Two domain names, one DNS server, one IIS: How do I get the second domain name working.
I have two domain names registered, lets call them:
yy.org (old, and working)
xx.org
Our organizations domain is yy.org... In our "charlie" server acts as a name server (we run DNS). One of the entries is for "www" which redirects to our external IP/router (and the router ends up routing the IP to the correct internal server running IIS).
That all works fine. If someone goes to www.yy.org they go to our website.
The problem is, we now want the new domain (xx.org) to do the same thing. But, because the domain is yy.org and not xx.org, it seems like the DNS server is not responding with the external IP (because its supposed to respond to www.yy.org and not www.xx.org ).
How do I resolve this? My DNS server knowledge is rather weak. I assume I may have to create some sort of another "xx.org" domain on our charlie server then setup "www".
note: We are using IIS7, so I can setup bindings once we get the DNS issue resolved.
yy.org (old, and working)
xx.org
Our organizations domain is yy.org... In our "charlie" server acts as a name server (we run DNS). One of the entries is for "www" which redirects to our external IP/router (and the router ends up routing the IP to the correct internal server running IIS).
That all works fine. If someone goes to www.yy.org they go to our website.
The problem is, we now want the new domain (xx.org) to do the same thing. But, because the domain is yy.org and not xx.org, it seems like the DNS server is not responding with the external IP (because its supposed to respond to www.yy.org and not www.xx.org ).
How do I resolve this? My DNS server knowledge is rather weak. I assume I may have to create some sort of another "xx.org" domain on our charlie server then setup "www".
note: We are using IIS7, so I can setup bindings once we get the DNS issue resolved.
ASKER
Yes, right now our DNS server is doing everything. The registrar is "ns1.xx.org" and when I use nslookup it hits our server, thats where it does not find our external IP.
Without the www this is what we get:
yy.org: many addresses, including our external IP
xx.org: Nothing in terms of IPs (other then the address of the internal DNS server)
www.yy.org: Our external IP (this is the www entry doing this, and this is what we want)
www.xx.org: Wrong IP from misc site that says "this site is under construction" (our registrar doing this probably).
Without the www this is what we get:
yy.org: many addresses, including our external IP
xx.org: Nothing in terms of IPs (other then the address of the internal DNS server)
www.yy.org: Our external IP (this is the www entry doing this, and this is what we want)
www.xx.org: Wrong IP from misc site that says "this site is under construction" (our registrar doing this probably).
Yes you need to setup another dns domain on the dns server and setup a cname record . because when a client types in www.xx.org it will contact a dns server on its local lan if it does have the record in its cache or host table. if the dns server on the local lan does not have the record than the dns server will contact the root servers on the internet. the .org root server will refer the request for xx.org to your dns server which will have the dns records for xx.org so you need to have a dns domain setup on your dns server for name resolution so clients on the interent know how to get to you or find you on the internet.
ASKER
Thats what I have figured. But the problem has been I do not know what to do beyond that.
I do not want to try random things on this server. Creating a primary zone, secondary zone an stub zone all sounds like something else.
I do not want to try random things on this server. Creating a primary zone, secondary zone an stub zone all sounds like something else.
> www.xx.org: Wrong IP from misc site that says "this site is under construction" (our registrar doing this probably).
If you run "nslookup www.xx.org" what do you get back at the moment? Presumably the wrong IP?
We have two parts to this, the first is DNS. Are you actually running the name server for xx.org? The failure to get what you want suggests not. If you plan to, you will need to change servers with the registrar. If not, you will need to request changes, or make changes, to the existing zone (with whoever hosts that).
Breaking that down:
1. Establish who hosts the zone (perhaps try: nslookup -q=ns xx.org)
2. Request or make the changes (may need to you create a Forward Lookup zone for xx.org)
Once you're past that you're on to the web server, and it sounds like you have that bit down.
Chris
ASKER
"nslookup -q=ns xx.org"
Gives me no name servers, but list the FQDN and the IP of that server hosting the DNS.
"nslookup -q=ns www.xx.org"
This also gives the FQDN and IP of the DNS server (charlie). But it list ns1.xx.org along with three other entries ns2.meganameservers.com (to ns4) .All these ns# entries are under "non-authoritative answer". I cannot get rid of all three of them because they require at least 2 entries... But I figure it always tries ns1 first, so it should not matter...
I amuse what happens is when it hits our DNS (because of ns1) it does not resolve correctly, so its ns2 that resolves to the "under construction" page.
Another weird note: Few days ago after having this exact setup (trying misc settings in the registrar), the redirect was working for a short while.
Gives me no name servers, but list the FQDN and the IP of that server hosting the DNS.
