| Author |
Message |
Brian
Guest
|
 Posted:
Wed Jan 12, 2005 4:43 am Post subject:
Primary & Secondary DNS Server Problem |
|
|
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could resolve
external addresses. I was shocked. I got DNS1 back up within a few minutes,
but now I'm concerned as to why DNS2 is not resolving external addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
| Quote: | cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
|
DNS2:
| Quote: | cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
|
Both servers have the same forwarders set up. Any ideas of what I should be
looking for?
Thanks! |
|
| Back to top |
|
 |
Mark Renoden [MSFT]
Guest
|
| Posted:
Wed Jan 12, 2005 5:39 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
Hi Brian
What happens if you do an NSLookup from DNS2 using one of the servers you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
| Quote: | I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Wed Jan 12, 2005 12:29 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C#EHA.3640@tk2msftngp13.phx.gbl...
| Quote: | I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I should
be
looking for?
|
Make sure DNS2 is on, reachable,
and able to get through any firewalls.
Make sure it REALLY has the same forwarders.
Check the Advanced tab of DNS2 and make sure
you didn't disable Recursion (including Forwarders).
Go to DNS2 and make sure you can perform direct
lookups through the forwarders. (Checking firewall,
routing etc.)
Check DNS1 and see if it still works with the
Forwarding tab "Do not use recursion" disable
or just make sure both servers are the SAME
for testing.
Note: the setting in the Forwarders tab and the
Advanced tab do NOT mean the same thing.
The former, means the internal server will not
perform physical recursion from the root down
for itself.
The later (Advanced tab) means the server will
NOT answer ANY queries it cannot resolve
locally, that is it will not use the forwarder OR
physically recurse.
If the servers are depending on their own ability
to recurse (fix that too), make sure that they can
do so (firewall etc.) and also that they have the
correct Root Hints.
--
Herb Martin
|
|
| Back to top |
|
|
Brian
Guest
|
| Posted:
Fri Jan 14, 2005 1:50 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
When I do an NSLookup from DNS2, it fails with DNS timeout.
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
news:eVVlFbD%23EHA.1300@TK2MSFTNGP14.phx.gbl...
| Quote: | Hi Brian
What happens if you do an NSLookup from DNS2 using one of the servers
you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their
secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external
addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Fri Jan 14, 2005 2:50 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
| Quote: | When I do an NSLookup from DNS2, it fails with DNS timeout.
|
What happens if you increase the timeout? Is it just slow,
or really broken?
nslookup -time=10 NAME dns.server.IP.address
-time=10 can be 20 or whatever until you convince yourself
it is OUT (or works slow.)
If it is out, then it is one of:
1) DNS server not working
2) DNS server not on
3) DNS server with firewall
4) Client set to wrong DNS server address
5) Firewall or other filter BETWEEN them
And remember to ignore any INITIAL error from
NSLookup (on the first few lines) IF you get the
answer sought down below before the command
output completes.
--
Herb Martin
| Quote: |
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
news:eVVlFbD%23EHA.1300@TK2MSFTNGP14.phx.gbl...
Hi Brian
What happens if you do an NSLookup from DNS2 using one of the servers
you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to
email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their
secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could
resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external
addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I
should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Brian
Guest
|
| Posted:
Fri Jan 14, 2005 4:21 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
I set the timeout to 20 seconds and it still fails. Looks like it's OUT.
Also, that DNS server fails the Recursive test when I do it in the DNS gui
interface. I'm wondering if I remove DNS from this server and re-add it that
will take care of the problem.
Thanks for your help!
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl...
| Quote: | "Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS timeout.
What happens if you increase the timeout? Is it just slow,
or really broken?
nslookup -time=10 NAME dns.server.IP.address
-time=10 can be 20 or whatever until you convince yourself
it is OUT (or works slow.)
If it is out, then it is one of:
1) DNS server not working
2) DNS server not on
3) DNS server with firewall
4) Client set to wrong DNS server address
5) Firewall or other filter BETWEEN them
And remember to ignore any INITIAL error from
NSLookup (on the first few lines) IF you get the
answer sought down below before the command
output completes.
--
Herb Martin
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
news:eVVlFbD%23EHA.1300@TK2MSFTNGP14.phx.gbl...
