Solved

Reverse DNS Issue

Posted on 2014-07-29
11
221 Views
Last Modified: 2014-08-21
We have 2 external DNS servers that we recently migrated from Windows Server 2003 to Windows Server 2008 R2.  We are experiencing an issue sending mail through our Exchange server and I have narrowed it down to an issue with the DNS servers.  If I perform a reverse lookup against one of our external DNS servers the IP address resolves and gives me the name.  The issue is when I try doing the exact same thing against an external DNS server that is outside our network For Example: 4.2.2.2.  When I do this, I receive the following error.  

*** b.resolvers.Level3.net can't find <IP ADDRESS>: Server failed

I have looked at the settings and everything looks like it is configured correctly; however, this still isn't working.

This is not affecting Forward lookups as I am able to resolve these from our External servers as well as servers outside our network.
0
Comment
Question by:netmaster3620
  • 6
  • 3
  • 2
11 Comments
 
LVL 16

Assisted Solution

by:Joshua Grantom
Joshua Grantom earned 250 total points
ID: 40227512
If the IP addresses changed, you need to submit a ticket with your hosting provider or your ISP to update their rDNS records with the updated IP's.
0
 

Author Comment

by:netmaster3620
ID: 40227658
We host our own web sites; therefore, there is no hosting provider to notify.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40227665
Are you the internet service provider also?
0
 

Author Comment

by:netmaster3620
ID: 40227733
No we are not; however, the IP address of the DNS servers did not change either.  We reused the IP addresses for the old ones on the new servers.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40227759
So there are NS and PTR records under the Reverse Lookup Zone for your exchange servers? An external DNS Server will need the public IP's of your exchange.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:netmaster3620
ID: 40227793
Yes, these existed on the Windows Server 2003 DNS servers before.  The only thing we did was migrate the DNS.  NOTHING has changes in the config to my knowledge.  TO migrate we did the following:

ns1.domain.com was renamed to nsold.domain.com, and a new ns1.domain.com was installed.  We setup DNS on the new host and set the host as a seconday server so it would get the settings from the primary.  (nsold.domain.com)  Once complete, we set the new ns1.domain.com to primary and set the original server (nsold.domain.com to secondary.  We then removed DNS from the old server.  

We did a similar rollout on ns2.domain.com only we didn't have to set it as primary as this is the role of ns1.domain.com.
0
 

Author Comment

by:netmaster3620
ID: 40227799
To further elaborate on my previous comment, when creating the zones on the new ns1.domain.com we initially set them as secondary and then changed them to primary once all the records propagated.
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 40227809
Unless you independently requested an entire IP block from ICANN and own it outright or have specifically been delegsted full control of the reverse lookup zone, the owner of the IP addresses (not renter, but owner) controls rDNS. In most cases, even for many hosters, that means their upstream provider. I haven't seen any indication yet that you control the IP block in its entirety and therefore have to say that the initial comment is still correct. You'd need to resolve thus by opening a support request with your upstream provider or entity that owns the IP addresses in question.
0
 

Author Comment

by:netmaster3620
ID: 40227968
The addresses on the servers didn't change; therefore, I question why I would need to do this.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40227982
We can only operate with the information provided. Going back to youth initial question: you are having issues sending mail and you have determined that this is an rDNS issue. We don't know how you determined this, whether it is accurate, or whether this issue may have even existed in 2003. The truth is your rDNS issue *likely* existed previous to the switch. So is it responsible for your mail issues? Perhaps. Perhaps not. It is entirely possible that you will get this fixed and mail still will not send properly.

But we can't second guess every piece of information given. Or re-diagnose every step. Ultimately you asked how to fix an rDNS issue and that has been answered. Why do you need to do this now? Because that is what you asked! Nothing more.
0
 

Author Comment

by:netmaster3620
ID: 40229041
I contacted our ISP and they did in fact have to update their records. Seeing that the IP addresses of the servers hadn't changed I honestly didn't think that this would be required; however, it was.  Thanks everyone for your assistance.
0

Featured Post

Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now