Problems with outgoing mail in exchange 2010 (DNS Issues)
We seem to be having big issues with e-mail going out from our exchange 2010 server...
Quite alot in the outgoing queue we're getting 451 4.4.0 DNS query failed
for example i just e-mailed someone at virtualvoiceservices.co.uk
did nslookup
set type=mx
and it came back immediatly resolving the MX record....
I have set exchange to use external DNS for the external lookups....and ive put the google DNS server to do the lookups 8.8.8.8
Any idea's?
Quite alot in the outgoing queue we're getting 451 4.4.0 DNS query failed
for example i just e-mailed someone at virtualvoiceservices.co.uk
did nslookup
set type=mx
and it came back immediatly resolving the MX record....
I have set exchange to use external DNS for the external lookups....and ive put the google DNS server to do the lookups 8.8.8.8
Any idea's?
Muhammad Mulla
Have you got DNS forwarding set up in your AD DNS server?
ASKER
Indeed we have Sir !
Forwarding is set to ....8.8.8.8
Cheers,
S
Forwarding is set to ....8.8.8.8
Cheers,
S
We had the same on our end. I disabled forwarders and used the builtin root hints in our windows dns servers instead. Now all is well.
ASKER
Will give this a try then ! will report back !
I'd say - dont go for root-hints, rather go for ISP's DNS servers.
you will find the details in network connectivity section of your firewall / router with public IP.
reason:
8.8.8.8 / Root-hints, they are couple of hops away and DNS resolution takes time.
ISP's DNS - 1 hop away = faster Name resolution.
--
run this from AD also
dcdiag /v /e /TEST:DNS > c:\dcdiag.txt
--
Also please increase the points :) - this is showing up as 50 points :(
you will find the details in network connectivity section of your firewall / router with public IP.
reason:
8.8.8.8 / Root-hints, they are couple of hops away and DNS resolution takes time.
ISP's DNS - 1 hop away = faster Name resolution.
--
run this from AD also
dcdiag /v /e /TEST:DNS > c:\dcdiag.txt
--
Also please increase the points :) - this is showing up as 50 points :(
ASKER
Here you go !,
Havent changed the DNS yet thought id show you what was happening on the dcdiag first :-)
250 points changed dude
dcdiag.txt
Havent changed the DNS yet thought id show you what was happening on the dcdiag first :-)
250 points changed dude
dcdiag.txt
You will have to give me sometime to respond to this. I am stuck with a client issue :(
will reply.
will reply.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Done that, changed the DNS to 89.105.96.51 in the forwarders thats my ISP's DNS server
Should I run that command again to test the DNS?..
As for the sscs.co.uk unsure as I didnt configure it.....:/
Many thanks,
Shaun
Should I run that command again to test the DNS?..
As for the sscs.co.uk unsure as I didnt configure it.....:/
Many thanks,
Shaun
ASKER
One thing i did notice in that log file was ..
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
192.168.1.2 (<name unavailable>) [Invalid (unreachable)]
Where would it be picking these 2 IP's up from ? as they do not exist on our network....
TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
192.168.1.2 (<name unavailable>) [Invalid (unreachable)]
Where would it be picking these 2 IP's up from ? as they do not exist on our network....
these are your local LAN IP
can you run the DNS test again
dcdiag /v /e /TEST:DNS > c:\dcdiag.txt
can you run the DNS test again
dcdiag /v /e /TEST:DNS > c:\dcdiag.txt
ASKER
Hiya,
We don't have any IP's of 192.168.1.1 / 192.168.1.2 though....we USED to have an ADSL router on .1 but not any longer...just worried something is trying to use them ....when they dont exist any more..
Here's the updated file
Many thanks,
Shaun
dcdiag3.txt
We don't have any IP's of 192.168.1.1 / 192.168.1.2 though....we USED to have an ADSL router on .1 but not any longer...just worried something is trying to use them ....when they dont exist any more..
Here's the updated file
Many thanks,
Shaun
dcdiag3.txt
open IE
http://192.168.1.1
It might be the IP of your firewall / router
--
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
192.168.1.2 (<name unavailable>) [Invalid (unreachable)]
---
These are IP's for local subnet. Preferably put the DNS for your public IP
Can you call up your ISP and verify the public DNS servers and put that there.
thanks
http://192.168.1.1
It might be the IP of your firewall / router
--
Forwarders Information:
192.168.1.1 (<name unavailable>) [Valid]
192.168.1.2 (<name unavailable>) [Invalid (unreachable)]
---
These are IP's for local subnet. Preferably put the DNS for your public IP
Can you call up your ISP and verify the public DNS servers and put that there.
thanks
ASKER
Aha indeed it is the IP address of our ADSL router, but all traffic is sent straight to our CISCO asa on 192.168.1.254 , 192.168.1.1 is only just acting as an ADSL router...the DNS servers are .5 and .7
I can't find anywhere on the server where its showing 192.168.1.1 and 1.2 though...not in the network adaptor settings and not in the DNS settings....?
I can't find anywhere on the server where its showing 192.168.1.1 and 1.2 though...not in the network adaptor settings and not in the DNS settings....?
Go here
www.canyouseeme.org
Thats your Public IP.
Can you call up your ISP and tell them your IP and phone# and ask them what is the DNS server you are using.
--
You can also check in Cisco what is the DNS server being used there.
it has to be in the same subnet as your public IP (same / similar...)
www.canyouseeme.org
Thats your Public IP.
Can you call up your ISP and tell them your IP and phone# and ask them what is the DNS server you are using.
--
You can also check in Cisco what is the DNS server being used there.
it has to be in the same subnet as your public IP (same / similar...)