The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.

Share tech news, updates, or what's on your mind.

Sign up to Post

I would like to ask you for help with an error appeared in server. It is caused by assigning an IP address from DHCP  to new device, but the old one, with same IP address (already disconnected) is still in the DNS cache. The precise description of the error is:

The kerberos client received a KRB_AP_ERR_MODIFIED error from the server ´´X´´. The target name used was ´´Y´´. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named server accounts in the target realm ´´Z´´, and the client realm ´´Z´´. Please contact your system administrator.

I think, it would be solved with settings I sent out in attachment, but I would like to know what is the best solution of this error.
Thanks for the response.
I'm setting up a private bind server in a lab, this box will not be available from the outside.

So an updated CentOS 7.2 and whatever version of BIND is in the latest repos.  Following the instructions here: https://www.digitalocean.com/community/tutorials/how-to-configure-bind-as-a-private-network-dns-server-on-centos-7

[root@dns-dhcp dns]# cat /etc/named.conf
// named.conf
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
// See /usr/share/doc/bind*/sample/ for example named configuration files.
acl "trusted" {;	#dns-dhcp;	#workstation;	#spacewalk
options {
	listen-on port 53 {;; };
	listen-on-v6 port 53 { ::1; };
	directory 	"/var/named";
	dump-file 	"/var/named/data/cache_dump.db";
	statistics-file "/var/named/data/named_stats.txt";
	memstatistics-file "/var/named/data/named_mem_stats.txt";
	allow-query     { trusted; };

	 - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
	 - If you are building a RECURSIVE (caching) DNS server, you need to enable 
	 - If your recursive DNS server has a public IP address, you MUST enable access 
	   control to limit queries to your legitimate users. Failing 

Open in new window

We have third-parties who have developed a wordpress site for us. They delivered a website with some references in the source code that are causing problems for me on my internal active-directory integrated network. I don't know if this is something they can fix or not.

The specific problem is that some stylesheets references in the code refer to www.MYDOMAIN.com and other reference just MYDOMAIN.com (no www.) See link below. (contains my domain name so you can see the website)


Note that some are WWW.DOMAIN.COM and only five are not.  I have to believe those can be changed?

In my internal network I have not been able to assign an ip address to the root domain (DOMAN.com.) So these stylesheets are broken and make our website appear broken to the internal users on my network (but fine outside of my network.)  I setup a wildcard in my Server 2012 R2 DNS server but it still points the main domain to the IP address of a DC controller.


The third-party is saying that it may not be fixable and a wordpress issue. Since I do not know enough about the mechanics of wordpress, I wanted to see if someone knew if that is true or not.  The third party also has complete control over the wordpress backend so I can't even get in to verify anything they have done.   They have implied my request is asking to fundamentally change Wordpress code.

What do I need to do …
Hi guys,

I want to be able to set up charges for hosting the domain of my clients?

How it works for me is...I registered their domain with my local registrar (just to have that country code at the end of the domain name - good for the business where its from and located) and I told my registrar to point it to my nameservers so i can take full control of the domain (ie: MX records, etc). This of course does not includes website hosting. I do have a packaged for the website hosting. But not for the domain hosting alone.

The reason why i asked is because i have a few clients whom I hosted their domain under my server for email services only (no website hosting agreement, only for email purposes). I hosted their domain for email services (ie: Google Apps or Office 365).

With my registrar there is a fee for hosting the domain which is $35.00 Annual per domain.

Do i still charge my clients for hosting their domain or how do i go about it?

Kindly advise.


I have a database that is supposed to be hosted in Toronto.  I discovered today that when I am connected to the database, the IP I see is located in Saint Louis, Missouri.  I asked the host why this is, and the response I got was that this is normal to see from this company, and even though the server is indeed in Toronto, the extra hops on the traceroute are normal.

When I do the trace, I see the hops going from:

1 = my local ISP in Montreal
2 = Bell Canada in Toronto
3 = The host in Toronto  (I would expect it to stop here)
4 = The host in Chicago
5 = A different IP of the host in Chicago
6 = again the same as 5
7 = the last hop of the host in Missouri (which is the IP that I actually see from my pc while connected to the database)

It does not make sense to me that I am not seeing the IP from Toronto where my data is supposed to be stored.  Is there a logical reason for this?  Am I seeing some sort of IP spoofing/masking, or does my data actually reside in Missouri?

