cdhead
asked on
DNS Problems for WAN Hosts
Hello Everyone,
I'm having a problem with one of my DNS servers running server 2008 R2. I have 5 DNS servers on my network and all of them seem to be running fine except for one, which also happens to be my secondary DNS server for all the hosts on my network. On my LAN, DNS works fine on the server in question, but for all WAN hosts(e.g. websites), it does not. To isolate the server in question i statically assigned the servers IP address to the network adapter on my test machine.
I setup the DNS service on this server no different than on the other 4 servers, so I'm not sure what could be wrong. I checked the event log, which didn't identify any obvious problems. Any help from here would be appreciated. Thanks!
I'm having a problem with one of my DNS servers running server 2008 R2. I have 5 DNS servers on my network and all of them seem to be running fine except for one, which also happens to be my secondary DNS server for all the hosts on my network. On my LAN, DNS works fine on the server in question, but for all WAN hosts(e.g. websites), it does not. To isolate the server in question i statically assigned the servers IP address to the network adapter on my test machine.
I setup the DNS service on this server no different than on the other 4 servers, so I'm not sure what could be wrong. I checked the event log, which didn't identify any obvious problems. Any help from here would be appreciated. Thanks!
Cheever000
Are the forwarders correct and in the same order as the other DNS servers, of hosts outside the local domain?
ASKER
Cheever000:
Right click server name - properties - forwarders tab
I have no servers listed on any of my domain controller DNS servers. Yet, they all seem to work fine, although i expected there to be entries here. Just an FYI, i inherited this network so the primary DNS server is the only one i haven't configured myself but i did configure all the others. I feel there is something i am missing in the way my DNS servers are setup. The one thing i don't understand is where the DNS queries are being serviced for external hosts if there are no servers listed under forwarders.
Right click server name - properties - forwarders tab
I have no servers listed on any of my domain controller DNS servers. Yet, they all seem to work fine, although i expected there to be entries here. Just an FYI, i inherited this network so the primary DNS server is the only one i haven't configured myself but i did configure all the others. I feel there is something i am missing in the way my DNS servers are setup. The one thing i don't understand is where the DNS queries are being serviced for external hosts if there are no servers listed under forwarders.
When you say "but for all WAN hosts", does that mean external hosts are contacting your DNS server(s) for resolution or did you mean your internal hosts are trying to resolve external addresses, i.e. www.google.com?
If this is the case, and you've made sure the forwarders are set up the same way as the others, I would check to see if the server with the issue is being blocked by a firewall for outbound DNS (port 53).
If this is the case, and you've made sure the forwarders are set up the same way as the others, I would check to see if the server with the issue is being blocked by a firewall for outbound DNS (port 53).
ASKER
vanbarsoun:
I'm talking about the DNS resolution for my local computers to websites, like google.com. The windows firewall is disabled on the server in question and my network firewall shouldn't be the issue since all the other servers work fine.
I'm talking about the DNS resolution for my local computers to websites, like google.com. The windows firewall is disabled on the server in question and my network firewall shouldn't be the issue since all the other servers work fine.
If your forwarders list is empty it will use the root hints servers. See if that server can resolve external names by pinging an external host/website from a command line on that server.
ASKER
vanbarsoun:
I can't ping any WAN hosts from the server in question when that server is the only server defined in the DNS config for the local network adapter.
I can't ping any WAN hosts from the server in question when that server is the only server defined in the DNS config for the local network adapter.
Actually, yes you should be able to if that server is running DNS. If that server cannot resolve external DNS names then that explains why your internal hosts are not able to resolve when pointing to this server.
Did this server ever resolve properly, or is this a first-time setup? Try restarting the DNS service on that server. If it still fails to resolve, try connecting directly to DNS server via telnet to rule out firewall issues:
telnet 4.2.2.2 53
You should at least get a blank window, anything besides an error/timeout message.
Did this server ever resolve properly, or is this a first-time setup? Try restarting the DNS service on that server. If it still fails to resolve, try connecting directly to DNS server via telnet to rule out firewall issues:
telnet 4.2.2.2 53
You should at least get a blank window, anything besides an error/timeout message.
ASKER
vanbarsoun:
If its using the root hits only, and the root hints are the same on all servers, then i guess my new question is, why doesn't the root hints work on the problem server?
I just added a ISP provided DNS server to the forwarder list and the server in question seems to be resolving DNS records for external hosts now. Telneting also worked without an error.
Should i be concerned about this or just configure all my DNS servers forwarders with the ISP's DNS servers and be done with this?
If its using the root hits only, and the root hints are the same on all servers, then i guess my new question is, why doesn't the root hints work on the problem server?
I just added a ISP provided DNS server to the forwarder list and the server in question seems to be resolving DNS records for external hosts now. Telneting also worked without an error.
Should i be concerned about this or just configure all my DNS servers forwarders with the ISP's DNS servers and be done with this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
In this sceniro please check below task
1. Please check proper Installation of DNS as well check command NSlookup.
2. Check local resolution working fine or not.
3. If locally resolved then check replication between primary and secondary zone is happening properly or not.
4. Check and added a ISP provided DNS server to the forwarder list and the server in question seems to be resolving DNS records for external hosts now. Telneting also worked without an error telnet 4.2.2.2 53.
5. Check port no. 53 is blocked by firewall.
6. The forwarding option there are some known issues with Windows 2008 Servers and root hints.
http://technet.microsoft.com/en-us/library/cc782142(WS.10).aspx
1. Please check proper Installation of DNS as well check command NSlookup.
2. Check local resolution working fine or not.
3. If locally resolved then check replication between primary and secondary zone is happening properly or not.
4. Check and added a ISP provided DNS server to the forwarder list and the server in question seems to be resolving DNS records for external hosts now. Telneting also worked without an error telnet 4.2.2.2 53.
5. Check port no. 53 is blocked by firewall.
6. The forwarding option there are some known issues with Windows 2008 Servers and root hints.
http://technet.microsoft.com/en-us/library/cc782142(WS.10).aspx
ASKER
Was able to work around the issue by using the ISP's DNS servers.