The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm building a website that will have a lot of video that must be stored and hosted locally.

I will have a really fast connection but I live on the coast and I was wondering if a hurricane hit or the power went out for an extremely long time could I set up the DNS to forward to a linode account?

How long would this take if it's possible?

Do the machines sync together? Or would they be forwarded to a site that is different from the one that was hosted locally?
Industry Leaders: We Want Your Opinion!
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I've read some articles on technet that are clear as mud but I'd like to know what is the best practice for DNS config on 2 DCs with DNS and DHCP servers running on the same Hyper-V Host. There seems to be a lot of disagreement on whether or not to put the loopback address for DNS on each server so I've excluded it.

Current config is below and when DC1 is down clients lose connectivity to their shares.

Hyper-V Host Server 2012r2
                DNS Config: #1DC-1 #2 DC-2 #3

                (VM1) DC-1 (2012r2)
                        DNS Config: #1 DC-2 #2 DC-1
                        DHCP Server with failover set to DC-2, scope set DNS DC-1 and DC-2

                 (VM 2) DC-2 (2012r2)
                        DNS Config: #1 DC-1 #2 DC-2
                        DHCP Server with failover set to DC-1,  scope set DNS DC-1 and DC-2

                 (VM3) FS-1 (2012r2) File Server hosting all shares
Good Day,

Got a question which I am not sure about.

I got a Server 2012 Hyper V Host running 3 Virtual servers
6 NICS and 2 NIC Teams

Virtual Servers:


ServerA has one virtual NIC and it is statically assigned IP address. IPv6 on this nic is disabled.

However on the DNS there are 3 entries showing for this server.

1. ServerA - Host(A)  static  ( This is the static one on the only nic on this server )
2. ServerA - Host(A) static ( Not sure where this is coming from. I tried deleting it and it comes back after some time. ?? )
3. Server A  IPv6 Host (AAAA)  - long mac address - 8/12/2017 11 PM

Shouldn't there be only 1 entry ?  

The same issue is with couple of other severs. Either my concepts are not clear or it is something weird.

This is a non-Windows AD network.  Mixed environment.

Is there a good tool to scan and list all the available hostnames on the network?
Same for the DNS.  Can I search local DNS and compile all the hostnames registered there?

Thanks in advance.
I'm unable to send emails to external addresses. Emails send between addresses on the same server complete successfully. I'm running centos 6 and Centos Web Panel with roundcube. Mail log is in the pastebin link below. DNS testing info to follow. Any advice is appreciated.


SMTP Reverse DNS Mismatch      OK - resolves to ing.jingersoll.com
      SMTP Valid Hostname      OK - Reverse DNS is a valid Hostname
      SMTP Banner Check      OK - Reverse DNS matches SMTP Banner
      SMTP TLS      OK - Supports TLS.
      SMTP Connection Time      0.651 seconds - Good on Connection time
      SMTP Open Relay      OK - Not an open relay.
      SMTP Transaction Time      2.488 seconds - Good on Transaction Time
Session Transcript:
Connecting to<br /> <br /> 220 ing.jingersoll.com ESMTP Postfix [600 ms]<br /> EHLO PWS3.mxtoolbox.com<br /> 250-ing.jingersoll.com<br /> 250-PIPELINING<br /> 250-SIZE 204800000<br /> 250-ETRN<br /> 250-STARTTLS<br /> 250-AUTH PLAIN LOGIN<br /> 250-AUTH=PLAIN LOGIN<br /> 250-ENHANCEDSTATUSCODES<br /> 250-8BITMIME<br /> 250 DSN [607 ms]<br /> MAIL FROM:&lt;supertool@mxtoolbox.com&gt;<br /> 250 2.1.0 Ok [616 ms]<br /> RCPT TO:&lt;test@example.com&gt;<br /> 454 4.7.1 &lt;test@example.com&gt;: Relay access denied [607 ms]<br /> <br />PWS3v2 3018ms<br />

DiG  ANY jingersoll.com +trace
jingersoll.com.            14400 IN TXT "v=spf1 +a +mx +ip4: ~all"
jingersoll.com.            14400 IN MX 0 mail.jingersoll.com.
when i type web address in my browser

how do i get the site

like how dns or how it works

I have a Ubuntu webserver on amazon running Apache and I want the site to be able to send emails.
I have installed and configured postfix, and it works... apart from email always going to spam.