Any insight is appreciated!


We have 2 domain controllers (primary & backup), recently we have moved our backup DC to a new data center.  The 2 DC can ping each other but cannot replicate.  I ran dcdiag and got the attached log from the backup DC.

I have been following: http://www.experts-exchange.com/questions/26318254/Replication-errors-on-new-Windows-2008-RC-DC's.html but still end up with the same result from dcdiag "Got error while checking LDAP and RPC connectivity.  Please check your firewall settings."

Please help.
I want to host my own DNS in Cpanel WHM.

If I create a subdomain I have to add the domain manualy at my domain seller page. I want to forward everthing to my own dns-server in cpanel will do this automaticly.

How can I manage this? If I change the nameserver I get a message that there are no name servers found. DNS kills me :'(
Since my websites are growing so quickly I have to move to a new hoster. I've been a network administrator 8 years ago but I'm extremely rusty.
At first I build a Linux server without control panel and everything worked perfect. Since it was a bit to much setting up every vhost by hand I setup CWP. This was even more work since most services are outdated. So I bought a cPanel license.
Everything works perfect except e-mail.
I can receive e-mail, but if I send an e-mail it doesn't deliver. If I look at the logs it clearly says delivered. For example to Hotmail:
Delivery Host:      mx2.hotmail.com
Delivery IP:
Size:      576 bytes
Result:      Accepted

I think I made a mistake in the DNS records but I can't put my finger on it. I worked over 90 hours almost non-stop so I'm fuzzy.  My domains are hosted somewhere else and all the IP-addresses are pointing to the new server.
Hello we have a big problem in our organization. Client computers keep reverting from Domain network to Work network after restart of PC. When we do some modification od NIC (turning on/off ipv6 etc) It turns to domain network, but after restart revert to work network again.

Windows Server 2012

Pls help :(


Pavol Vrabec
I have an odd behavior with DNS I am trying to resolve.  We have a network that all log into with one common domain and use the local DNS for another domain.  When we try and find a server on the local domain in Internet explorer or other programs it cannot find it by IP.  Our workaround is to add the server name ( short name or FQDN is fine) to our hosts file on windows at the client then we can use the url to reach it. We still cant use the IP or it is an unknown entity.  The DNS is set in the DHCP call and is there, as well as records in the DNS server and a listing of the domain in the advanced tab for the DNS.  I know this sounds messy but it has been like this for a while.  I would expect this behavior if we were VPN'd in as it could not reach the DNS, but not as a local entity.  The reason we started noticing odd behavior is when we go to ssh into a box via IP from a remote VPN'ed client, we can log right in less than a second, if we log in from the local clients to a box on the local network it is 30 to 45 seconds of waiting to go to the same address.  It gets lost for a while then comes back.
I have a Windows 2008 R2 server with a static IP address.  When you go to the domain controller for DNS you have the A record and the Pointer record with the correct IP address.  Then when you can't find the server in windows explorer network, I go back to the DNS server and both A record and PTR record have changed IP address.  There are only 2 people that have access to DNS server with administrator privileges and neither one of us has changed it.  Any clues?  By manually changing the A Record and PTR record to the proper IP address corrects the problem.
I keep getting undeliverable messages on emails sent to addresses that use Google.  The message tells me this:

mx.google.com #550-5.7.1 [My IPv6 address is here so I removed it] Our system has detected that this 550-5.7.1 message does not meet IPv6 sending guidelines regarding PTR records 550-5.7.1 and authentication. Please review 550-5.7.1 https://support.google.com/mail/?p=ipv6_authentication_error for more 550 5.7.1 information. v83si4687475qhv.85 - gsmtp ##

I have tried multiple things to fix this issue.  We use Comcast, and they tell me they do not have the ability to turn off IPv6 on the modem, and that I need to turn it off on my local machines.  That has been done already, with the exception of my server because I am running Exchange and that requires IPv6.  Comcast tells me that they cannot set up RDNS on the IPv6 address because they do not have a static IP for IPv6.  