"nslookup -q=ns www.xx.org"
This also gives the FQDN and IP of the DNS server (charlie). But it list ns1.xx.org along with three other entries ns2.meganameservers.com (to ns4) .All these ns# entries are under "non-authoritative answer". I cannot get rid of all three of them because they require at least 2 entries... But I figure it always tries ns1 first, so it should not matter...
I amuse what happens is when it hits our DNS (because of ns1) it does not resolve correctly, so its ns2 that resolves to the "under construction" page.
Another weird note: Few days ago after having this exact setup (trying misc settings in the registrar), the redirect was working for a short while.
> ... But I figure it always tries ns1 first,
It does not. Order is rotated.
Can you share the real domain names? Might be easier to see what's going on.
Chris
ASKER
its www.golfforekids.ca
I removed the ns3 and ns4 from the registrar, but apparently those changes havent taken effect.
I removed the ns3 and ns4 from the registrar, but apparently those changes havent taken effect.
Cool thanks :)
Okay, that looks good, all name servers respond, and all name servers provide the same answer with and without www.
So, is the answer right? I get back 216.251.32.99. Is that up to date?
Chris
Okay, that looks good, all name servers respond, and all name servers provide the same answer with and without www.
So, is the answer right? I get back 216.251.32.99. Is that up to date?
Chris
ASKER
No, the IP ending with 195 (ns1) is the correct IP. The firewire there directs the DNS request to our DNS server, while other request (HTTP) to our IIS server.
Hmm no addresses ending with 195 are listed. But if you're waiting on updates with the registrar that may explain that, it's one of the few things we cannot do much to check.
Chris
ASKER
I have another DNS that has 3 other DNS entries that are 3 incorrect IPs... Despite this fact the URL works 100% of the time...
Its almost like this error is being caused when they try to check the validity of the DNS on our server, and when they realize its not right, they always respond with there own "Internet address".
I think whats most important is to fix the issue on the server first, then the registrar issue should resolve itself after I resubmit the correct information...
Its almost like this error is being caused when they try to check the validity of the DNS on our server, and when they realize its not right, they always respond with there own "Internet address".
I think whats most important is to fix the issue on the server first, then the registrar issue should resolve itself after I resubmit the correct information...
I'm afraid I don't follow this:
> Its almost like this error is being caused when they try to check the validity of the DNS on our server, and when they realize its not right, ]
> they always respond with there own "Internet address".
Who is they?
The only people who will check DNS servers would be the registrar. But that'll be at the point you define them, never after. Beyond that DNS is simple, it responds with exactly the information you tell it to. If the entries, or name servers I quoted above are wrong that needs to be addressed.
Chris
> Its almost like this error is being caused when they try to check the validity of the DNS on our server, and when they realize its not right, ]
> they always respond with there own "Internet address".
Who is they?
The only people who will check DNS servers would be the registrar. But that'll be at the point you define them, never after. Beyond that DNS is simple, it responds with exactly the information you tell it to. If the entries, or name servers I quoted above are wrong that needs to be addressed.
Chris
ASKER
In golfforekids.ca under name server I have:
ns1.golfforekids.ca 209.105.201.195
ns2.meganameservers.com (no IP)
The second entry needs to be there, it needs 0 or 2 to 13 entries.
in algomafamilyservices.org (which www.algomafamilyservices.org works because a www entrie in our dns server)
ns1.algomafamilyservices.o
ns2.everydns.net (no ip)
ns3.everydns.net (no ip)
ns4.everydns.net (no ip)
All my DNS request hit my ISP DNS server, so even at home I cannot look at the packets and know what happens beyond that... but what I think happens is the DNS request does not find an entry for www.golfforekids.ca, so it goes to one of the meganameservers.com entries to display the "under construction" page.
ns1.golfforekids.ca 209.105.201.195
ns2.meganameservers.com (no IP)
The second entry needs to be there, it needs 0 or 2 to 13 entries.
in algomafamilyservices.org (which www.algomafamilyservices.org works because a www entrie in our dns server)
ns1.algomafamilyservices.o
ns2.everydns.net (no ip)
ns3.everydns.net (no ip)
ns4.everydns.net (no ip)
All my DNS request hit my ISP DNS server, so even at home I cannot look at the packets and know what happens beyond that... but what I think happens is the DNS request does not find an entry for www.golfforekids.ca, so it goes to one of the meganameservers.com entries to display the "under construction" page.
> but what I think happens is the DNS request does not find an entry for www.golfforekids.ca, so it goes to one of the meganameservers.com
> entries to display the "under construction" page.
It doesn't. DNS just doesn't work like that.
ns1.algomafamilyservices.o
www.golfforekids.ca. 657 IN A 216.251.32.99
But nothing for "golfforekids.ca". Even so, you think the entry above is incorrect?
