The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

Anyone knows how to import txt zone file from BIND DNS into Windows DNS?
Get 10% Off Your First Squarespace Website
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

How to get the correct detail for DKIM and SPF from vendor domain to add to TXT record for  our domain so vendor can send as us and not be blocked as spam.
Hi. thanks for looking at this problem.
An external vendor does mail outs for us.
When they do mailouts their emails sent as name@ourdomain.com get blocked since it isn't our domain sending the email.
I understand we can add their DKIM information as a TXT record to our DNS to make their domain trusted to send as us.
Do you know what detail it needs?
I have found this article

I have gotten the vendor detail from the message header of an email they have sent as us.
I can do an nslookup like this:
nslookup -type=txt "vendorselector"._domainkey."vendordomain"
and it comes back with a text record like:
v=DKIM1: p=sdfasdfafasdfasdfasdf
but there is no K or H value.
the other TXT records I have seen for DKIM have at least a K value which seems to be mostly RSA

Does anyone know if I do this kind of NSLookup and it returns that TXT record, if that is all I have to put in our DNS?

Normally I would just ask the vendor for this detail, but they don't seem to have the will to gather it.

Is there a limit to the # of ip4 mechanisms included in an SPF record?  From what I'm reading, the limit is 10 DNS lookups, but excludes the ip4 mechanism.  I need to specify 20 IP4 addresses, so will the following SPF record be valid?

v=spf1 ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: include:spf.protection.outlook.com -all
DNS / Website issue...

website is lets say:  www.mywebsite.com.au

my internal domain is : mywebsite.local

my website doesn't load correctly. so i thought maybe its a dns issue on my server so i added an A record pointing to website IP.... nothing worked....

any ideas?
I have a ESX host 5.5 and it is being moved to a different domain.  when modifying the dns settings and applying. it keeps reverting back to an older DNS record.  The host is not even connected to the network.  I did try /etc/init.d/nscd restart and that did not resolve.  We do have the option of reinstalling hyper visor but trying not to.  Any thoughts?
We look after a number of clients with Exchange 2010 (Predominately SBS2011)

We are IT proficient and know our way round IT - however
One particular client (Using Exchange 2010 SP3 Rollup 20) is having an issue where some emails being sent-in are bouncing.
We have identified that emails sent through Symantec’s Messagelabs.com are the ones failing.

The bounce message is as follows:

Reason: 550-Please turn on SMTP Authentication in your mail client.
550-mail1.bemta6.messagelabs.com []:45986 is not permitted to relay through this server without authentication.

As we are fairly clued up on IT as a matter of course we have checked the following:
IP and Domain are not blacklisted – At all.
There is a valid Reverse DNS / PTR Record in place
There is a valid SPF record in place

As we or our customer are not users of Messagelabs we are reliant upon one of the senders helping us out and they have advised of the following:

This is the reply from the IT department of one of the businesses that cannot send successfully:

As discussed, the bounce backs are caused by the recipient’s server requesting SMTP authentication, however Symantec email filtering does not use SMTP relay server to send emails and is not able to provide SMTP Authentication

To allow the emails to send the email server that the email address abc@xyz.com uses will need to make changes to stop it requesting SMTP authentication. Once this has been removed the emails should
I'm having issues with emails not being delivered after Office 365 migration, I have made a migration to Office 365 and all the DNS records have been correctly added to GoDaddy, however, I have noticed that emails from Gmail specifically are not getting delivered, nor I get a bounce back, it has been 16 hours, any advice?
I have 2 authorative public DNS servers(ns records)
Primary is on site(windows server) and secondary is at ISP.
If I add record on primary public dns is this record replicated to secondary at ISP?
Is this option for replication on primary public dns windows server?
I migrated from a 2008R2 DC to a 2016 DC.  All FSMO roles moved successfully.  All queries return the correct values.  When demoting the 2008R2 DC it fails at "Active Directory Domain Services could not transfer the remaining data in the directory partition DC=ForestDNSZone...... to the new 2016 DC.  If I run a cmd for dsquery fsmoroleowner, it shows an old servername that was in place long before I acquired this client, possible failed migration.  I have scoured the DNS and ADSEDIT and found noting referencing this old DC name.   I am unable to find the old DC how should I proceed?  Manual removal of the current 2008R2?  How should I proceed?
Hi, I seeking for advice on how to find out where I getting from DNS entry (who is the source).
We having multi domain environment here the DNS server's number around 15 and I having difficulty to find out who reporting back specific entry.
Core issue:
Workstations registered to domainA as  ws001.domainA.com  but for some it looks like also having A record under domainB's DNS (unknown reason) because when I ping the FQDN  ws001.domainB.com  I also getting response. (shouldn't be like that).

