The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

We're having some issues getting to our website from inside the network. The website host crashed this past week. We moved our website server to a new host. I changed the IP in the DNS area, but it still won't connect. The site works fine from outside of our network. The domain is the same internally as externally. companyname.net   so when I go to ping www.companyname.net it shows the updated IP internally but for some reason the site isn't coming up. The old site isn't either. The site refused to connect is what I see.
Become a Certified Penetration Testing Engineer
LVL 12
Become a Certified Penetration Testing Engineer

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Migrating from On-Prem Exchange to O365.
Using MigrationWizz to migrate to O365 from On-prem Excahnge.
Have done this before several times. But one issue is that domain joined pc's will allways try local Exhange first if one have existed (listed in global catalog \ schema?)
We have solved this by adding a reg key (HKEY_CURRENT_USER\Software\Microsoft\Office\(version Number)\Outlook\AutoDiscove adding  a ExcludeScpLookup with value 1)
This time it's 200 pc's so looking for a more "central" solution.
vageuly recalling doing it with ADSI on the Domain Controller, deleting the SCP record (ServiceConnectionPoint)

Any other \ better way og forcing the clients using the AutoDiscover DNS record?

Thanx alot
BGP and DNS implementation

If I understand BGP is used when you have 2 Primary links to 2 separate ISPs, so that your Customers can reach your services in your LAN.
Though in some articles , they say  it is also used when you have 2 Primary links to 2 separate ISPs to reach other sites ...Not sure this is correct..please shade some lights on this.

Well, in either cases mentioned above , I believe with Public DNS , you still can make Customers reach your LAN or you can reach their LANs.

So how BGP is different from DNS ?

Thank you
Does anyone know why a Sophos firewall would suddenly stop providing proper DNS? We thought it was a Verizon issue, but the traceroutes I'm running stop at the firewall? I checked the DNS entries and they read like the Sophos site says they should.
For a couple of weeks I am having an issue with out exchange 2013 servers.

we have two exchange 2013 CAS servers and two Exchange 2013 mailbox servers. email to the internet is routed through cisco IronPort located in the DMZ. emails to the partner domains is routed directly through wan links and there are connectors for the partner domains.

we are receiving complaints from users that mails are not being delivered from partners domain to out domain and the some users have provided evidence of that. but when we test emails seems to be going but with some delay. it looks like emails with attachments are having issues more that emails without attachments. some emails are missing and not all mails.

there seems to be some problem now since a few days that emails sent to Hotmail are going in spam and some times emails to domains like Gmail are not being delivered (Authentication errors).

there has been no change from our side and now we are having all these issues.

as far as the dns name registration is concerned we have mx records configured only without spf records and it has been like this since the beginning. and we had no issues. fixing the spf records is gonna take time as we have to go through the HO.

I have this issue and lots of tickets related to these issues. any suggestions highly appreciated.

   I have two servers one server 2012 r2 and one is 2008r2. Both of them have randomly started asking to activate windows, but neither will activate. They both spit out the KMS server is unavailable. I have ran nslookup -type=srv _vlmcs._tcp, which gives me the results:
 Server: UnKnown

***UnKnown can't find _vlmcs._tcp: non-existent domain

This the same on both sever. The 2008 is the DNS server which has the ip of

I have tried running all of the slmgr.vbs comands via command prompt and cannot get any of them to work.
We get calls from people who cannot get to a website, say cnn.com.  The cursor will just spin and the request will time out.  This happens intermittently.  We called level 2 support, and they claim that the requests are not hitting their gateway, but I am not sure this is the case.  I'd like to provide some hard data to level 2 support with a tool like wireshark, but I don't know how to interpret wireshark.

Is there a tool that is a bit simpler than wireshark that can tell me where exactly where the hold up is?  I have looked at a tool called DNSQuerySniffer, but it looks like it stops at my internal DNS server.  I have also tried a simple tracert, but tracert hops timeout on sites that are working, so they are not reliable.  

