DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi

yesterday I notice an issue on my primary DNS server as follows:

I went to the dns server under the forward lookup zones on _msdcs.mydomain.local properties ---> name servers -----> edit on my primary dns server ------> trying to resolve its name but it shows this message .... "a timeout occurred during validation"

tried to do the same steps on my additional DC on its DNS server everything works fine.... and I don't have any problem resolving the workstations on my network

but when I do nslookup on the primary DC it shows this message if the primary DNS server set to it self

DNS request timed out.
    timeout was 2 seconds.
Default Server:  UnKnown
Address:  192.168.10.10

note : the IPv6 is disabled
0
I log into different domains using NetExtender. When I log into client1 NetExender sets the flag to "Append these DNS suffixes" and adds client1.com as the suffix. Requests by host or host.domain name resolve fine. After I disconnect I see the flag is still set and the domain name (client1.com) is still present.  

When I connect NetExtender to client2.com name resolution does not work. I can only access devices by IP addresses. If then I uncheck  "Append these DNS suffixes" in DNS portion of my computers network settings devices are once again accessible by name.

Is there a setting in SonicWall SSLVPN configuration that will do the proper house keeping?
0
Hi I have a server that has Centos7 that does not have an GUI Interface installed. By accident for some reason it looks as though during the install I did not set the IP Address details of Nic1and these should be static. I am trying to set it so that the IP address details of Nic 1 is 10.10.230.12. subnet mask is 255.255.255.0, gw is 10.10.230.6 and the dns I was going to just set as 8.8.8.8 (Google DNS Servers)
Can you help on the commands to run to set this please. The server has 2 nics but only nic1 is plugged in.  if I run the command ip a this is what I get (please see attached file). I assume the nic is that called enp2s0f0
Centos7.jpg
0
Currently we have dev, test and uat for non-prod environments. And test and uat are going through Akamai and use their Forward Rewrite cloudlet to determine which server to go to.

Now we have a new project. The project team asks separate environments from BAU, so it wouldn't impact the BAU work. They proposed to use dev2, test2 and uat2, but to be able to use Akamai with these new domains we have to do a lot of works, such as create new configs, register new certificates, copy all the rules... and also DNS change, firework change...

I am thinking to still stick to the existing URL, but create a clone site. So for example, under test.XXX.com.au, we have 2 versions of sites: V1 and V2. So is there a way the IIS could determine to pass the request to test.XXX.com.au\V1 or test.XXX.com.au\V2? By default it always goes to V1, but by adding some information, such as something in the header, IIS would know which version to go to. And the URL would always be test.XXX.com.au.

Thank you.
0
We have a server on our network that is public facing. We have Comcast cable and ATT fiber running into the building and a firewall that can handle both. I'd like to set something up that if a client goes to (mysite).com and the cable modem is down (the "primary" service) it would failover to the fiber connection to the server automatically and switch back when the cable came back up, so the server is always the same server and the client is always using www.(mysite).com, just how they get in would change depending on if a service provider is down.

What are my least expensive options for that?
0
We are experiencing weird issues whose major symptom is slow, or no, loading of new websites.  When visiting a page you haven't visited, it will either take a very long time, or not load at all.  Refreshing once or twice will usually bring the page up.  From that point on, clicking new links on that page will be as fast as normal.  This occurs on all systems, with all browsers.  This is a new issue that started on Monday. There were no configuration changes over the weekend.  We have two ISPs, and the problems occur on both ISPs, so it's not an ISP issue.

It seems like a DNS problem, but DNS resolves very quickly.  Looking in the DNS logs when turned on show very quick responses and no errors. Changing internal and external DNS servers made no difference.  Visiting web pages by IP address made no difference.  Pinging internal and external by name always returns immediately.

While it mostly presents as an internet issue, we do see occasional issues internally.  Some dropped pings (by name and IP), some issues accessing local services (NAS device, internal web interfaces).  However, these are very very sporadic.

We have a Sonicwall and have played with turning things off one at a time, and everything off at the same time (App Control, content filtering, DPISSL, antivirus, antispam...), as well as administrator logins.  This made no difference.

