DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

We have 3 DC's:
DC1, DC2, and DC3 for BigNet.Big.Ten.Edu (suppose to be visible just to Domain computers and servers)
and 2 NameServers:
 NS1.BigNet.Big.Ten.Edu and NS2.BigNet.Big.Ten.Edu
(We have control of the BigNet and Big levels of the domain... We don't have control of the Ten.Edu level)

After clearing out many DNS errors due to old/obsolete domain controllers that were found in the records (we had very slow logins),
I'm down to trying to isolate DC3 from showing up as a nameserver publically (as it is firewalled off to all except the Nameservers and Domain attached computers).
I'm in need of guidance in tracking down what we have set wrong.

Thanks,
Mark
0
Basic Requirement for domain network ?
0
Hi ,
In our Internet accounting system users redirected to hotspot login page (based on Mikrotik CCR1036 12G 4S and installed a star SSL cetificate) and when there is a congestion in the logon (more that 500 users attempt simultaneously,) many of users encounters errors such as "The web page is not available" or "SSL connection error".
In that time, DNS server (Bind on Ubuntu 16.04.2 server) cannot respond to nslookup query for hotspot login page (internet.xxx.yyy) in the troubled system (has time out to respond query).
Is there a SSL issue or DNS problem?


Best Regards
Zolfaghar
0
how to check domain name availability in javascript using jsp
0
hello,
i.ve scom 2016 and need to specify some service that i need to show using the visio to make dashboard. so if i need to check health of the DNS service in my 3 domains how can i do that and shall i choose. also if  i need to check the status of my DHCP subnets can i do that?
i'm using visio 2013 and the scom addin installed but it's for system centre 2012 does it make any effect?
also if i need to just click on the service from the visio should it gives me the status of this object only?
thanks
0
Twice in the past month our static IP has been flagged by the CBL as hosting malware. The CBL provides the source and destination IP but we have not been able to capture ANY traffic from our network to the destination IP provided. Here is what the CBL gave us:

Detection Information Summary
Destination IP	146.148.124.166
Destination port	443
Source IP	[xxx.xxx.xxx.xxx]
Source port	16997
C&C name/domain	kemonzura.gdn
Protocol	TCP
Time	Tue Dec 26 18:15:27 2017 UTC

Open in new window


The source IP is set on our WAN interface on our firewall (Sonicwall) and packet capture on the Sonicwall shows no outbound traffic to the destination IP. We port mirrored the switch port where the WAN port is connected on the switch and ran Wireshare against it and still no packets destined for the destination IP. We put a firewall rule in place to drop any packets destined for the destination IP and still we get listed.

In short, we have not been able to capture a single packet egressing our network and destined for the destination IP provided by the CBL. Is it possible to spoof the source IP? If so, how do you re-mediate?

We are thoroughly puzzled by this.

Below are the full results of the CBL lookup:

Results of Lookup
[redacted] is listed

This IP address was detected and listed 56 times in the past 28 days, and 13 times in the past 24 hours. The most recent detection was at Tue Dec 26 18:15:00 2017 UTC +/- 5 minutes

This IP address is infected with, or is NATting for a
0
I had this question after viewing ManagementException...User credentials cannot be used for local connections.
i have some problem with create dns in windows server 2016 standard.
{
ConnectionOptions co = new ConnectionOptions();
   co.Impersonation = ImpersonationLevel.Impersonate;
    co.Authentication = AuthenticationLevel.Packet;

   co.Timeout = new TimeSpan(0, 0, 30);
    co.EnablePrivileges = true;
    co.Username = UserName;
   co.Password = Password;
   _scope = new ManagementScope(String.Format(@"\\{0}\Root\MicrosoftDNS", server), co);
    _scope.Connect();
}

Open in new window



i have some problem with create dns in windows server 2016 standard.

