<div>
seeing this on phone so not looked lots but seems you have it trying to resolve &nbsp;can't find titi.sword.com.sword.com as you haven't added a dot on end of name to say name is fully qualified so then it is adding your completion domains?<br />
<br />
Steve
</div>


<div>
<blockquote>
now we installed brand new BIND server &nbsp;without copying the all zones &nbsp;and we asked this server to query record but we got no answer <br />
<br />
&nbsp;it is look like when this new bind server ask one of our windows dns server &nbsp;he got no answer . but when we ask windows dns server directly we get answer 
</blockquote>
<br />
<br />
Sorry but I don't get this?<br />
<br />
If you are not adding windows server zones as secondary / slave on bind server OR if you are not setting any forwarder on bind server pointing to windows server, it won't resolve queries<br />
<br />
Mahesh.
</div>


<div>
Hi Mahesh <br />
<br />
we configured the new redhat BIND server &nbsp;as forwarding DNS server to ask our windows domain controller DNS server <br />
<br />
but he got no answer <br />
<br />
when we change the forwarding configure to another BIND sever which work as a slave with transferred zones from windows server &nbsp;he got answer <br />
<br />
so we ask ourselves why when Linux or Solaris &nbsp;Bind server forward request to linux BIND they get answer but when they forward request to windows we get no answer <br />
<br />
we set the forwarding in &nbsp; &nbsp; &nbsp;named.conf<br />
<br />
i don't know if this related to windows security issue or Unicode stuff or anything i am really confused please advice &nbsp;<br />
<br />
<br />
Forwarding DNS Server<br />
<br />
The second configuration that we will be demonstrating is a forwarding DNS server. A forwarding DNS server will look almost identical to a caching server from a client's perspective, but the mechanisms and work load are quite different.<br />
<br />
A forwarding DNS server offers the same advantage of maintaining a cache to improve DNS resolution times for clients. However, it actually does none of the recursive querying itself. Instead, it forwards all requests to an outside resolving server and then caches the results to use for later queries.<br />
<br />
This lets the forwarding server respond from its cache, while not requiring it to do all of the work of recursive queries. This allows the server to only make single requests (the forwarded client request) instead of having to go through the entire recursion routine. This may be an advantage in environments where external bandwidth transfer is costly, where your caching servers might need to be changed often, or when you wish to forward local queries to one server and external queries to another server.
</div>


<div>
Are you doing zone transfers from the Windows boxes or are you simply forwarding requests to them from the BIND servers?
</div>


<div>
Hi Craig <br />
<br />
i am simply forwarding requests to them from Bin servers <br />
<br />
<br />
simply we forward the request to windows DNS server &nbsp;and we get no answer <br />
<br />
but when we forward the request to another BIN server which configured as slave to windows server with all zones transferd &nbsp;we get answer <br />
<br />
why windows DNS dose not answer the request from our linux BIND server even
</div>


<div>
Are you sure the BIND server is forwarding the request? &nbsp;If it is, the Windows server would answer. &nbsp;You already know that as you can resolve if you query it directly.<br />
<br />
Have you got all the steps correct when configuring the server as a forwarder?
</div>


<div>
Did my comment not prompt you to correct your config?<br />
<br />

<blockquote>
Have you got all the steps correct when configuring the server as a forwarder?
</blockquote>
</div>


<div>
What I did it is work around it is not a solution <br />
Because I just disabled the security <br />
Usually Bin should work without changing this configurations <br />
So till now no real solution for this <br />
Yes you told me there is a configuration problem and I know this for this I post a question but I got no technical answer
</div>


<div>
It's not a workaround. You're obviously not using DNSSEC on your other servers.
</div>