We do have company internet filters in place (fortinet), but they are managed at level 2 so I don't have access to their logs.  I am also told that there are a few old DNS server records in my forward lookup zones, but they have been there long before this problem began.  

Thank you!!
I have a developer that has asked me to create two DNS  entries,


I created them, but  they are not coming up when I ping them. Here's what my DNS manager looks like.

So the entry is created, as it's evident in the picture.
When I do a ping ministry.undev.domain.com I get the error "ping request could not find the host ministry.undev.domain.com. please check the name and try again"

When I do a ping undev.domain.com it works fine, I get replies

Is it because with DNS, it can only have one 2 periods, like xxxx.domain.com   or did I do something wrong?
I have outlook 365 and am tyring to add a CNAME to my DNS to be used with Outlook 365 for DMARC and DKIM but I don't know what to put as the ALIAS.

My DNS is managed by Network Solutions, but they said that I need to know what ALIAS is to be used with Outlook 365.

Does anyone know what this could be.
Let me explain our server setup first .we have three domain controller in our Head office and one Read-only domain controller at each site office. All DC and RODC servers are also Global Catalog server, DNS server and DFSR namespace server. There is VPN connection between site office and head office.
Active directory sites and subnets are configured. Each Active directory site is configured with that particular site RODC.  Namespace folders are configured with multiple folder targets. Employees are getting access to local targets automatically as they move from HQ to site or site to site
My problem is, When VPN is connected if I type our active directory  domain in ”run” from any site office client pc or  from server (\\XXX.XXX.local) I can see SYSVOL, NETLOGON, DFSR namespace, ETC . If VPN is not connected domain name doesn’t resolve and I don’t see anything .If I ping to AD domain from site office when VPN is connected I am getting reply from head office DC, without VPN I am not getting reply, I am not sure if it is supposed to be like this.
Recently we started to use domain based namespace for file sharing, so whenever VPN gets disconnected all mapped network drive becomes unavailable.
Introduction to Web Design
LVL 12
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

I have two 3750 switches that are connected and working but here is my only issues. By the way I am very new to networking so please excuse me being naïve .

My issue is when I have a machine on a different subnet other than the main one 10.46.72.x DNS does not resolve even though I manually add and with a DHCP scope that I removed will not work. Can someone please tell me what  am doing wrong. Here is a copy of the config


User Access Verification

Base-sw1>show running
Base-sw1#sh ru
Base-sw1#sh running-config
Building configuration...

Current configuration : 3753 bytes
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
hostname Base-sw1
enable secret 5 $1$lwLf$CJoNDGBl4Ck6AAm/woBVM0
enable password secret cisco
no aaa new-model
switch 6 provision ws-c3750g-24ts
system mtu routing 1500
ip subnet-zero
ip routing
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
interface GigabitEthernet6/0/1
 switchport trunk encapsulation dot1q
 switchport mode trunk
interface GigabitEthernet6/0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
interface GigabitEthernet6/0/3
 switchport trunk encapsulation dot1q
 switchport mode trunk
interface GigabitEthernet6/0/4
 switchport trunk encapsulation dot1q…

I understand that there is  HealthMailbox in Exchange 2013.

Based on the message logs, there are a lot of email coming from contoso.com. I don't know why domain shows as consoso.com.

Would there be any issue if we delete HealthMailbox ?
What would be the impact on mailbox of the user if we delete?

Dear Experts.

Need help on firewall ports requirment.

I have two different forest tbd.nal.nl and nsk.pwd.uk entity within same organization (no child domain).
Request experts help to suggest what are the ports minimally required for forest trust to work.

1. List of ports to be open in firewalls for forest trust.
2. Ports to open between forest domain controllers tbd.nal.nl and nsk.pwd.uk.
3. Do we require to ports to open tbd.nal.nl clients to forest nsk.pwd.uk domain controllers and viseversa, if yes can help us list of ports to open.
I do not have an issue but was wondering if you guys can list out some projects, problems or tricks you have done with Window DNS. I am trying to become more stronger in this area. I have a few but was trying to add to this.