We restarted all our equipment, and nothing seems to have an impact.  The Sonicwall is not stressed, the Cisco switches are …
0
Enable dnssec in whois database on my account its enable dnnsec  but  when I  search   with whois say it's  not  enable
Thanks
0
How do we tell the ASA from DNS request VTS070.prorivertech.com externally to translate to 192.168.100.110
0
Hello

We have Mail Server with four Domains. One PTR Record is created with our ISPs per WAN IP.
mail.company.com 1.1.1.1
mail2.company.com 2.2.2.2

Do we have to create additional PTR records for other 3 domains ? and Each WAN should point to 4 Domains ?
or one is enough ?

Thank You
0
Hello forum

My developing environment is  Visual Studio  2015 enterprise , with Windows Driver installed.

I just started  going  going browsing through the  documentation at  https://github.com/basil00/Divert.

My  project description is this  :  My Project description : DNS RESOLVER IMPLEMENTED AS A WINDOWS SERVICE
 (MAIN FEATURE INTERCEPTION AND REDIRECTION TO ANOTHER HOSTED DNS SERVER) The scenario of my laboratory research
 work is this : My research laboratory has one hundred work stations, with users on each system. My research work is
 centered on making users Web browsers (opera and Firefox and e.t.c) queries i.e web surfing , to be intercepted and
 redirected to a local hosted DNS SERVER which will communicate with top level domain name servers around the world
 and return the request back to the users. The solution is to be design as a WINDOWS SERVICE (not a GUI).
 
 
 I want to know can i write a DNS RESOLVER IMPLEMENTED AS A WINDOWS SERVICE
 (MAIN FEATURE INTERCEPTION AND REDIRECTION TO ANOTHER HOSTED DNS SERVER) with   WinDivert



My questions :

Is there any documentation for writting the WinDivert.dll in windows service to serve as matching packet (Conditiosn for INTERCEPTION AND REDIRECTION)


(2) The WinDivert.sys do i need to manipulate it for packet intercettion and redirection


(3) The rerouted packet is going to a DNS server on 189.200.200.4  in my network, how do i achieve the packet  modification for rerouting to the  …
0
Good day  forum


from https://docs.microsoft.com/en-us/windows-hardware/drivers/network/using-bind-or-connect-redirection
"A WFP redirect record is a buffer of opaque data that WFP must set on an outbound proxy connection at
 the FWPM_LAYER_ALE_AUTH_CONNECT_REDIRECT_V4 and FWPM_LAYER_ALE_AUTH_CONNECT_REDIRECT_V6 layers, so that
 the redirected connection and the original connection are logically related."
 
 Am working with  ClassifyFunctions_ProxyCallouts.cpp of WFP driver sample  (https://code.msdn.microsoft.com/windowshardware/Windows-Driver-Kit-WDK-81-cf35e953)
 
 
 What is confusing me is this, being that am working on the (FWPS_LAYER_ALE_CONNECT_REDIRECT_V4) and (FWPS_LAYER_ALE_CONNECT_REDIRECT_V6) (Kernel mode)
 
 How do i set up proxy connection  at this layer.
 
 thank you
0
Hello everyone.
 
 Am  writting a Windows Driver application (Packet modification) for DNS interception and redirection, making use of  https://github.com/Microsoft/Windows-driver-samples/tree/master/network
 
 My question is this am i supposed  to use Callout Driver  or Windows Driver Kit
 
 Secondly, am developing  a Windows service in Visual Studio how  do i use either the Callout Driver  or Windows Driver Kit in VISUAL STUDIO 2017 application
0
Dear All

I am not able to join DMZ server into domain.
Error : The network path was not found"

I have opened the port as below:

LDAP TCP-in – 389
LDAP UDP in – 389
LDAP for Global Catalog TCP in – 3268
NetBIOS name Resolution UDP in – 138
SAM/LSA TCP in – 445
SAM/LSA UDP in – 445
Secure LDAP TCP in –  636
Secure LDAP for Global Catalog TCP in – 3269
W32Time NTP UDP in – 123
RPC – RPC Dynamic
RPC Endpoint Mapper
DNS – TCP and UDP 53
Kerberos V5 UDP in – 88
Netbios Datagram UDP in – 137
0
I will soon be migrating our AD domain controllers to Server 2016. We have a few DC's in the 1 forest but the one that holds the FSMO also has a lot of other services like DHCP and its a certification authority. I've come up with a very high level list of the process involved, id like to see if I am on the right track by the experts on here. My main concerns are over keeping the same IP and Name as the old DC and moving the certification authority.