    {
ConnectionOptions co = new ConnectionOptions();
   co.Impersonation = ImpersonationLevel.Impersonate;
    co.Authentication = AuthenticationLevel.Packet;

   co.Timeout = new TimeSpan(0, 0, 30);
    co.EnablePrivileges = true;
    co.Username = UserName;
   co.Password = Password;
   _scope = new ManagementScope(String.Format(@"\\{0}\Root\MicrosoftDNS", server), co);
    _scope.Connect();
}
and i have this error: System.Management.ManagementException: User credentials cannot be used for local connections at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode) at System.Management.ManagementScope.InitializeGuts(Object o) at System.Management.ManagementScope.Initialize()
---------------------------------------------
but this UserName and Password is admin.
please help me.i'm confused
0
I am a controls engineer with a server ready to setup for our production floor machines.  It is already setup as a esxi 6.5 based machine.   Mostly it is being used as a license server and interface for the controls team for outside access.  We have access to all of the server enterprise installations.  
We have a wide range of window flavors, ce, xp, win 7, win10.  Our Maintenance network (Running as a vlan) is accessible to EVERYONE in our company from Georgia to Spain to China and all plants in between.  We have plans to run a physically separate network but need a solution that will work in both scenarios (VLAN and physical) and will bridge the 2 while the network is being implemented, seamlessly (Within reason).

My question is this:
Is it possible to have a DC to setup a group policy for JUST our portion of the network so WE are in control of the access to our devices.  and which version of windows server or multiple instances, would be best to accomplish what I need.  We have a folder structure on our PC based machine that need to be accessible to our server and .bat file operations (backup processes).  ALL IPs are static so we will NOT need dhcp on the vlan, we DO have dhcp on the local portions of our machines (NATed out to vlan)

  We just went through a month of hell with wannacry attacking our vulnerable computers that were, up until we ended up with it, thought to be isolated from the network.
0
I have a HPUX system and I am using Sendmail on there.  The system generates around 500 email daily, however, emails to a certain domain, say @abe.com, do not reach the recipient's email inbox.  I also use an alias that does not have a public domain - so my domain try.com - is only seen behind a few firewalls that I do not control.  try.com is not public facing and therefore, does not have a MX record in DNS.

When first researching this issue, it was discussed maybe @abe.com firewall was dev null these emails because it has a rule to check the DNS for a valid MX record and if one isn't found, it believes it is SPAM and kills it.  Sounds feasible, but where would you look to see if the firewall actually has this rule?

Could there be anything else?  the Sendmail logs state that emails are sent successfully or at least sent.  There are no rejection messages that I can see in my logs.  However, the abe.com domain's log doesn't have any entries that a mail message was parsed from try.com and sent to dev null.

Any ideas?

Thanks.
0
Hi

I am running a Asus router with Asus WRT-Merlin as the firmware.

Until recently I always used Google's DNS servers of 8.8.8.8 and 8.8.4.4 rather than my ISP's as I thought for international traffic there was a slight speed improvement and that has worked fine for years.

However I recently moved to a new property and as per usual was using the Google DNS servers and everything is fine for a few days until my broadband starts getting really slow and if I go and change the DNS servers to automatically use my ISP's the broadband speed goes back to normal again for a few days until the same thing happens and then I again switch back to Google and keep repeating this process for months now.

I am fairly technical when it comes to networks but I can't figure out why this would be the case that I have to change the DNS servers three times a week to keep my broadband speed consistent. I know that DNS servers could be experiencing a slow down so it makes sense to switch DNS servers for a while but to have to repeat this on such as regular basis seems to apply there is a something else up with either my broadband connection as a whole or my router. It's not such a hardship to make the change but would rather not have to do it if I can avoid it and I am more curious than annoyed with the situation.

If someone has any ideas about what is going on or ever heard of something similar before?

Doubt it helps or makes a difference but previously I have always lived in a …
0
I have two firewalls that are behaving differenntly when routing traffic from the servers in the LAN to public IPs of other servers also is the LAN(inside).  I believe hair pinning is what this type of traffic is called; its due to vendor application dependencies. I'm examining the config files of the ASAs for any differences and not finding much.

Both have this for instance:
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

But in their class inspect settings I do see a few differences...
FW1:
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
  inspect icmp
 class class-default
  user-statistics accounting
!

FW2:
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect ip-options
 inspect http
  inspect icmp
 inspect snmp
policy-map type inspect http test
 parameters
  protocol-violation action drop-connection
!


FW2 is having the hair-pin routing issue and the traffic …
1
Hi Guys,

it might have someone asked same question. but one of our user has  problem for sending Email to a domain.
mx-laughing.atl.sa.earthlink.net gave this error:
ERROR: No or mismatched reverse DNS (PTR) entries for 76.81.57.130

the IP is our gateway IP which has setup PTR records. all records link to domain names. my understanding is the recipient server will check the PTR for correct domain.
I cannot figure it out what problem it is.

