?
Solved

DNS re-config

Posted on 2008-10-10
7
Medium Priority
?
300 Views
Last Modified: 2011-10-19
I am a new admin at a small company with just one server, Win Server 2003R2.  This server does everything, DHCP, DNS, File and print, and Exchange.

I notices a number of DNS errors in the event logs: The dynamic registration of the DNS record '_ldap._tcp.h2o-law.com. 600 IN SRV 0 100 389 server.h2o-law.com.' failed on the following DNS server:  

DNS server IP address: 89.187.67.184
Returned Response Code (RCODE): 5
Returned Status Code: 9017

Looking at the DNS I was horrified with what I saw - see attched image file.
Given that this server is absolutely mission critical and that there is no other dns server in the business, and it is running IIS and Exchange,  I just want confirmation that my thoughts on how to get the DNS into a more sensible config is right.

Only missing piece of information is that nobody seems to know the IP addresses of the ISP DNS servers.

Please tell me how you would change the config of the DNS and TC/IP of the NIC.

Thanks

Apt-it
dns1.jpg
0
Comment
Question by:apt-it
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 2

Assisted Solution

by:Matt1705
Matt1705 earned 800 total points
ID: 22690216
There are a couple of things I would do...

1. Document the existing configuration! THis photo is nice...
2. Attempt to determine if the forwarders have a purpose.  They may have been added for a good reason.
3. If the forwarders have no purpose, delete them.
4. Change the dns entries on your server so that it points to itself.  There should be no other DNS entries except the one pointing to itself.

You may also want to look at dhcp to determine what DNS servers are configured.
0
 
LVL 2

Expert Comment

by:Matt1705
ID: 22690255
A second note, you shouldn't need the IP addresses of the ISP DNS servers.  This server should work fine without them.
0
 

Author Comment

by:apt-it
ID: 22690602
Matt1705,  many thanks for your input.  

Regarding the purpose of the forwarders, I can't imaging any point to an address like 10.0.0.254 since this won't route.  Can you suggest any possible reasons for the others and/or how I could go about findinig out their purpose?

Cheera
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 71

Expert Comment

by:Chris Dent
ID: 22693364

The servers listed are:

Address:  80.248.178.131
Server:  henry.therocketshop.co.uk

Address:  91.186.3.142
Server:  ns1.therackhouse.net

Do the names mean anything to you at all? They do both respond to recursive queries (meaning they are or should be valid forwarders). It's up to you if you want to keep those.

If you don't have Forwarders configured the server will use Root Hints to resolve public requests.

> you shouldn't need the IP addresses of the ISP DNS servers

I would probably be a bit stronger with that :) You should not have DNS servers listed in TCP/IP configuration if they cannot provide an authoritative answer for the AD domain.

If the organisation can afford it an additional Domain Controller would be a real benefit.

Chris
0
 

Author Comment

by:apt-it
ID: 22694860
Chris,

Once again, many thanks for your input which is much appreciated.  I also had checked the nslookup for the two IP addresses you mention.  They are dns forwarders for a local co-location service provider who have had dealings with the business, so they could be valid fowarders though, as you say, it may be just as good to use the Root Hint servers, though I  believe this may cause a small performance hit on DNS resolution.

Can you think of any reason why someone would put 10.0.0.254 in the forwarders, or does this just point to incompetence on the part of whoever set up the DNS?

My inclination is, then, (A)  to take out the alternate DNS server in the TCP/ip properties as the server should only point to itself; (B) to remove 10.0.0.254 as this is meaningless, (C), to keep 91.186.3.142 and add 89.187.67.184 to the forwarders as these are the primary and secondary DNS servers belonging to therackhouse.

Does this sound like a good plan to you??

My last question is - do you think that these changes will remedy the Event Log error I reported in my first posting, ID 5774 source, NETLOGON?

Really appreciate you help as I am working alone and need to get this right.
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 1200 total points
ID: 22696839

Regarding 10.0.0.254. It could have been a Firewall or other internal device capable of handling DNS requests. I'd be hesitant to say incompetence, but that is a possibility if nothing else comes to light :)

That sounds like an excellent plan. And it should resolve the errors provided that an authoritative zone exists for the name it's trying to register.

Chris
0
 

Author Closing Comment

by:apt-it
ID: 31505166
Gents, many thanks for your help - much appreciated!
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question