The server I'm looking to migrate initially is ADC1

1.      Move services to ADC2
   a.          Move RD Licensing Server
   b.          Move DHCP (or test if we can use the failover DHCP (ADC3) server)
   c.          Migrate FSMO roles
2.      Backup Certification authority on ADC1
3.      Find out what KMS keys are used on ADC1
4.      Remove Certification authority services from ADC1
5.      Turn off ADC1 and test connectivity and logons.
6.      Turn ADC1 back on.
7.      Demote ADC1
8.      Remove all entries for ADC1 from DNS and AD schema
9.      Create new 2016 server (with same IP and name as removed DC) and promote to DC
10.      Upgrade forest schema to 2016
11.      Install certification authority on new DC and restore from backup
12.      Reinstall KMS and keys on new server
13.      Move DHCP back to ADC1 and ensure failover is still working to ADC3
14.      TEST DNS and AD replication.
0
Hi All,

I have a VPS on godaddy.com and I have created my subdomain but it not working even though I have all the redirection folders and config.php pointing to correct folder.

how can I check and fix please.
0
Is there a site that will give very detailed historical records for a domain, even changes that only lasted a day?
0
Hi Experts,

I am running Best Practice Analyzer on all four of my DNS Servers (Server 2008 R2).

On all four DNS Servers I get the warning message stating that "The DNS server should have scavenging enabled" as the size of the DNS database can become excessive.

I am assuming the DB size is small, but how can I check?

Where is the location of the DNS database file so I can check whether the file is taking a lot of space?

If I enable scavenging, what are the implications? What could go wrong if it is enabled?
0
Hi All,

I have found myself to be very lacking in memory when it comes to Cisco IOS and after far too many hours of trying and reading website and documents I have decided to ask an expert!

I need help with the following setup:

Cisco 897VA router
WAN on G8:
Direct Connection to fibre Media Converter.  (no vLan tagging required)
CE of Router needs to be 203.197.207.126/30
Gateway or PE is 203.197.207.125, DMZ from ISP is 203.197.217.136
I have Static IP Addresses assigned by the provider pointing at 203.197.207.126 (203.167.245.224/29) only using 2 at the moment .225/.226.
External DNS 203.47.152.43/44
External Nat

LAN 2 Ports to be used G1 & G2

G1 is the port facing the main network and servers and will be the gateway for all PC's inside.
IP is to be 192.168.1.254
Internal DNS 192.168.1.3/4
Internal NAT

G2 is to be the Wifi. Original Setup before router replacement was on Private WIFI on vLan100 and Public WIFI was on vLan101)
Internal NAT
vLan101 had internet access only no internal access with ip of 192.168.101.x for the WIFI and external DNS
vLan100 had access to internal systems and internet with IP of 192.168.100.1 for interface and 192.168.100.254 for the WIFI.  The WIFI, accessed 192.168.1.254 and the 2 internal DNS for internet and internal access.

Both WIFI used the router for DHCP, no DHCP for internal computers. IP Range was 192.168.{100/101}.100-125 for each

Internal network was vLan1

Access was allowed for 80/443/25/3389 …
0
CURRENT CONFIGURATION:

                           ROUTING TABLE:
#    Dest IP      Mask  Gateway IP  Metric Device Use Edit Drop
---------------------------------------------------------------------
1  10.188.45.91    32 10.188.45.91     1   poe0  0    
2  192.168.254.0   24 192.168.254.254  1   enet0 137888
3  default          0 Node1            2   poe0  105886

                            WAN CONNECTION TABLE:
PVC VPI/VCI IP Address          Subnet      GateWay      DNS Server    Encapsulation Status
PVC0  0/35 10.216.230.183 255.255.255.255 10.188.45.91 112.198.126.116     PPPoE       Up

                        *NEW* CONFIGURATION:
                           ROUTING TABLE:
#    Dest IP      Mask  Gateway IP  Metric Device Use Edit Drop
---------------------------------------------------------------------
1  10.216.xxx.xxx  ?? 10.188.45.91     1   poe0  0    
2  192.168.254.0   24 192.168.254.254  1   enet0 137888
3  default          0 Node1            2   poe0  105886

Can anybody - please - help me with a correct Mask (??)? :)

Regards,
WWW.GULDVOG.COM.PH Jan Guldvog
CEO/OWNER
0
is it possible to get 100% fail over 100 % availablity using f5 to two IIS servers configured for load balancing in round robbin.