I need help.

thank you,
0
After a security review of our new WordPress site it was pointed out that we're vulnerable to "External Service Redirecton - DNS". Specifically, if a URL is entered into the "Your Name" field of our Contact 7 Form then the testers have found that: "It was possible to induce the application to perform server-side DNS lookups of arbitrary domain names"

The suggested remedial action is to implement a whitelist of permitted services and hosts and to block interaction not on this whitelist.

I'm something of a newbie when it comes to this, and it occured to me (perhaps wrongly!) that there may be different whitelists; one for those who cannot enter the site, and a separate for sites to which our server is allowed to speak. Or does a whitelist imply both ways?

Anyway, all help on this gratefully received and I'm imagining this is something that's been done a zillion times before!

I'm using IIS and would prefer that answer, although Apache related help just as good because I've realised I can kind of 'translate' how to do it once I've got the idea.

Thanks in advance Iain
0
Hi,

I have an app and have created a developer page on facebook.

I already have the app secret, key etc for one domain

I have two sites: an active and a development site

I want to register the development site which has a different domain entirely.

thanks in advance
0
4 Total VLANs:
inside
outside
dmz
wifi

wifi VLAN cannot access a website on a server in the dmz (from Chrome: site can't be reached, too long to respond, etc...)
I'm using Wireshark to help troubleshoot this issue and I am by no means a pro with Wireshark. I've noticed multiple TCP retransmissions between the wifi host IP and the website source IP.

If I enable all traffic between wifi and dmz VLAN I still can't reach the website and notice the similar TCP retransmissions between the host and the destination.
If I modify the hosts file on my source machine and add the private IP address to the website with traffic enabled between VLANs the connection works and the site is displayed. No multiple TCP retransmissions are seen via Wireshark.

Can anyone help me figure why my wifi VLAN cannot find the website on the dmz VLAN without the hosts file modification?
0
Hello All,
I am hoping that you can provide me some fresh eyes regarding this issue.

Environment
- SBS2011 Virtual Machine, single NIC, DNS configured to point to itself, sole DC
- 7x client machines with workstations only pointing to server for primary DNS, no secondary
- Cyberoam firewall with Sophos OS, latest firmware
- SBS DNS has 4x forwarders (2x ISP, 2x Google) configured to 3 sec timeouts.

Problem
All of the workstation clients have been experiencing an internet outage that lasts seconds.  The symptom is that they will go to load a webpage and the page resolution appears to hang.  The result is either a very slow loading webpage that eventually comes up or partially comes up, or a page saying the website could not be resolved.  If they refresh the page, it immediately comes up.

Troubleshooting
- Assign workstations to only use external DNS (8.8.8.8), issue goes away
- Assign workstation to a different gateway, issue goes away
- I installed a new secondary DNS server that pulled its info from the SBS DNS.  This VM was joined to the domain, but not promoted to a DC.  I then moved one workstation to the DNS server and the issue did not resolve.

My thoughts
My concern is that the SBS DNS is somehow corrupt or not working properly.  Is there a way to reset it?  

I could also rebuild the secondary server without pulling the DNS info from the SBS server, but my fear is that it will be missing critical AD required information for the workstations.
0
I have never set up a DNS server before.  Right now we have an SBS server that is our DNS server - but we are probably doing away with windows... Or atleast only using the domain for a small number of PC's.

Other than public internet DNS, there are just a handful of DNS entries that I need for a handful of internal servers.  

Before I look into this too much, I'm just curious how hard people think this is to do?  I'm confortable at linux command line, and I know how to set up my DHCP server to change the DNS server address, etc.... Really I am just curious how difficult it is to just setup DNS server on redhat/centos and other than passing public DNS records, having just a handful of internal A records.  

Thanks!
0
Hello,

We have few Linux servers and that has connected to 2-3 vlans and  that has NFS file system mounted from different server. For an example NFS server is registered with 192.168.10.x, that is where all the our production payload traffic goes. We would like to move NFS traffic to different Vlan like 172.10.10.X. Since many of them are using NFS servers, we don't want to change the DNS name, but I was planning to add new IP and hostname in the /etc/hosts file, so it would take local /etc/hosts entry rather than going through DNS.

