exchange nslookup query

hi I am currently running exchange 2003 and my firewall is isa 2006

I have inbound & outbound for smtp already set via my isa 2006

I can successfully run 'recursive' test successfully

I have the default gateway set on all my machines

my isa has 2 nics separating both internal & external but on my internal nic pointing to
my local lan I have not added a default gateway as it gets the required info through my domain dns

I have tried to do the following:

nslookup
my local dns shows here as I think expected
type=mx yahoo.com

dns request timeout etc

question 1.  how do I resolve this issue

note: I will be upgrading my exchange server but just want to know how to resolve this issue
you are changing too many settings and do not concentrate on the main problem: name resolution (dns).  as long as nslookup fails on your exchange server no mail will be sent.
mikey250Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
CoralonConnect With a Mentor Commented:
Did you type it in exactly as shown?
Normally, you would set the type and then do the lookup.

Here is an example copied from my own machine
C:\Windows\system32>nslookup
Default Server:  <homedns>
Address:  <homedns_ip>

> set type=MX
> yahoo.com
Server:  <homedns>
Address:  <homedns_ip>

Non-authoritative answer:
yahoo.com       MX preference = 1, mail exchanger = mta7.am0.yahoodns.net
yahoo.com       MX preference = 1, mail exchanger = mta6.am0.yahoodns.net
yahoo.com       MX preference = 1, mail exchanger = mta5.am0.yahoodns.net

Open in new window


I did try it as you typed it, and I got different results.. I got some IP addresses, and then a timeout.  My guess is that the way you are doing it is doing multiple lookups and some of it is failing.  I got similar results when I tried your format for google.com & outlook.com.

Retest it with the single line lookups and see if you still get failures.  If you do, then you need to look at your routing tables on the ISA server.  It sounds correct that your default gateway would be on the WAN side.  You would not want to add a second default gateway (big no no that Windows will let you do, but will cause problems).  

Coralon
0
 
Leon FesterSenior Solutions ArchitectCommented:
Does nslookup work from any other machine on your network or is it only the Exchange server that is giving problems?

If all workstations/servers are affected then check if you have DNS forwarding configured on your DNS server.

Also check your ISA firewall to see if DNS requests are being blocked by the firewall.
Did anything change recently e.g. did you change ISP's?
0
 
BembiCEOCommented:
Keep your ISA into account- What said before is correct, so take care of the right format and see if other machines can use nslookup against external targets.

ISA may block the request, bit this you can see, if you just have a look into the life monitoring of ISA to see, if some of the requests are blocked.

So make sure that either your exchange, or if exchange is using internal DNS servers yur DNS server is allowed to make DNS request on port 53 to the internet.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
mikey250Author Commented:
apologies for not getting back asap.  I will test the advice given tomorrow and respond back in the morning.

im sure when I did try it on other machines it still did not work but did work obviously on my isa 2006 firewall as it is also on the wan side, so I assumed the isa 2006 needed some firewall policy to allow this.

as for the 'forwarders' tab I have not added any new entries other than the default settings and obviously my master dc dns ip address that is automatically added.

my recursion works from my master dc/dns properties.

much appreciated
0
 
CoralonCommented:
Did you set your DNS up as a Root server, or do you have the Root Hints enabled?

Coralon
0
 
mikey250Author Commented:
afternoon, my master dc/dns/dhcp is a root server and yes there is a 'root hints' tab that I never touch.

I also carried out your previous: nslookup example and yes I got yahoo.com results via my exchange 2003 server, win 7 laptop, master dc successfully.

so all appears ok now as far as this: nslookup goes so I can now allocate points.

much appreciated
0
 
CoralonCommented:
There ya go :-)  Don't forget your point allocation :-)

Coralon
0
 
mikey250Author Commented:
due to this being the 1st response and the exact requirement to resolve problem due to my syntax method it made sense to allocate all points to this expert.  much appreciated.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.