I understand that if I create a SPF DNS record i can reduce the chance of it going into spam... and also reduce stop spammers from spoofing your domain.

I don't quite understand how the record works... could someone help......

Server Hostname: example.uk
Emails get from from server@example.uk

DNS Records on 123reg
@ A Record (external ip)

Emails will only be sent from server@example.uk

Can someone help create a SPF Record.


I have a weird issue when doing a Nslookup for some of our external DNS records. If I do a command line nslookup using all my records come back showing the results as I have tested this from several computers off our network. Even from home computers the results are the same. If I use a Nslookup tool online I get the correct results. Even using a DNS severs from local ISPs I get the 195.x results
I will be migrating a Google Gmail email domain to Office 365.

I have gone through and completed all the required steps as documented on the Migration Wiz website to do this.

I have created the required TXT record within this company's external DNS provider (asmallorange.com) and have been told by the Office 365 domain wizard that I need to add the records shown in the screenshot to our external DNS provider (asmallorange.com).

Is it possible for me to add these records to our external DNS provider (asmallorange.com) while leaving the existing records for Gmail in place?

I want emails to continue to go to user's email accounts within Gmail. The only thing I want to do now is to finish the domain verification of the domain name that is currently being used by Google/Gmail so I can then use the migrationwiz.com website to migrate the email from the Gmail servers to the Office 365 servers.

Then once this migration has completed I will replace the external DNS Gmail email records with the Office 365 DNS records shown in the screenshot and will create new Outlook profiles for all users so Outlook will connect to the Office 365 servers for email.

What I need to do now is to finish the email domain verification within Office 365 so I can then perform the migration wiz migrations (while we coninue to use Gmail as our email service provider--but I don't want to interrupt any future emails from arriving at the Gmail servers until I officially cut the online DNS …
Spun up a DC too fast.  Wonder now how to change a DNS Domain name from domain.local to domain.com and also a NetBIOS name.  
Worth the stretch or easier just to wipe and reinstall?
DC Win2016 Server Standard.
NFR key for Veeam Backup for Microsoft Office 365
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Trying to deploy an AD and cannot use the NetBIOS name that I want.  Saying same already exist.  
How can it be if we do not have any domain?
Can it be conflicting with a machine name someone name as such?
We had this problem start suddenly 3 - 4 months ago and still can't track it down.  We have Sharp MFD's:  models, MX-3100N, MX-M453N, MX-4111N, which all intermittently, not often, give the user a "Network Error CE-00" error when scanning a document to a network share location.  They can wait a variable amount of time, try again, and it works perfectly.  This is using SMB.  
   We've tried updating the firmware and using the IP address, rather than the DNS name in the scanning configuration, with no success yet.  
   We understand that it is a network connectivity issue in some fashion but still can't track it down.  This is on multiple devices, so doesn't seem to be a hardware problem.  There weren't any other changes during that time period when it started happening.  Thanks for any thoughts on this!
Issue popped while leveraging the Microsoft Fastrax team to migrate from GSuite to o365.

Our ADDNS was setup as site.contoso.com so that it wouldn't parallel our FQDN of contoso.com

Website and Email domain is: contoso.com  
Internal ADDNS is: site.contoso.com

Fasttrax engineer had me install Azure Active Directory Sync and add a UPN suffix of contoso.com to our ADDNS.

Afterwords we could no longer connect to contoso.com internally.

After testing the sync and realizing that we could not use Alias's in o365 mailbox without an on prem exchange server we uninstalled Azure Active Dirctory Sync and removed the UPN suffix of contoso.com in hopes that it would fix navigating to our website internally.

We still cannot access our website interally.  The website is hosted outside of our network.

We cannot get Outlook to connect to o365 internally, but it does externally.

Creating a new zone of contoso.com in our DNS with records for www and parent pointing to the external IP of our website did not fix this issue.  I'm currently trying to get the autodiscover to work via dns and group policy for Outlook to connect from our network to o365.

