The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am trying to clarify what function the A record performs in the following scenario

I have a client who owns the domain name xyz.com.au.
They run on prem exchange, use remote access from outside for contractors and staff, and connect to gov't entities to access data.  They have another party who developed their website.

I registered the domain name for the client, and set up DNS entries for MX, WWW etc, with only the WWW A record pointing to a different IP Address

The website developer is demanding the A record for the domain be pointed at the third party webserver hosting the website.  Why? is it important to him that the generic A record for the domain point to the webserver?  What am I not understanding about his request and what are the consequences.

I assumed that all external non www requests should go the main gateway.
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Hi Experts,

I am having a problem with my Cisco 897VA router and allowing access to internal servers from internal devices.

Any attempted access gets a not authorised response.  We can access it via IP or if placed in the host file on the user pc.  There is no issues accessing from external devices.

This however is a pain to do.  I do not wish to modify my internal DNS server at this stage or run a separate one for just one zone as this was working fine under a previous router, this has just happened since switching to the 897va.

Server we want to access has internal IP of :
External IP is: 114.xxx.xxx.153

This is my current sanitized running config:

Current configuration : 10024 bytes
! Last configuration change at 08:08:17 NZST Thu Jul 19 2018 by mike
! NVRAM config last updated at 21:35:34 NZST Wed Jul 18 2018 by mike
! NVRAM config last updated at 21:35:34 NZST Wed Jul 18 2018 by mike
version 15.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug uptime
service timestamps log uptime
service password-encryption
service sequence-numbers
hostname Gateway
logging buffered 65535
logging console critical
enable secret 9 $9$3JnjQpR9JT50Sn$JLsMVFipNYhVK/xdt6uahIPXx87ZfnOiS8Yd36old6E
aaa new-model
aaa authentication login default local
aaa authentication login userlist local
aaa authentication ppp …
I had this question after viewing Problem with CNAME in DNS and browsing fileshare.

I have a Windows 2016 server that I just built for my company but when I click "Start", Run, \\ServerCName\, it should normally give me a list of all the SHARES on the server but it does not.  I tried adding the following to the registry "DisableStrictNameChecking" but still no luck.  Please Help?  Thanks.
In our environment the DNS IP Address has been changed. For Citrix Target Devices we have created BDM ISO (Local ISO) with new DNS IP address but still few target devices does not take the new IP , we have to manually enter the DNS settings.

Working and non working target devices are in same OU, same Subnet.

Target Device OS : 2008 R2
incumbent IT provider named the windows AD domain name the same as the external web/email domain.
not the end of the world until they want to access their own website.

we have other clients with the same issue. we just drop an A record in Windows DNS referring to www then the IP provided by web host provider, then bam it works no issue. EXCEPT FOR TODAY OF COURSE! this was just working fine for this client but they changed web devs and hosting provider, so we just had to change the IP address for the A record that already existed.

we try to access the website within the client's walls and it sends us to an IIS Server page. we do not run IIS internally so do not thing its hitting our own boxes.
when accessing the website via a browser we do begin with www.domainname.org

when we ping www.domainname.org it resolves to the new IP we are pointing to in A record. same if we ping just www.

just worked with godaddy who is registrar and DNS provider, the confirmed all good
just worked with ISP, they confirmed DNS servers that we have in the forwarders section of MS DNS. we also added & to forwarders.

cleared all browser cache.. will be fine with hosts file entry as not a large user community if that is a quick fix.

rebooted servers last night as well, just cause we have not yet done that.. still nothing.

this has to be something really stupid and appreciate it if someone could point it out to me.
We have internal DNS servers on our network we do not house our website server 2008r2. Our website is the same name as our internal domain (I call it bank.com) so when a user on our network goes to our externally hosted website they have to use www.bank.com or the requests never leaves the network and the page doesn't come up. We have bought a sub-domain Ill call it start.bank.com and we cannot add the www to it because the SSL cert wont support it. So what kind of a rule or host record can I add to our internal dns servers to push the request for start.bank.com outside of our network?