Each request to check if a server is active and route the call to the other server if one is down, without any downtime.

Also is it possible to queue a call if both servers are down and wait a certain period of time and make the call to the first available server?
0
I created a cluster with 2 vm's. I followed instructions listed below.This is on RHEL 7.3 This is after kubernetes was installed using yum. The version of kubernetes is 1.7

commands on Master01-only

sysctl net.bridge.bridge-nf-call-iptables=1
sysctl net.bridge.bridge-nf-call-ip6tables=1
systemctl stop firewall
systemctl disable firewall
systemctl status firewall
systemctl start iptables.service
systemctl enable iptables.service
iptables -F
service kubelet restart
kubeadm init --pod-network-cidr 10.244.0.0/16
make sure you copy the kubeadm join command that gets displayes after cluster creation"

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes
kubectl describe nodes
cd ~/Downloads
kubectl apply -f flannel.yml
kubectl apply -f flannel-rbac.yml
kubectl create -f rolebinding.yml
kubectl create -f role.yml
commands on node-only

sysctl net.bridge.bridge-nf-call-iptables=1
sysctl net.bridge.bridge-nf-call-ip6tables=1
systemctl stop firewall
systemctl disable firewall
systemctl status firewall
systemctl start iptables.service
systemctl enable iptables.service
iptables -F
kubeadm join --token xxxxxx.xxxxxxxxxxxxxx x.x.x.x:6443
The issue i am having is that the dns is not working as expected. Have been struggling with this for past two days. Would appreciate any help.
0
On one of our computers, we cannot open the fedex.com site in IE11.
This is a Win 7 Pro system.
She usually can open the site in Chrome.
She used to be able to open the fedex site in IE, but now it gets stuck seemingly trying to redirect to the site, to the proper address.
When she tries to connect, the address bar blinks a lot and shows signs of trying to redirect, maybe to Akamai, but it never fully resolves.
I have tried adding *.fedex.com to the Allowed Sites List in the IE Security settings.
I have cleared the DNS cache.
I have tried clearing her SSL State under the Content Tab in her IE Settings.
Other computers near her can connect to the site using IE 11, but she no longer can.
We have rebooted her computer.
We have uninstalled the security software, then rebooted.
We have cleared her Browsing History.
When I try to ping the site, it fails, but then it fails on the other computers as well, even though they can connect to the site using IE 11.
When I tracert, the result is always failure at the same distant point in the process.
I don't know if they allow Ping, so that might be the last step on the way, and it might for some reason block the protocol.

Tracing route to fedex.com [204.135.8.155]
over a maximum of 30 hops:

  1     *        *        *     Request timed out.
  2     1 ms     1 ms     1 ms  173-11-90-46-SFBA.hfc.comcastbusiness.net [173.11.90.46]
  3     *        *        *     Request timed out.
  4    13 ms    11 ms     9 ms  …
0
Good morning,
I asked my provider to create secondary zone for my dns, in order to be primary in the office.
Since done I can't access my exchange server from internet. And propagation of my dns seems stoped. My dns is " matpbnet.ma ", can you help me?
0
Hi, Need some help and not sure where to start. I have a server 2012RS essentials I would like to have client machines listed under computers. But whenever I try to use http://server/connect I get address not available. NSlookup resolves servername.domain.local and the correct IP.

http://servername/connect resolves fine on the server itself.

Could someone help.
0
Hi all

I want to setup vpn on my home computer but dont have static IP

Whats best and free dns solution so i can use that to overcome the static ip issue?

thanks
0

DNS

26K

Solutions

26K

Contributors

The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.