Any suggestions/help would be much appreciated, put two 14 hour days in with no movement what so ever.
We have 2 DC. DNS is installed in both. Now both DC are giving this error: The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.

Ran DNS Test, Below is the result:

C:\Windows\system32>dcdiag /test:dns

Directory Server Diagnosis

Performing initial setup:
   Trying to find home server...
   Home Server = QAKSQSDCDN01P
   * Identified AD Forest.
   Done gathering initial info.

Doing initial required tests

   Testing server: QADN\QAKSQSDCDN01P
      Starting test: Connectivity
         ......................... QAKSQSDCDN01P passed test Connectivity

Doing primary tests

   Testing server: QADN\QAKSQSDCDN01P

      Starting test: DNS

         DNS Tests are running and not hung. Please wait a few minutes...
         ......................... QAKSQSDCDN01P passed test DNS

   Running partition tests on : DomainDnsZones

   Running partition tests on : KI

   Running partition tests on : ForestDnsZones

   Running partition tests on : Schema

   Running partition tests on : Configuration

   Running enterprise tests on : KEPPELGROUP.COM
      Starting test: DNS
         Test results for domain controllers:

            Domain: KI.KEPPELGROUP.COM

               TEST: Basic (Basc)
Hello everyone.
 Am  writting a Windows Driver application (Packet modification) for DNS interception and redirection, making use of  https://github.com/Microsoft/Windows-driver-samples/tree/master/network
 My question is this am i supposed  to use Callout Driver  or Windows Driver Kit
 Secondly, am developing  a Windows service in Visual Studio how  do i use either the Callout Driver  or Windows Driver Kit in VISUAL STUDIO 2017 application
Hi all. Anyone got any ideas about how best to look at 2 Domain Controllers and compare them for configuration?

So something that views LDAP policy, DNS resource weight and priority, a tool perhaps that makes comparisons and spots differences? Or maybe nothing like this exists?
Thanks all
Currently, we migrate our local Active Directory into a large Active Directory structure of our data provider. Sometimes our workstations show strange problems (Explorer.exe crashing, resources unavailable etc.). We found out that those problems don't occur if we put our domain name with an IP address of an available DC in c:\windows\drivers\etc.hosts.

Using Wireshark we found out, that some DNS-queries on DCs were not answered. The clients kept on sending packets on port 53/DNS which were not answered. Just pinging them is possible. The firewall of our data provider just drops IP packets on unavailable ports instead of denying them.

nslookup my.domain.com
   Addresses: (only ping, everything else dropped)
               (only ping, everything else dropped)
               (port 53 available)
               (only ping, everything else dropped)

I would like to convince our data provider, that DCs in the round robin list of the AD domain should either be completely available for AD relevant protocols or otherwise be completely unavailable, so that workstations contact other DCs.

Am I right with this assumption? Is there a whitepaper concerning the availability of DCs in the round robin DNS list of an AD domain name?

Best regards!
My Question is, do I need port 443 for legacy.Domain.com to point to the exchange 2007 server if the users do not use OWA, during the migration of 2007 to 2013 Exchange?
 Offsite users are configured for Outlook anywhere, and I am not sure if that uses port 443.
Dear All

I am not able to join DMZ server into domain.
Error : The network path was not found"

I have opened the port as below:

LDAP TCP-in – 389
LDAP UDP in – 389
LDAP for Global Catalog TCP in – 3268
NetBIOS name Resolution UDP in – 138
SAM/LSA TCP in – 445
SAM/LSA UDP in – 445
Secure LDAP TCP in –  636
Secure LDAP for Global Catalog TCP in – 3269
W32Time NTP UDP in – 123
RPC – RPC Dynamic
RPC Endpoint Mapper
DNS – TCP and UDP 53
Kerberos V5 UDP in – 88
Netbios Datagram UDP in – 137
Four New Appliances. Same Industry-leading Speeds.
Four New Appliances. Same Industry-leading Speeds.

But don't take it from us.  The Firebox M370 is Miercom tested and Miercom approved, outperforming its competitors for stateless and stateful traffic throughput scenarios.  Learn more about the M370, M470, M570 and M670 and find the right solution for your organization today!