Is there a DNS Manager available for Windows 10 so that I can create Microsoft DNS records?
I have a new Server 2016 machine on the same domain as an old SBS2008 machine. I have joined the 2016 box to the domain and promoted it to a DC. It has replicated AD, DNS and Group Policy but it wont create the SYSVOL or NETLOGON shares on the new machine. I have tried all the fixes on google i could find that seemed relevant but it wont replicate FRS. As it seems to have replicated everything else i was wondering if i could simply manually copy over the SYSVOL and NETLOGON shares to the new machine? I know its probably not recommended but the old machine will be demoted so in theory i would have thought that at that point it wouldnt matter that it couldnt replicate?
Anyway if anyone has any idea if this approach is workable please let me know?
Thanks in advance.
I have replaced an old Remote Desktop Server with a virtualized Win 10 PC (there was only a few people using it so did not want to do the whole server thing)
Anyway, to make things easier for the remote users I set up a static DNS entry to point the old server name to the IP address of the Win10 PC
If I ping the old server name it resolves to the correct IP address.

If I connect to the Win10 PC using the name of the Win10PC it works as expected.
If I connect to the Win10 PC using the name of the old server, i get the following error;
"The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated in the DNS cache.  Try using the IP address of the computer instead of the name."

In DNS I have tried;
an A record - OldServerName -> IP address
A C Record - OldServerName -> Win10PCName

No Difference.

Any suggestions would be appreciated - clearly the RDP protocol is not liking the name differences
Hi guys

We have a virtual fileserver, Windows 2012 R2 which has DFS set up on it for future purposes. Once every few weeks, we run into this issue where nobody is able to access the mapped drives. This morning it happened. If I tried to RDP to the server, an error message would pop up instantly as though the server was unavailable.

I had to log onto the actual Vcenter server and restart it. After that, everybody was able to access the mapped drives again.

The server has 4GB of RAM with dual 3.4ghz processors. C drive has 50% free. F drive has 28% free, F drive has 50% free. Both drives have Windows Volume Shadow Copy set up to take snapshots of both drives twice per day.

I've attached the log files of the past 12 hours to see if anybody can see anything? Is it paging file related? Is it falling off the network and it is DNS related? I have no idea, so any help would be awesome.

Thanks for helping
What were the top attacks of Q1 2018?
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

Hey! I have a router problem. On last saturday, i got the new 1000mbit/s internet in my house. My ISP(called Digi, in Hungary .) Gave me a Huawei(Huawei EchoLife HG8242-B,) modem/router(?). I bought on monday a new TP link AC1200. BUt i was experiencing internet drop issues. (it lost connection after 30mins, and keeps doing that in that interval.) So I called my ISP, they came to my house on wednesday, and told that, the problem is in my router. So i took it back to the shop, and bought a new TP link AC1750 V4.0 on Thursday. But the problem still appear, and I've tried everything. Dhcp change, MTU size change, frimware upgrade/downgrade, DNS change but it still drops the connection on WIRED. The problem appears on every WIRED computer, at the same time. Before first my ISP came to my house, the Huawei was in Dinamic IP mode, but my ISP changed that to bridge mode, so now the connection is now, a PPOPE one. Problem still appears, every time, and ISP keep saying, there is no fault at their end. But it'S possible to get 2 wrong router? My ISP will come today too.  SO what should i change  to finally forget this problem?
The strange  thing is , from an old TP link 941N router, everything works fine.
Now, what could be the issue?
I have installed a new Exchange Server 2016.  All connectors and internet DNS has been configured.  When I goto OWA and try to send an email to the internet or internally to a mailbox on the same server it drops the email right into the draft folder unsent.  I noticed the I get an error in OWA that states I do not have permission to send.  I've built many Exchange servers in the past, but this is my first go with 2016.  Does anyone have any ideas?