Round robin DNS---Good for load balancing
Alias -- have used for a very long server name to shorten this for ease of use.

As part of a local football club, I email out newsletters through Campaigner from our club's email address to subscribers of newsletter which details news for the club.

There are 250 people who receive the newsletters and they had subscribed to the newsletters themselves.

Until recently, these newsletters were delivered successfully each week.

For the last few weeks, these newsletters have been sending to the subscribers' spam folders.

To fix this problem, we set up or DKIM and SPF records correctly for Campaigner.

This week 4 out of 250 people received the newsletters correctly.

Mostly all of the subscribers use Gmail.

If all subscribers put in the club's email address, where newsletters are sent from, into their contacts in Gmail would that solve anything?

What are your thoughts on this matter?

I had this question after viewing DNS Amplification DDoS Attacks.

IN this case i work for an ISP company....What do you advice as a possible fix
We have 2 Server 2012 r2 domain controllers running in VMWare. File replication has been failing with the following event viewer error on DC2 :

Log Name:      File Replication Service
Source:        NtFrs
Date:          1/3/2019 10:14:44 AM
Event ID:      13555
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      MB-DC2.ad.xxx.com
The File Replication Service is in an error state. Files will not replicate to or from one or all of the replica sets on this computer until the following recovery steps are performed:
 Recovery Steps:
 [1] The error state may clear itself if you stop and restart the FRS service. This can be done by performing the following in a command window:
    net stop ntfrs
    net start ntfrs
If this fails to clear up the problem then proceed as follows.
 [2] For Active Directory Domain Services Domain Controllers that DO NOT host any DFS alternates or other replica sets with replication enabled:
If there is at least one other Domain Controller in this domain then restore the "system state" of this DC from backup (using ntbackup or other backup-restore utility) and make it non-authoritative.
If there are NO other Domain Controllers in this domain then restore the "system state" of this DC from backup (using ntbackup or other backup-restore utility) and choose the Advanced option which marks the sysvols as primary.
If there are other Domain …
Ok so im trying to understand how i can mask my domain name across different web hosts.

So my setup is as follows:

Godaddy hosts my domain name: example.com
Example.com name servers are set to digital ocean
example.com website is hosted on digital ocean
My app for example.com is hosted on azure at example.azurewebsites.net
I want to create some links from example.com to example.azurewebsites.net but mask the domain name so users dont think they are leaving example.com

Is this possible? I assume i need to do something with DNS records and then something on the webserver for example.azurewebsites.net ?
Hi Team,

Please help me to resolve this issue.

Please Check attached .jpg diagram of my infoblox environment.

1)      Earlier they had Microsoft server in all their location all individually working as primary and in sync with each other using Replica feature
2)      Now After infoblox when we make Microsoft role as secondary then only zone sync happens
3)      So traffic flows from Microsoft to infoblox, then from infoblox to DNS Proxy Forwarding and then to cloud
4)      We have told to install DNS Proxy Forwarding to get visibility of user based logs
5)      Also we have installed Reporting VM

1)      They are using infoblox just for DNS purpose only and not for DHCP
2)      They have individual DHCP servers on their different locations and their Microsoft DNS servers are acting as AD as well
3)      So whenever a new PC is added in domain or any PC changes its IP address a record is added in Microsoft but not on infoblox
4)      So for that we configured Updates on infoblox as suggested by TAC support
5)      Now the issue happening is that, when PC changes IP its earlier record is also present in infoblox and new records is also present, due to which when client connects to RDP he is redirected to another PC.

 For eg: - If A had ip- and after new lease allocated he has now ip as and is allocated to B, then there are four records present in infoblox
A- as static
A- as dynamic
B- as dynamic
B-earlier IP of B as static

Microsoft Azure 2017
LVL 12
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.


