?
Solved

Reverse DNS Issue

Posted on 2014-07-29
11
Medium Priority
?
246 Views
Last Modified: 2014-08-21
We have 2 external DNS servers that we recently migrated from Windows Server 2003 to Windows Server 2008 R2.  We are experiencing an issue sending mail through our Exchange server and I have narrowed it down to an issue with the DNS servers.  If I perform a reverse lookup against one of our external DNS servers the IP address resolves and gives me the name.  The issue is when I try doing the exact same thing against an external DNS server that is outside our network For Example: 4.2.2.2.  When I do this, I receive the following error.  

*** b.resolvers.Level3.net can't find <IP ADDRESS>: Server failed

I have looked at the settings and everything looks like it is configured correctly; however, this still isn't working.

This is not affecting Forward lookups as I am able to resolve these from our External servers as well as servers outside our network.
0
Comment
Question by:netmaster3620
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
11 Comments
 
LVL 16

Assisted Solution

by:Joshua Grantom
Joshua Grantom earned 1000 total points
ID: 40227512
If the IP addresses changed, you need to submit a ticket with your hosting provider or your ISP to update their rDNS records with the updated IP's.
0
 

Author Comment

by:netmaster3620
ID: 40227658
We host our own web sites; therefore, there is no hosting provider to notify.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40227665
Are you the internet service provider also?
0
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

 

Author Comment

by:netmaster3620
ID: 40227733
No we are not; however, the IP address of the DNS servers did not change either.  We reused the IP addresses for the old ones on the new servers.
0
 
LVL 16

Expert Comment

by:Joshua Grantom
ID: 40227759
So there are NS and PTR records under the Reverse Lookup Zone for your exchange servers? An external DNS Server will need the public IP's of your exchange.
0
 

Author Comment

by:netmaster3620
ID: 40227793
Yes, these existed on the Windows Server 2003 DNS servers before.  The only thing we did was migrate the DNS.  NOTHING has changes in the config to my knowledge.  TO migrate we did the following:

ns1.domain.com was renamed to nsold.domain.com, and a new ns1.domain.com was installed.  We setup DNS on the new host and set the host as a seconday server so it would get the settings from the primary.  (nsold.domain.com)  Once complete, we set the new ns1.domain.com to primary and set the original server (nsold.domain.com to secondary.  We then removed DNS from the old server.  

We did a similar rollout on ns2.domain.com only we didn't have to set it as primary as this is the role of ns1.domain.com.
0
 

Author Comment

by:netmaster3620
ID: 40227799
To further elaborate on my previous comment, when creating the zones on the new ns1.domain.com we initially set them as secondary and then changed them to primary once all the records propagated.
0
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 40227809
Unless you independently requested an entire IP block from ICANN and own it outright or have specifically been delegsted full control of the reverse lookup zone, the owner of the IP addresses (not renter, but owner) controls rDNS. In most cases, even for many hosters, that means their upstream provider. I haven't seen any indication yet that you control the IP block in its entirety and therefore have to say that the initial comment is still correct. You'd need to resolve thus by opening a support request with your upstream provider or entity that owns the IP addresses in question.
0
 

Author Comment

by:netmaster3620
ID: 40227968
The addresses on the servers didn't change; therefore, I question why I would need to do this.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40227982
We can only operate with the information provided. Going back to youth initial question: you are having issues sending mail and you have determined that this is an rDNS issue. We don't know how you determined this, whether it is accurate, or whether this issue may have even existed in 2003. The truth is your rDNS issue *likely* existed previous to the switch. So is it responsible for your mail issues? Perhaps. Perhaps not. It is entirely possible that you will get this fixed and mail still will not send properly.

But we can't second guess every piece of information given. Or re-diagnose every step. Ultimately you asked how to fix an rDNS issue and that has been answered. Why do you need to do this now? Because that is what you asked! Nothing more.
0
 

Author Comment

by:netmaster3620
ID: 40229041
I contacted our ISP and they did in fact have to update their records. Seeing that the IP addresses of the servers hadn't changed I honestly didn't think that this would be required; however, it was.  Thanks everyone for your assistance.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question