Thank you,

I've established a transitive forest trust between Active Directory domains ( lets call them DomainA and DomainB). I'm able to successfully access DomainB objects from member servers and workstations in DomainA (i.e. give DomainB groups file permissions, etc...). However I'm unable to do the opposite in DomainB. For example, if I attempt to give a DomainA group file permissions on a member server in DomainB, I receive the following error:

"The Active Directory Domain Controllers required to find the selected objects in the following domain are not available"

Problem only seems to affect DomainB workstations and member servers. On a domain controller, I'm able to add a DomainA user to a DomainB group.

I've confirmed that DNS resolution is working between the domains, and verified the trust. There is no physical firewall between the DCs, and all windows firewalls have been disabled.

DomainA is running all 2016 DCs, while DomainB is running 2008 R2.

I'm drawing a blank on what's going on.
I have sbs 2003 server, I also have cablevision as my ISP, we just moved and I have to open a new account with my provider, so the Static IPs were changed.

Now I cannot remote access into my destops.
I updated the new WAN ip on the router, updated the A record on my DNS with the new IP, Re configure the firewall on the server, open ports 80 and 25 with the ISP, and still not able to have remote access. Can someone help?
Computers running OSX (Not sure what version) all of a sudden are having problems resolving DNS.  This is all within the same household.  The family can go to a local coffee shop and experience the same issues while connected to WIFi there when no one else is having the problem.  The latency only seems to be an issue when you're using a web browser.  If you run nslookup from the console or ping, no problems are evident.

  • DNS resolution from the console is instant no matter what.
  • Flushed DNS Cache
  • Reset PRAM
  • Reset SMC
  • Tried different browsers, DNS resolution in all browsers takes 30-60 seconds per domain.
  • Ran ESET Cyber Security Pro to see if anything popped up there, nothing did.
  • Going to run Malwarebytes to see what it finds.
  • Tried different DNS, and

Please advise.
Dear Experts

We have been asked to deploy on premise mail server for which we are planning to go for zimbra network but before to that we have to design the network,  though this email server will be working for internal within main office and branch office as it is connected in mpls network but we also would like to send and receive mails to external domains following measures to be taken
1. if our server or internet goes down the sender mail should not get lost for us once the server or internet gets restored the mails should be delivered to our emails accounts.
2. our domain and ip reputation should be always good so that our messages gets delivered to the inbox on the recipient email
please suggest on how our email server to be configured have internal dns server and make it work as normal email server and for external we have to avail SMTP RELAY service with some service provider please suggest is this correct if not please suggest what service we have to avail for external email delivery with email security will be taken care.
Hello :-)
I am configuring dns scavenging in my dns / dhcp. currently the dhcp lease is 6 days, so according to the question https://www.experts-exchange.com/questions/29093013/DNS-Scavenging-Best-Practice.html I've defined the no-refresh and refresh values for 3 days each (50% dhcp lease). So the DNS option "allow automatic deletion of obsolete records" should be set to same dhcp lease (6 days)?

DNS scavenge with multiple DHCP lease times

We have the following configuration. Also attached is our DHCP configuration @ the top level. We have the default Server 2012 R2 options, "Dynamically update DNS records only if requested by the DHCP clients" with " discard A and PTR records when lease is deleted" ticked. We have credentials set for DNS dynamic update & our DHCP servers are added into the DNSUpdateProxy group. Scopes & counts as follows:

9 DHCP scopes with 1 day lease
12 DHCP scopes with 2 day lease
11 DHCP scopes with 8 hour lease
105 DHCP scopes with 8 day lease

Have done a lot of reading about the refresh + no refresh ideally being the same as the DHCP lease time, but assumption being DHCP lease times are same for all scopes. Our scenario is they are not, & so not really sure on the impact of different scavenging options

Majority are 8 day lease, so reading many blogs it mentions this should ideally match the total refresh. So values of 4 & 4 for no refresh & refresh, but then what is the impact of this on our scopes with 1day, 2day & 8 hour leases? Suppose the risk is they end up with duplicates until the zone is scavenged?