Has anyone else who is experiencing this issue found a fix for it?  


Michael Bohn

Recently, We have noticed that when an IP Address is allocated to a user via DHCP, it does not automatically create a DNS A Record... This isnt for every host, it appears to be intermittent.

So when programs that rely upon DNS for host to IP or visa versa... Communication is failing.

If i manually do: "ipconfig /release" and then "ipconfig /renew" on the machine in question, the A Record is then created and the problem is solved... However, this is only a manual fix and we would like to find the root cause as to why these A Records arent being made automatically.

Also, i have found some event log errors on the machines that do not create A Records automatically...
The eventlog error is: "the system failed to register host (a or aaaa) resource records (rrs) for network adapter"

We are having some strange DNS issues.  We have a main site with multiple remote locations.  The main site is connected to each location via a site-to-site VPN.  Each Sonicwall TZ210 manages the DHCP for their site.  At the main site, we have a couple Domain Controllers, two of which are used for DNS.  The Sonicwall VPN's have two the two servers from the main site, and a third DNS through the ISP.
The problem is that a handful of people at remote sites experience connectivity issues to the mapped drives.  It used to be that you could access teh servers through the IP address, but this changed suddenly.  You cannot ping/run NSlookup.  NSlookup cannot find hte name, and times out after 2 seconds.  We cannot figure out why this is happening.  We are using a Server 2008 box with FSMO roles, and have a 2012 DC, and other 2008 DC's as well.  We do not use IPv6, and it is not enabled on the servers.

I created Reversed DNS for my domains.

The main domain is domain1.com with Name server ns1.domain1.com and ns2.domain1.com

I configure some subdomains from: mail01.domain1 to mail10.domain1.com.

Then I add the new virtual Machine, with domain name: domain1.com.

I create the subdomains again from mail01.domain2.com to mail10.domain2.com with reversed ip.

I have each ip for each sub domains.

By the way, when dig the subdomains of the domain1.com, they are all resolved to first domain.

$ dig -x xxx.xx.xx.xx +short

(xxx.xx.xx.xx is the ip reversed for mail01.domain1.com)

I really don't understand why. I tried to delete all and created again but still the same result.

Here is my situation.
We have a Windows 2012R2 Domain.  Our windows domain is xyz.com.  our website should be www.xyz.com.  We can access the website from outside of our network but not from within.  I've resolved this issue years ago but don't remember how I did it.  I know it's a DNS entry on the DNS server but can't recall what it is.  Feelin old!

When I ping a server it returns IPv6 IP instead of IPv4. I disabled TCP/IPv6 protocol, but it did not resolve a issue.
Found IPv6 in the DNS.
Remove IPv6 from DNS.

Now pings as IPv4. Couple days later same server pings as IPv6 again. I found IPv6 in DNS as well.
HI Experts

i am trying to add Secondary Forward and Reverse DNS Zone for another Domain but can't resolve the Second server FQDN and ZONE can't load giving Red-X, zone transfer allowed for any server,

i am doing same for another server and its working good

I am trying to build 2 way Trust relation ship between different domain both are server 2012r2

Thank you
Hi Experts

Currently we are using mimecast services  for our email and for email archive as well. we have around 7 years of archive on Mimecast.
Now our company is moving away from mimecast and i have to import  all our archive to on-premises or cloud storage .Does anyone has any suggestion or experience ,how to import  that archive .or any helpful link.

Kindest Regards

I have a domain who's externally hosted website is the same .com extension.. so when someone on the domain types    domain.com they get the 403 access denied error (unless you prefix w/ https:// then it goes to unsetup web iis service)
The externally hosted website is www.domain.com
I created an A record in the DNS server for www to point it to the web host ip. However, now when you type in www.domain.com from within the domain, it resolves in the address bar as www.www.domain.com  .... How can I correct this situation?
I use free Whois domain lookup tool for finding domain names ownership information, registration data and much more.  This service is very useful. For it to check sites of business partners, sites at which purchases and any useful sites. This will help avoid Internet scams.
And I am interested in your opinion.

