Articles & Videos



The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

TCP IPv4 Primary DNS server address change to a specific IP address (Google Public DNS, but still we are not able to find out actually route cause for the same.

•      Scanned the anti-viruses
•      This is a non-domain as Workgroup
•      Windows 2008 R2 64 Bit
•      Not getting proper Event logs
On Demand Webinar: Networking for the Cloud Era
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

I would like to setup redirection from a server that host a site to a different server that host a landing page in IIS.  

How do I setup a redirection in DNS and on the new site?

OLD URL: https://abc.domain.com
NEW URL: https://portal.domain.com/Test/Landing
Hello Experts-

I am having some network issues starting a few days ago.  Initially I thought it was a DNS issue as the webpages would fail to load then immediately load once refreshed.  I noticed a few DNS log errors in the even viewer as well.  Upon checking the DNS server and NIC it seems to be ok.  An nslookup will sometimes point to the correct server and address sometimes and others it will time out.  Next I started looking at connectivity from the servers and the weird thing is we still have internet connectivity, albeit not perfect but it will load the pages 90% of the time but ping results to the DHCP and DNS (separate servers) are intermittent with a 50% - 75% loss rate, other times they will ping perfectly.  Pings to the gateway seem to always go through.  I am a little befuddled on what is going on.  I am leaning towards the switch that everything is connected to is having an issue but that'd be odd since its less than 6 months old... not impossible though.  Both servers are Windows 2008, the majority of the clients are Win7 and Win10. Any thoughts would be appreciated.  Thanks!
I have two Ex2016 servers.
I have had a problem for the past two days that I believe is related to my reverse DNS record.

Please tell me if my thinking below is right.  IP address are not real

So, I have two Ex 2016 mail servers. and
My MX record domain is mail.myserver.com and it's set to flow mail to
I have two PTR records set up and both point to mail.myserver.com (maybe this is the problem?!)
I have receive connectors set up on both machines with the FQDN of mail.myserver.com

But ..
Say if I try to send mail to an outside server that checks my rDNS. Let's say the mail goes out of my  second server,
So the receiving server, lets say gmail, checks to see if resolves to mail.myserver.com -- IT WILL!
Next gmail checks to see if mail.myserver.com resolves to -- IT WON'T, because it resolves to (MX record pointing there)

I am having a big problem with Gmail. WHen we send messages to gmail they are telling us we don't have a reverse dns PTR set up. But we do.

I find this amazingly confusing. How can I have two mail servers be allowed to send/receive mail for the same domain and yet not have a reverse PTR issue with someone like Gmail.

Hope I explained this well. I've been staring at this problem for two days straight so I am a little out of it.

Should I create a second domain name (mail2.myserver.com) and a separate PTR record and have that FQDM be in the receive …

I've setup a few GPOs which I've been doing for years now, this is the first time I've come across this issue.

my Clients are not picking up any GPOs. Wsus, mapped drives etc. when I run a gpresult/h gpreport.html it shows no police's as being deployed.

any advice is welcome
I have an ADFS server farm consisting of two ADFS backend servers and a single ADFS Proxy server.   All servers are running Windows 2012 R2 and are all patched.  The two backend servers are fine.  They are members of an NLB cluster, and the ADFS main address resolves to the NLB cluster address.  The internal DNS resolves the name adfs.xxx.com to the backend ADFS address, and the external DNS resolves STS.XXXX.com to the external ADFS Proxy machine.

If I go to the ADFS backend servers and type https://adfs.xxx.com/adfs/ls/IdpInitiatedSignon.aspx, the log on page displays.  If I go to the ADFS proxy server and type https://adfs.xxx.com/adfs/ls/IdpInitiatedSignon.aspx, the logon page displays.

If I type https://sts.xxx.com/adfs/ls/IdpInitiatedSignon.aspx from any computer, inside or outside the network, I get:

"Can’t connect securely to this page
This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner"

I have installed a wildcard certificate on all ADFS servers.

The Event viewer on the ADFS Proxy servers show "The federation server proxy successfully retrieved its configuration from the Federation Service 'adfs.xxxx.com'.".  The Operational Status in the Remote Management MMC on the ADFS Proxy shows that it is working.

Everything appears fine, with exception of the the error that I am getting on the ADFS Proxy server.

I am out of ideas.  How can I troubleshoot this?
We have two Xenapp 7.8 servers.  3 DC's.

I shut down 1 DC to replace the battery in the backup unit.  After it was off, no one could connect to Citrix.  I've checked the DNS settings on all Citrix related servers, and all DC's and they are correct.

The shut down of the DC did affect the local computers only Citrix.

Where do I start looking for the issue?
We have a customer with a very small network, 1 x Server 2012 R2 server and 3 pc's. Everything has been fine up till this last couple or 3 weeks. All the PC's (1year old) lose DNS resolution but not all at the same time but within a few minutes of each other. So when running an nslookup it does not resolve either internal pc's names, internal domain name or internet lookups. Although if you do any of the following it works immediately:

Removing the network card and reinstall
Unplug the network cable
A reboot
Replace the network switch.