  • On the client the configuration looks OK , registered to proper DNS server and proper DHCP server. (OK)
  • On DHCP server scope it's pointing to to DNSserver1 (OK)
  • NSLOOKUP - answer for ws001.domainB.com coming from DNSserver1.
  • On DNSserver1 If I looks under zone domainB there is no record of ws001.domainB.com  
  • If I check the DNS servers that are in  (NS) entries in that zone domainB one by one non of them having this ws001 record.
  • No DNS cached on any DNS server holding ws001
  • Checked all the 15 DNS servers that under the Name server list - nothing

How can I trace back to the source of from where DNS server getting that record ?
Any advice might be helpful.  
Easily Design & Build Your Next Website
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

I am running nginx on a raspberry pi.

I want to run it as a reverse proxy.

I have multiple servers running ssl and one needing forwarding on multiple ports (2195,2196,5228,5229,5230,38880,38881,80,443)

My question is two fold.

Is this even possible? in other words can you forward ports that are non http based ports. For example ports other than 80 8080 443 stuff like that.

I own a domain linked to a dynamic DNS service so I have *.mydomain.com available (* being anything I want it to be)
DNS expert out there, I have a couple of question; hope you will clear my doubt?
We have multiple sites with single forest (mydaomin.com). Each site, with separate subnet (site A, Site B, etc.).
We have DNS installed in the DC at each site. Is DNS-Zone is a single file consisting of all DNS servers?
And also Will the logs at server A under c:\windows\system32\dns\dns.log is same for Server B?
Hi All
we have a strange issue, our employees used to access a  particular website but it now its not working properly in our office client machines, but it works perfectly on our DC(Roles:AD,DNS,DHCP) & Application server. but no client PC is able to access this website from our office, it will start work on client PC once we open the site from DC,  after 15 to 20 minutes, we have to refresh it again from DC in order to work for client PC, so appreciate if anybody can throw some lights 1. Site work perfectly when you try from DC2. Firewall is not blocking  any site 
we have three locations connected together through  ISP , and we have  two Dc's  one DC  in location 1 and Dc in location 2 .
in location 3 recently we face one problem in outlook connection need about 15 minutes to connect to our exchange server (available in location 2),also when i pinging sometimes on the Dc in location 2  no any reply received  .
all Pc's in location 3(we have only 5 Pc's there) have Static IP and using the DNS for Location 2 .
 is it  better to configure DC in location 3 or not ??
karbores target resolution error
Following the narrowing down of an issue that seems to be purely DNS related with a client. I am looking to rebuild the DNS if this is at all possible.

Some tips on how to do this along with other associated tasks would be great.

Just for those who are curious, I could ping to sever and connect to shares by ip etc. I did re-add the forwarders after removing and they wouldn’t verify until I rebooted the modem which I thought was interesting.
I can't see all the machines on the network on a new DC we set up. I can map to them and ping them, just cant see them all in File Explorer/network. I have a network that we just took over, the previous admin used a domain.com for the DNS / server name that the company does't even own. So to get around the issues we set up static routes for the internal servers. This seems to work fine on the current production server that we will be migrating to a new production server. It can now see all the machines on the network and they show up in File Explorer/network. I have checked all the obvious things, sharing is enabled, all the proper services are running etc. The DNS records between the new and old server match.

So what we have is as follows.

Current server 2008r2: Had to add an a record to point the domain.com to the internal IP now it seems to be working, it can see all machines on the network when you open file explorer.

Old Exchange server 2008r2 that use to be the production server: Moved mail to hosted solution, now it only has data on it that we will be moving.

New server 2016: It will be the new production server to replace these older servers. We added it to the domain, made it a DC. I didn't want to go any further because I can only see a handful of machines on the network. Oddly enough the same machines on the old exchange server are the same machines I can see on the new server. I'm sure I am missing something simple here?