It does not have an NS Record for ns1.algomafamilyservices.o
If the Host (A) record for www.golfforekids.ca is incorrect you need to get it changed with meganameservers.com. That's the only place anyone will look for an answer at the moment.
Chris
ASKER
I understand that, I am saying algomafamilyservices.org setup is working correctly with those settings.
The algomafamilyservices.org points to 209.105.201.195, which is what we want.
the golfforekids.ca points to 216.251.32.99, but we want it to point to 209.105.201.195.
They are two different domain names, but I both want them to point to the same IP.
As I have mentioned somewhere in one of my previous post, the settings I had DID work for at least a few hours last Friday.
The algomafamilyservices.org points to 209.105.201.195, which is what we want.
the golfforekids.ca points to 216.251.32.99, but we want it to point to 209.105.201.195.
They are two different domain names, but I both want them to point to the same IP.
As I have mentioned somewhere in one of my previous post, the settings I had DID work for at least a few hours last Friday.
ASKER
> If the Host (A) record for www.golfforekids.ca is incorrect you need to get it changed with meganameservers.com. That's the only place anyone will look for an answer at the moment.
Ok I will try that. That is a completely different setup then our other working domain name, but I do understand your logic.
Ok I will try that. That is a completely different setup then our other working domain name, but I do understand your logic.
Normally you need this to make the two names work:
golfforekids.ca. Host (A) 209.105.201.195
www.golfforekids.ca. Host (A) 209.105.201.195
An alternative to that is:
golfforekids.ca. Host (A) 209.105.201.195
www.golfforekids.ca. Alias (CNAME) golfforekids.ca.
Both are perfectly acceptable and will tell anyone asking that they should talk to 209.105.201.195 about each name.
At the moment you have an entry for both, pointing at 216.251.32.99 on ns1.algomafamilyservices.o
Chris
golfforekids.ca. Host (A) 209.105.201.195
www.golfforekids.ca. Host (A) 209.105.201.195
An alternative to that is:
golfforekids.ca. Host (A) 209.105.201.195
www.golfforekids.ca. Alias (CNAME) golfforekids.ca.
Both are perfectly acceptable and will tell anyone asking that they should talk to 209.105.201.195 about each name.
At the moment you have an entry for both, pointing at 216.251.32.99 on ns1.algomafamilyservices.o
Chris
ASKER
No luck. It only allows me to create name servers based on the golfforekids.ca domain name.... so things like www.golfforekids.ca and ns1.golfforekids.ca, etc...
If I put in other names servers like meganameservers.com or ns1.meganameservers.com they get added but without an IP.
Anyway... we just changed things around. We added another DNS to another server and are using a second of our external IPs to point to that server... So with any luck this setup will effectively work the same way our first site (www.algomafamilyservices.org) works....
If I put in other names servers like meganameservers.com or ns1.meganameservers.com they get added but without an IP.
Anyway... we just changed things around. We added another DNS to another server and are using a second of our external IPs to point to that server... So with any luck this setup will effectively work the same way our first site (www.algomafamilyservices.org) works....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Interesting information. I have also noticed some of these weaknesses (like the public AD, private IP address broadcast, and the everydns issue) I will pass it along to the other IT staff.
I am the programmer here, so server management is not my area of expertise (although that knowledge is quickly increasing).
Either way, ill give this a day or two. This way we could at least get it "working". But we have also discussed getting a third party to host the DNS, but we want to save money if possible (we are a non-profit organization).
I am the programmer here, so server management is not my area of expertise (although that knowledge is quickly increasing).
Either way, ill give this a day or two. This way we could at least get it "working". But we have also discussed getting a third party to host the DNS, but we want to save money if possible (we are a non-profit organization).
Ah good, at least it's not your problem :)
Hosting it is understandable, it's just I believe it to be false economy unless you have existing in-house skills. While I think DNS is simple, it's also easy to get very wrong.
Anyway, please do say if you need anything else. It'll be very difficult putting it in a reliable / sane state as long as AD is in the mix. Perhaps suggest they take a look at zoneedit.com?
http://www.zoneedit.com/
They're very good, especially at the price :)
Chris
Hosting it is understandable, it's just I believe it to be false economy unless you have existing in-house skills. While I think DNS is simple, it's also easy to get very wrong.
Anyway, please do say if you need anything else. It'll be very difficult putting it in a reliable / sane state as long as AD is in the mix. Perhaps suggest they take a look at zoneedit.com?
http://www.zoneedit.com/
They're very good, especially at the price :)
Chris
ASKER
Passed this information on to the IT who take care of our DNS. In the meantime the "2 DNS" solution is currently "working"...
You're right in thinking that you'd need a Forward Lookup Zone for yy.org, without that your server has no means of giving an answer.
I assume that you handle the DNS service entirely? And that you've sorted out the name servers for the domain with the registrar (if that's relevant)?
Chris