We would like to know how to check our SPF and DKIM records for our domain.

What is the best way in doing so?

Odd server things....

I will try to keep this short.

We got hit with a bit locker "virus", we think we got it taken care of but not sure....things are just not acting quite correctly.

This morning (why always in the morning) around 2am, it acted like the server rebooted....kinda.  I can find no shutdown in the event logs yet when running a net stat command it tells me the server started at ~2am.  For some reason the DNS service did not come up right, this is the only way I knew as users called, (joys of 24hr shop) and after restarting the dns service everything seemed happy and I drove in.

Nothing really jumping out at me as what the heck happened....however one thing I keep seeing in the security log is an audit failure...text posted below.

The path in question is just a share that scanned docs from the copiers go into, under that there are specific department shares that are more restricted, but at this root about everyone can get there.

I worry I did not get all of this "virus".

I have saved the event logs and will start to plow through them, hoping some can help with this.

A handle to an object was requested.

      Security ID:            NT AUTHORITY\IUSR
      Account Name:            IUSR
      Account Domain:            NT AUTHORITY
      Logon ID:            0x3E3

      Object Server:            Security
      Object Type:            File
      Object Name:            \Device\HarddiskVolume6\xxxx_General\Ricoh_Scanned
      Handle ID:            0x0
      Resource Attributes:      -

Process Information:
      Process ID:            0xb80
      Process …
Unable to Login to the Domain Problems....  
We have a bout 750 computer on the WAN and 200 LAN.  We get random users that say they cant login.  Error usually says, The Group Policy Client failed the sign in.  Access is denied.  
1. I login as local admin and get error in popup in the lower right, Windows could'nt connect to the System Event Notification Service Service.  
2. I try gpresult /r and get user does not have RSoP data.
I have found many people with a simular issue and found several different fixes.  These fixes only work for the time but usually come back..  I have used all of these fixes individually.  They all seem to work but have not found the root cause to cause the machines to come back with the error logging in.  
CMD: \>NETSH WINSOCK RESET = Worked, then came back
Removed and added back to domain = Worked, then came back
PowerShell: Reset-ComputerMachinePassword = Worked, then came back
Removed ipv6 – Fixed. Added IPV6 (Waiting to see if it will return)
A few have rebooted and it started working.[/indent]

Thanks for any help.  
I'm trying to assign IP address for stations 1-8. I have an HTA script to make a drop down list and based on the choice assign the IP address. I need to leave the gateway and DNS blank.
The code load form with drop list but I get an error when trying to assign the IP address. Please Help
code below for WorkstationID3.HTA :
  <TITLE>Set Workstation Name and IP address</TITLE>
    APPLICATIONNAME="Set Workstation Name and IP address"

Sub Window_OnLoad
      window.resizeTo 400,300
End Sub

Sub btn01_OnClick

Dim strIPAddress
Dim strSubnetMask

Set WshShell = WScript.CreateObject("WScript.Shell")
If WScript.Arguments.Length = 0 Then
  Set ObjShell = CreateObject("Shell.Application")
  ObjShell.ShellExecute "wscript.exe" _
    , """" & WScript.ScriptFullName & """ RunAsAdministrator", , "runas", 1
End if

    oElements = Window.StationID.SelectedIndex
    strProduct = Window.StationID.Options(oElements).Text
    strSubnetMask = ""

    Select Case strProduct
        Case "Station01"
            strIPAddress = ""

        Case "Station02"
            strIPAddress = ""

we have setup our domain same as our website domain mazcol dot om and our domain is mazcol dot om now whenever we try to access the website from the internal network but we it does not open what is the best practice a technical person says  to create a static hosting and redirect but that involve changing my host  or I should change our domain controller name internally what is the solution
Issues with Skype for business signing in due to DNS unable to find our server.  This is for a single user.






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.