This will work for a while, maybe a day or less then we are back to square one. The Server NEVER has this issue and there is no information that indicates an issue in the logs. We have Server monitoring and we never see the server dropping either for a short while or longer.

Any Thoughts?

I am moving to 365 for exchange, I already use it for Office and Skype.
To use Skype with my on premise synced AD account I need to add
SRV records
Type      Service                     Protocol         Port      Weight      Priority      TTL                Name                                      Target
SRV       _sip                                _tls          443      1              100            1 hour      domainname.com      sipdir.online.lync.com
SRV             _sipfederationtls      _tcp         5061      1              100            1 hour      domainname.com      sipfed.online.lync.com

CNAME records
Type      Host name                                              Destination                             TTL
CNAME      sip.domainname.com                              sipdir.online.lync.com             1 hour
CNAME      lyncdiscover.domainname.com      webdir.online.lync.com     1 hour

My issue is that I am already using   _sip and sip.domainname.com   for my internal  VoIP communication and target points to my VoIP server.
Is there a issue to add the second SRV  _sip and CNAME  sip.domainname.com  and point to sipfed.online.lync.com, will both Skype and my internal VoIP  work ?

We have primary and Secondary domain controller + DNS servers. Primary Domain controller DNS server service terminated unexpectedly with following system events 7031 and 7034(The DNS server service terminated unexpectedly) and application events 1000 and 1001 for DNS app crash.

We have done following troubleshooting

1) Tested the replication from GUI by creating test user in primary DC, it is created in secondary DC.

2) Run the command repadmin /showrepl, but replication to Secondary is showing unsuccessful.

3) Followed the below article to troubleshoot DNS issue (Event ID 7031 in system and 1000 in Application)



4) Try to run below hotfix, but showing not applicable



5) Tried to install following Security updates MS15-127 - Critical, but shows already installed.


6) Run the below command as per KB

dnscmd /Config /DsMinimumBackgroundLoadThreads 0

but shows following error

C:\Users\administrator>dnscmd /Config /DsMinimumBackgroundLoadThreads 0

DNS Server failed to reset registry property.
    Status = 1722 (0x000006ba)
Command failed:  …
Turn Insights Into Action
Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

(First time user. Dunno how it works. Expect to pay for help. Expect quick and useful help)
Concerned about blacklisting.
Do I need to setup an SMTP server?
On VPS or dedicated?

I also use other hosting. I am expert. Looking for Godaddy, but also generic answer.
Hello Experts. I am not a networking person, but know a bit about networks. the attached question has me puzzled. please assist. thanks in advance.
We recently changed our main DNS server to a new one (windows 2012 r2). Since then, we have had a few sporadic issues either way browsing to particular websites or even emailing particular clients using MS Exchange (on premesis).  Previously, we were using trusted forwarders (2 servers, one being the old dns server and another branch office's dns server as secondary). When we set up the new server folks were unable to get anywhere when browsing the internet probably due to the new server not having a cache of addresses? In any case i removed any trusted forwarders from DNS and set it to use Root Hints which really helped in terms of website browsing. I don't think it completely fixed the issue as certain websites are still unavailable to us unless we static the user's dns settings to our primary dns server and google's dns ( as secondary. That helps but it just seems that i'm missing something. Our email server will have an occassional issue in delivering email to a particular client that we could always email before the dns change and it seems like it never leaves our organizations email server. We don't have any outgoing email filtering so i'm not sure if there is some kind of dns setting that i'm overlooking? Any help is appreciated with this annoying issue. Thanks experts!
query behaviour for dns delegation if confgured 2 forwarder
Having issues when logging from client pc's. When user logs in a .000, 001,002 appears at end of user account. Even in the server when logging in as admin there is a .001 after account name. Also domain account appears now with 2 or 3 after domain name. Lets say domain is trans.com it now shows as trans.com 2 on some client pc's and on the server it shows as trans.com 3. There was an issue a few days ago. Someone other so called tech came and supposedly reset the server. Not sure what he did but I was told that he cleared ASDC, DNS & File Directory and reinstalled it again? But I am looking for a solution to try and get the server and clients back to normal. Any help would be appreciated.
I have a whitelist like this...

*.slack.com, *.slack-msgs.com, *.slack-files.com, *.slack-imgs.com, *.slack-edge.com, *.slack-core.com, *.slack-redir.net

The way I have my web filter set up I can't whitelist by stars.... Is there a way I can perform a dns request that would find out what all subdomains are currently defined for *.slack-files.com?  If I can do that I could write something that would do that every 5 minutes and update my hardcoded white list.  

is this possible?  thanks!
I know this is okay but I wanted to see if anyone could explain to me why our conditional forwarders do not resolve the "Server FQDN". I attached a screen shot. The conditional forwarders are on a domain that is setup on a trust relationship.

