DNS replication

Im having trouble with one of my win2008 R2 DC replication DNS to other win2008 R2 DC accross a WAN. It might be possible that a firewall somewhere has a port blocked for the DNS/ AD replication. Which ports are critical for DNS to communicate to the other DC's (TCP or UDP?) and how can I test that those ports are open?
KratosDefenseAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
KratosDefenseAuthor Commented:
Ok so DNS port 53 UDP defiantly needs to be open for DNS to properly talk correct?
Can you sanity check and confirm that UDP ports don’t appear to be open to the server I need them to by examining the output of NMAP:
Initiating UDP Scan at 16:46
Scanning 10.200.200.91 [1000 ports]
Increasing send delay for 10.200.200.91 from 0 to 50 due to max_successful_tryno increase to 5
Increasing send delay for 10.200.200.91 from 50 to 100 due to max_successful_tryno increase to 6
Warning: 10.200.200.91 giving up on port because retransmission cap hit (6).
Increasing send delay for 10.200.200.91 from 100 to 200 due to 11 out of 11 dropped probes since last increase.
Increasing send delay for 10.200.200.91 from 200 to 400 due to 11 out of 11 dropped probes since last increase.
UDP Scan Timing: About 5.20% done; ETC: 16:56 (0:09:25 remaining)
Increasing send delay for 10.200.200.91 from 400 to 800 due to 11 out of 13 dropped probes since last increase.
UDP Scan Timing: About 7.90% done; ETC: 16:59 (0:11:51 remaining)
Increasing send delay for 10.200.200.91 from 800 to 1000 due to 11 out of 24 dropped probes since last increase.
UDP Scan Timing: About 10.14% done; ETC: 17:01 (0:13:26 remaining)
UDP Scan Timing: About 12.17% done; ETC: 17:03 (0:14:33 remaining)
UDP Scan Timing: About 17.57% done; ETC: 17:03 (0:13:41 remaining)
Discovered open port 51456/udp on 10.200.200.91
KratosDefenseAuthor Commented:
bad output. I reran just the port by itself. Seems to be open:


Starting Nmap 5.21 ( http://nmap.org ) at 2010-10-18 16:57 Eastern Daylight Time

Nmap scan report for 10.200.200.90

Host is up (0.094s latency).

PORT   STATE SERVICE

53/udp open  domain



Nmap done: 1 IP address (1 host up) scanned in 0.78 seconds
KratosDefenseAuthor Commented:
thxs
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DNS

From novice to tech pro — start learning today.