In Windows there is a checkbox "Register this connection's addresses in DNS".  See attached screenshot.
What is the equivalent in
- Ubuntu Workstation
- Raspian (Raspberry Pi Debian variant)

Thank you
What are the exact steps to lookup which company hosts a company's external DNS records?

I will be migrating a company from a corporate Gmail account to Office 365. Currently no one knows which company is being used to host this company's external DNS records. I will need to change these external DNS records to point to the Office 365 servers to successfully complete the migration from Gmail to Office 365.

I'm already familiar with using websites like MXtoolbox.com but where within MXtoolbox.com or other websites can I determine exactly which external DNS provider hosts a company's external DNS records including the MX records?
There are about 20 users on our SBS 2003 domain. None of them can reach a certain website (www.cleaneasier.com) from their local machines. They were able to access the website a few hours ago. They receive an error from the browser of" www.cleaneasier.com’s server DNS address could not be found.
 I assume it's an internal DNS issue but I do not see anything configured for that domain is the SBS 2003 DNS settings. Can anyone give me pointers on torubleshooting this issue. I have verified the site is up, can reach it from outside the network fine.

Nothing is configured in forward or reverse lookup zones for the cleaneasier.com domain and no changes (that I am aware of) have been made to our servers DNS settings recently.
First off let me start with I work with a school system, so I do the bare minimum w/ ASA configuration.

Apparently, different services/companies are starting to use systems w/ CDN so IP addresses change and I can no longer just white-list IP w/ ports. I have to do URL w/ ports. (URL filtering?)

I've been doing my research but having a hard time understanding how to get this all setup. I have a Cisco 5525, and manage it was Cisco ASDM 7.1, I went into -> URL Filtering Services -> selected "Secure Computing SmartFilter Port: 4005" Servers are set to: Inside my internal DNS server, timeout 30, protocol TCP and TCP connections 5.

I haven't done anything else..  I need help, Do have to configure anything on my local DNS? Where to I add the URL's ?
Any help at all is very greatly appreciated and thank you in advance!
we've got a 2008 R2 domain with an RODC deployed in a DMZ and servers wihtin the DMZ connect to this server for authentication, DNS etc.

Recently, we deployed new group policies on the domain, and i noticed the DMZ servers were not receiving these changes.  a quick check of the RODC shows it is unable to receive the updated GPOs (even after a gpupdate /force it reports an error).  In the event log I am seeing multiple event ID 64 about expired certificates, plus Event Ids 6 and 13 regarding failed certificate enrollment and "RPC Unavailable" errors.  nothing has changed with regards to the FW rules recently to cause this.

Opening the FW to allow all traffic between the Root DC and the RODC has resulted in everything now working again, certificates have updates and all new GPOs have been received and a gpupdate now reports successful completion.

I've opened up all the required ports as detailed in the microsoft documents, and assigned two static ports to replace the dynamic port ranges (again as detailed in MS documentation).  Clearly I can't leave all traffic enabled, but am a loss to what i am missing which is causing this failure?
I will soon be migrating our AD domain controllers to Server 2016. We have a few DC's in the 1 forest but the one that holds the FSMO also has a lot of other services like DHCP and its a certification authority. I've come up with a very high level list of the process involved, id like to see if I am on the right track by the experts on here. My main concerns are over keeping the same IP and Name as the old DC and moving the certification authority.

The server I'm looking to migrate initially is ADC1

1.      Move services to ADC2
   a.          Move RD Licensing Server
   b.          Move DHCP (or test if we can use the failover DHCP (ADC3) server)
   c.          Migrate FSMO roles
2.      Backup Certification authority on ADC1
3.      Find out what KMS keys are used on ADC1
4.      Remove Certification authority services from ADC1
5.      Turn off ADC1 and test connectivity and logons.
6.      Turn ADC1 back on.
7.      Demote ADC1
8.      Remove all entries for ADC1 from DNS and AD schema
9.      Create new 2016 server (with same IP and name as removed DC) and promote to DC
10.      Upgrade forest schema to 2016
11.      Install certification authority on new DC and restore from backup
12.      Reinstall KMS and keys on new server
13.      Move DHCP back to ADC1 and ensure failover is still working to ADC3
14.      TEST DNS and AD replication.






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.