?
Solved

Why do I have DNS Server Discrepancies?

Posted on 2011-03-08
4
Medium Priority
?
901 Views
Last Modified: 2012-05-11
So i have compared all of the settings between my older 2003 DNS server and my new 2008 R2 DNS server and when I do an NS Lookup with the 2003 server I get:

> nslookup
Default Server:   2003server.mydomain.com
Address:  192.168.1.4

> google.com
Server:  2003server.mydomain.com
Address:  192.168.1.4

Non-authoritative answer:
Name:    google.com
Addresses:  74.125.224.80
          74.125.224.84
          74.125.224.83
          74.125.224.82
          74.125.224.81

Open in new window


Now when I do this with my newer 2008 R2 server I get the following:
> google.com
Server:  server2008.mydomain.com
Address:  192.168.1.5

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Non-authoritative answer:
Name:    google.com
Addresses:  74.125.224.48
          74.125.224.52
          74.125.224.51
          74.125.224.50
          74.125.224.49

Open in new window


I guess my question is why can i get to noaa.gov on one DNS server and not the other? What setting am i missing?
0
Comment
Question by:speeDemon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 1

Author Comment

by:speeDemon
ID: 35072127
here is the results for noaa.gov on the 2003 server:

Non-authoritative answer:
Name:    noaa.gov
Addresses:  140.90.200.21
          140.172.17.21
          129.15.96.21

and the results for noaa.gov on the 2008 server:

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Non-authoritative answer:
DNS request timed out.
    timeout was 2 seconds.
Name:    noaa.gov
Addresses:  140.90.200.21
          140.172.17.21
          129.15.96.21
0
 
LVL 3

Accepted Solution

by:
VespaMaru earned 2000 total points
ID: 35072189
It could be EDNS.  Windows 2008 R2 uses EDNS extensions which require TCP port 53 outgoing on the firewall and needs to allow for packet sizes exceeding 512 bytes.  You could turn off EDNS :

dnscmd /config /EnableEDNSProbes 0

Or configure the firewall to allow them.

See :  http://technet.microsoft.com/en-us/library/upgrade-domain-controllers-to-windows-server-2008-r2%28WS.10%29.aspx#BKMK_KnownIssues
0
 
LVL 1

Author Closing Comment

by:speeDemon
ID: 35072321
Aweomse everyhitng works great, i dont have any idea what EDNS is, care to explain??
0
 
LVL 3

Expert Comment

by:VespaMaru
ID: 35072409
Sure, EDNS are extensions to the original DNS standard.  The original standard uses UDP port 53 by default and does not accept packets larger than 512bytes.  Additionally the existing EDNS standard contains additional flags that will allow for DNSSEC implementations.  We use a Cisco ASA firewall, and like other firewalls it is set up to reject DNS packets larger than 512 bytes.  We had to change that to allow larger packets and allow outgoing TCP port 53.  You can most likely get away with not using it for now. We allowed it to be prevent additional "gotcha's" in the future.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question