This is where I am thinking we should maybe configure DHCP to "always dynamically update DNS records" but they don't know if this actually required. My thinking is that if address is assigned to another computer DHCP can update DNS & we shouldnt have duplicates, then configure 4 + 4 days for scavenging. Or is this not …
I have a department on another subnet that has a secure router between networks that is out of my control.  The users on that network share resources on my side.  For the most part, access on a daily basis works fine. However, every once in awhile I get a user that cant see my Win2k8R2 server including shares and resources.  They cant ping it by name, fqdn or access using \\servername\share. Cant tracert either.  So it will not resolve the DNS name BUT, when the ip is pinged it replies.  That to me is a dns issue but I cant figure it out.  The domain has been around since the NT days so it wasn't setup as a FQDN way back when but when we upgraded over the years we added the FQDN obviously.  It feels related to WINS - I removed that years ago.

I have 3 domain controllers, 1 is Win2k8R2 and the 2 others are Win2k12R2.  All are running DNS. 2 are running dhcp. The problem department is using static IP addresses. My side is using dhcp. Now I have seen once or twice on my side the server not show up in the network neighborhood on a users pc.

I don't know how to troubleshoot finding out why they cant get to the resources. I haven't disjoined them from the domain and rejoined them bc that doesn't seem like a solution.  There is something wrong with my DNS settings which really doesn't have a whole of settings.  Should I delete the cache on the DNS servers? Should I restart DNS on all servers? I bet adding  the servers to the host file would work but that is so old.   I don't …
Cloud Class® Course: CompTIA Cloud+
LVL 12
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

VPN Issue:
I am experiencing an issue with our VPN (client to site) where, we can connect to the network, we can ping server IP address, we can ping server DNS name, we can connect to server via RDP but we cannot map to any shared folders.  There is a mix of Windows 2012 and 2008 servers and a mix of Windows 7 and 10 clients. We are using a Barracuda F380 Firewall. Any help would be appreciated.
I had this question after viewing Node(s) server01.domain.com server02.domain.com cannot reach a writable domain controller. Please check connectivity of these nodes to the domain controllers..

I am validating windows fail-over cluster. I am getting below errors. Can some help me out for this ?

Connectivity to a writable domain controller from node VMClient01.domain.com could not be determined because of this error: Could not get domain controller name from machine VMClient01

Connectivity to a writable domain controller from node VMClient02.domain.com  could not be determined because of this error: Could not get domain controller name from machine VMClient02

Node(s) VMClient01.domain.com  VMClient02.domain.com cannot reach a writable domain controller. Please check connectivity of these nodes to the domain controllers.
Hi All, I have 3 AWS VM's. VM01 is domain controler, VM02 and VM03 joined domain. I am able to ping VM's by IP , full name "host.domain.com" and AWS Private DNS butnot with "host" .  Can you please help me out for this?
I have devices that pull their IP addresses from DHCP which are not on the domain. I however need the devices to provide he DHCP server with a hostname -- make a DNS entries and update it when the IP changes.

Is this possible to do when the infrastructure is as the following:

ISC DHCP ( dhcpd )
Microsoft DNS ( AD DNS )


I want to set up a brand new office 365 business essentials subscription new domain name from scatch.

So what I am trying to decide is if this is a good option to choose:


So here you can purchase it straight from Office 365.

Now lets say I do this.

1. Where are the DNS records then managed from? From an inerface in Office 365 or do I then manage it from the GoDaddy web site?

In other words if I want to add a new host A record where is it done from.

2. Any disadvantages with this method as opposed to creating a GoDaddy account separately and registering my domain name in there first.

3. Am I then billed from Microsoft only or do I get separate ones from GoDaddy?

4. Does this create a GoDaddy login that I can then login there web site with?


Hello everyone,

I'm a newbie in this forum and in the server field.

So today the problem I'd like to discuss is DNS role on the server.

Well, I followed and did the Best Practices Analyzer (BPA) instruction (the link below) for resolving the problem that related to the subject. Here is the link included in the BPA log:


But the problem could not be resolved.

My server version is 2008 R2 Standard SP1

Any help is highly appreciated

Thank you for your consideration
Jack Nguyen






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.