Basically I want all the NFS traffic to be go through  172.10.10.X
0
Hello Experts. I have a Mac Pro running Mac OS 10.10.5. There is a Smalltree 4-port NIC installed that I use for iSCSI connections to our SAN.  Each NIC is on its own subnet. My question is, how do I keep the 4 ports I use for the SAN from registering their IPs on my DNS server. I want the Mac's LAN to register but not the iSCSI connections. When they register, it messes up name resolution. I've tried entering 8.8.8.8 just to see if would suffice but it didn't. I appreciate your time!
0
Hello everyone,
I have just migrated a 2003 domain to a 2012(dc2) domain and completely demoted the old 2003(dc1) server, I've actually deleted the 2003 server image after the fact. So, I wanted to forward any network request from dc1 to dc2 in case there is something in the networking looking for dc1, so added dc1's old IP address to the 2012(dc2) server and created an A record in the DNS server with the old dc1 IP address, however when I try to go to \\dc1 it asks me for a username and password, and if I use only the old dc1 server IP address, it goes right through the new server, any ideas on how to fix this?
0
Hi, I connected two asa5505 with a crossover cable to learn site2site vpn, I have these configures for both but it just not working, there are no activities on the outside interfaces. I have tested each asa5505 connected to my home LAN with internet access to make sure the interfaces are working. Thanks!


ASA Version 8.2(5)
!
hostname asa-a
domain-name asa-a.domain
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 10.1.1.1 255.255.255.0
!
ftp mode passive
dns server-group DefaultDNS
 domain-name asa-a.domain
access-list outside_1_cryptomap extended permit ip 192.168.1.0 255.255.255.0 10.2.2.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 10.2.2.0 255.255.255.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu inside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn …
0
Do I need to configure a Gateway Role if I am only having users connect to the farm from within the network?  We don't access the Farm from outside only internally.  The reason I ask is that it seems I am having issues connecting to the servers themselves when using RDP.  I have no HA and only 2 Host servers and the Connection Broker and have setup a RR NLB setup.  I have an existing 2003 TS environment and I have built the new 2012 Farm but don't want to confuse the end user with new names.  I plan on when going to production with the new system pointing the name they use now to the new servers.  Say Corp1 is what they are using, I want it to point to the new system.  I am guessing smoking the test farm collection and creating a new one with said old name as the new FARM name on 2012.  Does that make sense?
0
Hello everyone,

Been beating my head against the wall about this for a little bit, and other venues I've tried weren't able to provide a lot, partly due to my lack of knowledge.

We have internal DNS for ourcompany.com hosted on a Server 2012 machine, as well as public DNS for ourcompany.com hosted at GoDaddy. It seems that in the last couple months people have been having issues getting to some of our subdomains pointing to external parties, for example mail.ourcompany.com points to outlook.office365.com. Chrome seems to be the biggest offender when having issues. It seems the browser is looking for the cert for outlook.office365.com, but recognizes that it's coming from mail.ourcompany.com and obviously sees that they're not the same thing.

We only recently added the ourcompany.com forward lookup zone to our internal DNS, and it works fine off-network, so I don't know what I'm doing wrong with our internal DNS to get it to work properly.

Some have suggested pointing the DNS record(s) to an IIS box and do http redirect, rather than having DNS just point straight to the 3rd party.

It also seems that clearing Cached Images and Files in the browser clears up the problem for a few days, but I feel like there's gotta be a better solution than clearing cache via GPO.

Does anyone have any suggestions?

Thanks so much!
0
I have a ASA5510 and I have the  Management port  config  with 192.168.2.1/24  I configured my computer to 192.168.2.6/24 default gateways is 192.168.2.1 and I can not  get into the  ASA


ciscoasa# sh run
: Saved
:
ASA Version 9.1(1)
!
hostname ciscoasa
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Ethernet0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/1
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 management-only
 nameif management
 security-level 100
 ip address 192.168.2.1 255.255.255.0
!
ftp mode passive
pager lines 24
logging enable
logging timestamp
logging console critical
logging monitor critical
logging asdm informational
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-716.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout …
0
Several times a day for the past 2 days we have been losing connection to our website internally for about 40 minutes. Connection returns with no changes on our part.

The website  moved to AWS several months ago. Before the move to AWS this issue never occurred, as the website resided here.

We have (long ago) disabled edns on our DNS servers, but we also use forwarders, so that should not even be an issue.

As far as we can tell, access from outside of our organization remains unaffected, although, obviously, we cannot test from the customers of all ISPs.

Is there something we should look for that we don’t know about? Do AWS websites sometimes send even larger packets that don’t make it through our firewall?
Is there some protocol beyond EDNS that we don’t know about, that would sporadically come into effect, hence causing an intermittent outage?
0

DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.