Just strange I can see all…
Hi, we are setting up a brand new Win2016 Standard server mainly as a file server with RDS.  Should I setup Active Directory as "company.com" or "company.local"?  There is no Exchange server but we would like to have SSL certificate for the Remote Desktop Gateway.  Something that came to mind for Remote Desktop Services access is to setup a sub domain called, "remote.company.com" for our remote desktop users.  Thanks.
DNS logging is not working for a 2008R2 server

Any advice on steps to reenable DNS logging?

Do i need to change or remove scavenging rules for this server , if so whats best practice for this

Free Tool: Port Scanner
LVL 12
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

hello everyone !!!
                              i am implementing exchange 2016 on server 2012 r2 for testing. i am able to send email from one mailbox to another in my local network. all i need to configure my public dns and local dns record. my email also not delver from my exchange to other domain like gmail. i got the following massage.

Delivery is delayed to these recipients or groups:

mohit.saini101@gmail.com (mohit.saini101@gmail.com)


This message hasn't been delivered yet. Delivery will continue to be attempted.

The server will keep trying to deliver this message for the next 1 days, 19 hours and 59 minutes. You'll be notified if the message can't be delivered by that time.

Diagnostic information for administrators:


 Remote Server returned '400 4.4.7 Message delayed'

Original message headers:
 EXCNLG.CONTROLPRINT.LOCAL ( with Microsoft SMTP Server (TLS) id; Thu, 15 Mar 2018 16:31:52 +0530
 ([::1]) with mapi id 15.01.0225.041; Thu, 15 Mar 2018 16:31:52 +0530
From: mohit saini <mohit.saini@controlprint.xyz>
To: "mohit.saini101@gmail.com" <mohit.saini101@gmail.com>
Thread-Index: AQHTvEDbtJyYA/WnZ0umgkO0ytMrhQ==
Date: Thu, 15 Mar 2018 11:01:52 +0000
Message-ID: …
Hi, we are using windows 2012 R2 environment,

My question is Does Normal AD account will have access DNS console using RAST tools.. to Read Access on DNS zones
Can anyone tell me what entries I should give in godaddy DNS for site example.com?

www.example.com is loading from cloudfront origin with ssl however, example.com is loading directly from server without ssl. Looks like synchronization problem between cloudfront and origin.

There should be only 1 site https://www.example.com and only 1 origin. Everything should redirect to it only.

Cloudfront distribution with custom wildcard ACM certificate installed. Server ip address in A record. Cloudfront domain name in cname record.
When my client sent email to external companies some time it goes to junk.
So, i got request from my client to increasing reputation of the domain.

My client is checking reputation by going to "http://reputationauthority.org/index.php"   (Watchgaurd domain)

I have no idea on how we can increasing reputation of domain ? or is it possible ?
This is an odd problem we are currently having with just Gmail business accounts. We are having no issues receiving email from any other domains. These hosted business accounts are all getting this error:

DNS Error: 5253683 DNS type 'mx' lookup of domainname.com responded with code SERVFAIL

What's even more odd is that some of the mailboxes from a hosted account can email us while others can't.

Our domain record on MXTOOLBOX doesn't show any obvious errors with our DNS.

Our email is hosted by a cloud service.
Hi guys,

Tonight we were installing some Windows updates on a server running Windows Server 2012 R2 with Exchange 2016. During the installation the server became unresponsive so after a while we decided to hard reset it. When it came back online everything seemed fine at first. The update manager even noted that all updates had been installed correctly. But none of the Exchange services wouldn't start. The eventlogs were packed with all types of errors that we're pointing towards network connectivity issues.
We tried all the standard solutions for testing and fixing network issues, like checking DNS server, "net view" and "net use" from the broken server to other servers; everything seemed to be functioning correctly. It' wasn't until we ran the "nltest /dsgetsite" and were getting the error:
Getting DC name failed: Status = 1919 0x77f ERROR_NO_SITENAME
We checked the registry and noticed the "DynamicSiteName" key was missing.
For the sake of testing we manually created the key and watched as Exchange services start up. But halfway through they stopped starting up. It turned out the DynamicSiteName key had removed itself from the registry again. Once again we recreated the key and this time Exchange was able to start up completely and started functioning correctly again.
The problem was that the registry key was gone again. Everytime we create it, it deletes itself within seconds.

We're not sure what to do about this. Exchange currently remains to …






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.