server, go to the properties of the server and select the Forwarders tab.  Under "for the following domains" enter teletrack.com and specify the IP address of their DNS server.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 18866241
Yes - open the DNS mgmt. console.  Right-click on the server name and go to Properties; click the Forwarders tab.  In the top box, click New and put in the domain name, and then put in the IP address for their nameserver.
0
 

Author Comment

by:ptuttle1319
ID: 18867202
Looks like the timestamp on those answers came through at the same time....are either of you opposed to split points? I won't be able to test until sunday, but if it does work, I'll award the points then.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 18867209
Split points are yours to award - this happens all the time, don't sweat it.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 18868016
No worries, as hypercat says, simul-posts happen all the time around here.  (Though it's very considerate of you to ask.)
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Company website 6 49
domian network access 5 32
Trust DNS Resolution for Unqualified Names 3 40
Master-Master-Slave BIND setup 2 31
Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question