Everything else resolves and validates.
I have two Exchange 2016 servers. Ex2016-1 and Ex2016-2.
I have DNS sending mail to Ex2016-1
On the First server 'Ex2016-1, I have a third party spam application.
Up until I installed the second server, the spam software was working well. But users are telling me spam that should be being blocked, is getting to them. I checked the header on these messages and see it's coming from Ex2016-2. It's External mail.

So, first, I am confused about this. Because I have DNS pointing mail to Ex2016-1, so why is it bypassing  Ex2016-1 and going right to Ex2016-2 ?
Second, I need all the mail to route through Ex02016-1, so it will go through the spam software. What is the best way to cause this to happen,  disable the Frontend receive connector on Ex2016-2?

While running a network trace for a workstation slow login issue, I notice two lines for ldap queries which failed

1)  _ldap._tcp.<SiteName>._sites.<serverName>.<DomainName>   Response: Flags:  Response, Opcode - QUERY (Standard query), AA, RD, RA, Rcode - Name Error

2)  _ldap._tcp.<ServerName>.<DomainName>  Response:  Flags:  Response, Opcode - QUERY (Standard query), AA, RD, RA, Rcode - Name Error

I do understand how the workstation DC location services finds a local DC on startup.  But confused as to why both queries list a DC specifically and do not mention msdcs??

All DNS records are present and have run dcdiag and confirmed replication is running as well.

Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

i have 1 default lan and 3 vlans.
setup on our watchgaurd firewall
vlan10 ip address dhcp relay to the dns server
vlan 20 ip address dhcp relay to the dns server
vlan 30 ip address dhcp relay to the dns server

On the dns server i have the 3 vlans with thier own scope and in thier scope options i have the router set to
vlan 10
vlan 20
vlan 30
in the dns server routing and remote access i have the ipv4 dhcp relay agent set to,,,

all of our switches have the vlans setup also
any time i connect a pc to a switch that has its port set to any of the vlans it gives a bad ip address, 169....
anything on our defualt lan works

for a while i was getting this error on our dns server event viewer.
IPBOOTP was unable to receive an incoming message on the local interface with IP address The data is the error code.

i restarted and also deleted and created the routing and remote acces dhcp relay agent
I dont get that error code any longer but the vlans still dont work
We currently have our DAG setup with 2 exch 2013 servers. Right now if the dbs flips over to the passive node, we have our network guys make the switches on the routers so that it now points to the passive server instead of the one that was active, because there is only 1 outside IP address.
Now we are going to add another external IP address so that in the event the dbs ever fails over to the other server, we don't have to have the network team make any changes. They are going to set this up with the second external IP address..
My questions is, do I have to make any changes in the external dns for this to work or with the internal dns?
I have multiple Windows 2008 domain controllers and DC have DNS and DHCP role on it. I am planning to demote one domain controller (FSMO role in another server). It has DHCP and Integrated DNS installed. What steps I needs to take to remove DNS from this server other than dcpromo?
We have a web application that uses the client email to send email 'from'. We want to add an SPF record on the client's DNS (text records) to allow this. I need to confirm the syntax before I do so.

v=spf1 a mx a:mail.domain.com mx:domain.com ip4:XX.XX.XXX.XX ~all

Open in new window

"domain" being their domain name
XX.XX.XXX.XX being the IP of the server that hosts the web application

Please let me know if you think this looks correct or if any changes are needed.. Also what is the difference between mail.domain.com  and  domain.com
Hi All,

I have a quick question I hope you can help me to fix.

Environment: I have an environment where I have installed a new AD and the domain name is something like corp.example.com

As a NETBIOS name during the AD install wizard I did choose "example" to make things easier and consistent with the public DNS name. The public DNS registered is example.com and there is public website running with example.com already hosted by WordPress and DNS registrar is GoDayddy.

Issue: Internal host names are not resolved properly with NSLOOKUP

1. Hostnames are working fine

2. IP Addresses are working fine

3. FQDN are NOT working fine. They are resolved with internal domain appended to external domain name.

eg. "VM1.CORP.EXAMPLE.COM" returns VM1.CORP.EXAMPLE.COM.EXAMPLE.COM and public IP Address registered with the website DNS Provider

4. FQDN with a trailing "." are working fine

eg. "VM1.CORP.EXAMPLE.COM." returns the correct IP Address as expected

Configuration: AD/DNS server is pointing at itself. NO forwarders configured. AD is pointing at an internal Gateway. This gateway is configured to talk with the internet using a different network through a separate Router connected to the internet.

My question: It's obviously not a question of routing but I dont understand why DNS forwards queries for FQDN names to external DNS servers considering that "A" and respective "PTR" records are fully registered and working on the …
What is a quick but definite test to run from the Linux command line to check if dns requests are being hijacked. The test should not require having to change the dns servers for the device that the test is being run from.





Articles & Videos



The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.