• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 178
  • Last Modified:

setup 3 locations for dns resolution

site 1 10.10.1.0 network
site 2 10.20.1.0 network
site 3 10.30.1.0 network

dns server in each site. I want them to share/replicate dns information. They are connected by  site to site vpns. Name resolution does not work even if I make an entry manually in the dn server.
0
jimmylew52
Asked:
jimmylew52
  • 7
  • 4
  • 2
2 Solutions
 
GuruChiuCommented:
If you are using Unix DNS, the way I do it is setup primary DNS which hold the master copy of all DNS records. The primary define all the other DNS and allow all DNS within the domain to zone transfer.
The other sites DNS just become a secondary DNS and zone transfer DNS from primary.
Make sure you also setup DHCP server to distribute the correct DNS for each site.
0
 
jimmylew52Author Commented:
DNS is Windows 2008 R2 . No DHCP everything is static addressing. I have a master DNS server  but cannot get the zones to transfer even on the local network
0
 
GuruChiuCommented:
Make sure you have setup the allow zone transfer correctly.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
jimmylew52Author Commented:
Did not have that done but have since an allowed each dns server. I have also set one of thr servers as te SOA.

DNS resolution still does not occur. It has only been about a half hour but no dns transfer seems to happen either. Will check again later.

reverse lookup zones do not work either. Does the Primary server have to be primary on the reverse lookup zones also, and the secondary servers be secondary on the zones? I thought the server in the zone should be primary but it does not seen to work. I get the error - this server is not primary for the zone.
0
 
GuruChiuCommented:
Check your windows server and see if it have firewall enabled.

Reverse lookup is indenpendant of primary lookup. They can be on the same server, but do not have to be. For public IP, reverse DNS need to be authorized. In US, ARIN authorize IP addresses and reverse DNS.
0
 
jimmylew52Author Commented:
firewalls are off on all servers

so it does not matter where the reverse zones are primary?
0
 
GuruChiuCommented:
lets do it step by step:

Make sure your DNS is actually working at all. On your DNS server, run nslookup, set the server to the DNS you are on, and try to do a query.

If it work, try the same on a PC on the same network.

If it work, try the same on a PC on a different site.

0
 
Chris DentPowerShell DeveloperCommented:

I guess you're not using AD? Zones would replicate using that if you were.

For Primary / Secondary setup, you should nominate one server for each zone as Primary, then configure Secondary zones on each of the others. TCP Port 53 must be open from the Secondary to the Primary (UDP Port 53 is used for standard queries).

You should ensure that your servers are fully patched, 2008 has a few bugs in DNS although I couldn't say if that applies to 2008 R2.

Chris
0
 
jimmylew52Author Commented:
GuruChiu:

nslookup does not work from the dns server using its own IP for dns server

Chris-Dent:

No AD - That is goal but DNS non-resolution is making it impossible
One of the servers is SOA, others are secondary for the domain name
reverse lookup zones are now transfering between servers
port 53 is open - I can telnet to the port on the server
Servers are fully patched - automatic updates on turned on
0
 
Chris DentPowerShell DeveloperCommented:

Since the zones are transferring, is name resolution now working?

Chris
0
 
jimmylew52Author Commented:
reverse lookup zones are transfering but nslookup fails eve though the a record is on the server
0
 
jimmylew52Author Commented:
Dns resolution has started working
0
 
jimmylew52Author Commented:
Found that a firewall was on on one of the servers and mainly that the zone transfers were not set up correctly
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

  • 7
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now