Our company website is currently not on Wordpress (3rd party custom CMS site), but our company blog is already on Wordpress. We use 2 different domain names to access them.

We want to rebuild our website using just Wordpress and we want to integrate the old Wordpress blog into the new installation. This is easy and we have tested (simple export from old blog and import into new Wordpress).

But we don't know how to keep the 2 domains functioning.

Current setup:

New desired setup:

It is true that users on DOMAIN #1 will be able to use the menus to navigate to the blog on the new Wordpress server - this is fine. But for odd historical reasons some Blog readers don't know about DOMAIN #1 and will continue to use DOMAIN #2. We don't want them to hit the homepage and be confused - we want DOMAIN #2 to point directly at the List of Blog Posts on the new server (and look like a separate domain still). In other words DOMAIN #2 needs to point to a subset of the site. We don't want to just do a domain forward to DOMAIN #1 if at all possible.

Is this at all possible?
Hi EE,
I've a DNS resolution issue as below and it's just happened recently.
My backup failed to connect to the NAS storage due to this issue.

When i nslookup nasb01.fish.com, I will get result:

Name:    nasb01.fish.com
Addresses:  57.x.x.x, 57.y.y.y, 57.z.z.z,

However, from the DNS server i couldn't find any host A record for nasb01.fish.com.

Tried to nslookup the IP, and the IP resolves as follow:
57.x.x.x = nas111.fish.com
57.y.y.y = nas132.fish.com
 57.z.z.z = nas27.fish.com = nasb01.something.fish.com

Can you guide me how to troubleshoot this issue?
The correct resolution is nasb01.fish.com = nasb01.something.fish.com =
I am having trouble setting up reverse DNS. MY ISP is saying they have setup everything correctly but I am getting an error when I do a dig. BAD (HORIZONTAL) REFERRAL I have two CENTOS Servers setup with 6.6 and Bind DNS. I have the reverse DNS setup on both of these dns servers and I can access everything fine when I connect directly to or

Please let me know if anyone has any ideas.

@ -x +trace

; <<>> DiG 9.8.3-P1 <<>> @ -x +trace
; (1 server found)
;; global options: +cmd
.                  21217      IN      NS      e.root-servers.net.
.                  21217      IN      NS      j.root-servers.net.
.                  21217      IN      NS      c.root-servers.net.
.                  21217      IN      NS      l.root-servers.net.
.                  21217      IN      NS      i.root-servers.net.
.                  21217      IN      NS      b.root-servers.net.
.                  21217      IN      NS      k.root-servers.net.
.                  21217      IN      NS      h.root-servers.net.
.                  21217      IN      NS      m.root-servers.net.
.                  21217      IN      NS      g.root-servers.net.
.                  21217      IN      NS      d.root-servers.net.
.                  21217      IN      NS      a.root-servers.net.
.                  21217      IN      NS      f.root-servers.net.
;; Received 228 bytes from in 34 ms

in-addr.arpa.            172800      IN      NS      b.in-addr-servers.arpa.
in-addr.arpa.            172800      IN      NS      f.in-addr-servers.arpa.
in-addr.arpa.            172800      IN      NS      e.in-addr-servers.arpa.
in-addr.arpa.            172800      IN      NS      a.in-addr-servers.arpa.
in-addr.arpa.            172800      IN      NS      d.in-addr-servers.arpa.
in-addr.arpa.            172800      IN      NS      c.in-addr-servers.arpa.
;; Received 419 bytes from in 173 ms

I have set up Server 2008 r2 to be a remote session host for rds. I purchased a ssl certificate and linked it to RDS and bound it to the default web site in iis 7. I created an A record for the RDS address using the wan ip address.  I opened port 3389 on the modem since that's the port rds is set to use. I still cannot connect. Any Suggestions?






The Domain Name System (DNS) is a hierarchical, globally distributed system responsible for associating the name of a computer, service or other resource into an IP address for connecting to the Internet or a private network. Most prominently, it translates domain names to the numerical IP addresses needed for the purpose of computer services and devices worldwide.