<div>
@Craig Beck:<br />
<br />
You could have pointed out DNSSEC configuration point....<br />
<br />
Your comment says &quot;Have you got all the steps correct when configuring the server as a forwarder?&quot;<br />
<br />
This is very generic statement and not nail down the exact issue, the statement simply telling that there is some issue with config, but obvious something wrong with config only..because windows DNS server is already functional and working correctly so problem exists with BIND config only.<br />
Further more, while configuring bind server, if it can check if target windows dns server is using dnssec or not and accordingly it ask to set config, then its different story..<br />
<br />
I don't think you should claim points, author may wish to grant you.<br />
<br />
<br />
Mahesh.
</div>


<div>
Hi mahesh <br />
You are right <br />
I just give the points because he ask for this but as you said he just answer that somethings wrong <br />
I know somethings wrong in the configuration for this i posted question <br />
Anyway I want to close this question and read about dnssec myself because I don't get any real help here <br />
Thanks
</div>


<div>
if you are using 2012 / 2012 R2 DNS servers, it by default support DNSSEC option<br />
<br />
you can go to dns manager console, right click server properties and on advanced tab you can see &quot;Enable DNSSEC validation for remote responses&quot; , that option is enabled bydefault and then it should support remote server requests with DNSSEC enabled<br />
<br />
I think you are having 2008 / 2008 R2 servers where this functionality is not available by default and hence you faced issues<br />
<br />
Mahesh.
</div>


<div>
Mahesh, it prompted the OP to recheck the config. It's worth an assist at least. I could've asked to see the config and that may have prompted the OP to recheck, but he followed a guide and obviously got it wrong, hence asking if the config was right.<br />
<br />
DNSSEC obviously wasn't supported.
</div>


<div>
<div class="content wysiwyg-content">
Hi All<br />
<br />
we have in our environment &nbsp;two windows DNS servers and both of them work aslo as DCs<br />
<br />
plus we have &nbsp;two Bind server on Linux &nbsp; and these Binds servers &nbsp;work as salves to our windows DNS server and we have configured the all zones on these Bind servers <br />
<br />
so when we use nslookup &nbsp;on windows DNS and BINS servers which has the all zones configure to query any AAA record we get answer <br />
<br />
now we installed brand new BIND server &nbsp;without copying the all zones &nbsp;and we asked this server to query record but we got no answer <br />
<br />
it is look like when this new bind server ask one of our windows dns server &nbsp;he got no answer . but when we ask windows dns server directly we get answer <br />
<br />
so there is forwarding issue &nbsp; any advice <br />
<br />
<br />
# more /etc/resolv.conf<br />
# Generated by NetworkManager<br />
search ie.sword.com sword.com<br />
nameserver 192.168.44.1<br />
nameserver 192.168.55.1<br />
# nslookup titi.sword.com<br />
;; Got SERVFAIL reply from 192.168.44.1, trying next server<br />
;; Got SERVFAIL reply from 192.168.44.1, trying next server<br />
Server: &nbsp; &nbsp; &nbsp; &nbsp; 192.168.55.1<br />
Address: &nbsp; &nbsp; &nbsp; &nbsp;192.168.55.1#53<br />
<br />
** server can't find titi.sword.com.sword.com: SERVFAIL
</div>
</div>


Hi All

we have in our environment  two windows DNS servers and both of them work aslo as DCs

plus we have  two Bind server on Linux   and these Binds servers  work as salves to our windows DNS server and we have configured the all zones on these Bind servers 

so when we use nslookup  on windows DNS and BINS servers which has the all zones configure to query any AAA record we get answer 

now we installed brand new BIND server  without copying the all zones  and we asked this server to query record but we got no answer 

it is look like when this new bind server ask one of our windows dns server  he got no answer . but when we ask windows dns server directly we get answer 

so there is forwarding issue   any advice 


# more /etc/resolv.conf
# Generated by NetworkManager
search ie.sword.com sword.com
nameserver 192.168.44.1
nameserver 192.168.55.1
# nslookup titi.sword.com
;; Got SERVFAIL reply from 192.168.44.1, trying next server
;; Got SERVFAIL reply from 192.168.44.1, trying next server
Server:         192.168.55.1
Address:        192.168.55.1#53

** server can't find titi.sword.com.sword.com: SERVFAIL

DNS quastion

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.