Link to home
Start Free TrialLog in
Avatar of speeDemon
speeDemonFlag for United States of America

asked on

Why do I have DNS Server Discrepancies?

So i have compared all of the settings between my older 2003 DNS server and my new 2008 R2 DNS server and when I do an NS Lookup with the 2003 server I get:

> nslookup
Default Server:   2003server.mydomain.com
Address:  192.168.1.4

> google.com
Server:  2003server.mydomain.com
Address:  192.168.1.4

Non-authoritative answer:
Name:    google.com
Addresses:  74.125.224.80
          74.125.224.84
          74.125.224.83
          74.125.224.82
          74.125.224.81

Open in new window


Now when I do this with my newer 2008 R2 server I get the following:
> google.com
Server:  server2008.mydomain.com
Address:  192.168.1.5

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Non-authoritative answer:
Name:    google.com
Addresses:  74.125.224.48
          74.125.224.52
          74.125.224.51
          74.125.224.50
          74.125.224.49

Open in new window


I guess my question is why can i get to noaa.gov on one DNS server and not the other? What setting am i missing?
Avatar of speeDemon
speeDemon
Flag of United States of America image

ASKER

here is the results for noaa.gov on the 2003 server:

Non-authoritative answer:
Name:    noaa.gov
Addresses:  140.90.200.21
          140.172.17.21
          129.15.96.21

and the results for noaa.gov on the 2008 server:

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Non-authoritative answer:
DNS request timed out.
    timeout was 2 seconds.
Name:    noaa.gov
Addresses:  140.90.200.21
          140.172.17.21
          129.15.96.21
ASKER CERTIFIED SOLUTION
Avatar of VespaMaru
VespaMaru
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Aweomse everyhitng works great, i dont have any idea what EDNS is, care to explain??
Sure, EDNS are extensions to the original DNS standard.  The original standard uses UDP port 53 by default and does not accept packets larger than 512bytes.  Additionally the existing EDNS standard contains additional flags that will allow for DNSSEC implementations.  We use a Cisco ASA firewall, and like other firewalls it is set up to reject DNS packets larger than 512 bytes.  We had to change that to allow larger packets and allow outgoing TCP port 53.  You can most likely get away with not using it for now. We allowed it to be prevent additional "gotcha's" in the future.