Hi Brian
What happens if you do an NSLookup from DNS2 using one of the servers
you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to
email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their
secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could
resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external
addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I
should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Fri Jan 14, 2005 4:55 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
In news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl,
Herb Martin <news@LearnQuick.com> commented
Then Kevin replied below:
| Quote: | "Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS
timeout.
|
Are you sure he is not getting the infamous "can't find server name for
address <ipaddress>"?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Fri Jan 14, 2005 5:16 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
| Quote: | Are you sure he is not getting the infamous "can't find server name for
address <ipaddress>"?
|
No, that is why I included instructions for ignoring
it <grin>
--
Herb Martin
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:ORYG5Lc#EHA.936@TK2MSFTNGP12.phx.gbl...
| Quote: | In news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl,
Herb Martin <news@LearnQuick.com> commented
Then Kevin replied below:
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS
timeout.
Are you sure he is not getting the infamous "can't find server name for
address <ipaddress>"?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Fri Jan 14, 2005 5:20 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Brian" <bhanley72@yahoo.com> wrote in message
news:O8JhJ5b#EHA.1292@TK2MSFTNGP10.phx.gbl...
| Quote: | I set the timeout to 20 seconds and it still fails. Looks like it's OUT.
Also, that DNS server fails the Recursive test when I do it in the DNS gui
interface.
|
Failing the recursive test usually doesn't mean
as much for an internal server -- it may have no
access to the root servers (to do the recursion).
Does it pass the non-recursive test? Usually this
means you will NOT get a timeout even if you get
an incorrect answer.
| Quote: | I'm wondering if I remove DNS from this server and re-add it that
will take care of the problem.
|
Probably not, but if you don't mind the work involved
in recreating the zone it is worth a try.
What happens if you use the nslookup from the SAME
server (ask itself).
You might also POST the results so we can make
sure you aren't falling for the infamous NSLookup
"fake error."
--
Herb Martin
| Quote: | Thanks for your help!
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl...
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS timeout.
What happens if you increase the timeout? Is it just slow,
or really broken?
nslookup -time=10 NAME dns.server.IP.address
-time=10 can be 20 or whatever until you convince yourself
it is OUT (or works slow.)
If it is out, then it is one of:
1) DNS server not working
2) DNS server not on
3) DNS server with firewall
4) Client set to wrong DNS server address
5) Firewall or other filter BETWEEN them
And remember to ignore any INITIAL error from
NSLookup (on the first few lines) IF you get the
answer sought down below before the command
output completes.
--
Herb Martin
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in message
news:eVVlFbD%23EHA.1300@TK2MSFTNGP14.phx.gbl...
Hi Brian
What happens if you do an NSLookup from DNS2 using one of the
servers
you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to
email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no
rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their
secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could
resolve
external addresses. I was shocked. I got DNS1 back up within a few
minutes,
but now I'm concerned as to why DNS2 is not resolving external
addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what I
should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Brian
Guest
|
| Posted:
Fri Jan 14, 2005 8:26 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Herb Martin" <news@LearnQuick.com> wrote in message
news:eCfTujc%23EHA.2316@TK2MSFTNGP15.phx.gbl...
| Quote: | "Brian" <bhanley72@yahoo.com> wrote in message
news:O8JhJ5b#EHA.1292@TK2MSFTNGP10.phx.gbl...
I set the timeout to 20 seconds and it still fails. Looks like it's OUT.
Also, that DNS server fails the Recursive test when I do it in the DNS
gui
interface.
Failing the recursive test usually doesn't mean
as much for an internal server -- it may have no
access to the root servers (to do the recursion).
Does it pass the non-recursive test? Usually this
means you will NOT get a timeout even if you get
an incorrect answer.
|
DNS2 does pass the simple (non recursive) test. But fails the recursive.
| Quote: |
I'm wondering if I remove DNS from this server and re-add it that
will take care of the problem.
Probably not, but if you don't mind the work involved
in recreating the zone it is worth a try.
What happens if you use the nslookup from the SAME
server (ask itself).
|
When I first go to a cmd prompt and type "nslookup" on DNS2, the default
server of DNS1 comes up as it's DNS server. Is this ok? I then type "server
DNS2" to change the DNS server to itself. I can then do a DNS query for it's
own name and it returns instantly and with the correct IP address. Here is
output for both looking up itself, and looking up yahoo.com:
DNS2
Server: DNS2.corp.us
Address: 172.15.91.63
Name: DNS2.corp.us
Address: 172.15.91.63
yahoo.com
Server: DNS2.corp.us
Address: 172.15.91.63
DNS request timed out.
timeout was 2 seconds.
*** Request to DNS2.corp.us timed-out
Also, this may be a stupid question, but in the IP configuration of both my
DNS servers, I've got my internal DNS IP addresses as the DNS servers. Is
this a problem?
Thanks
| Quote: |
You might also POST the results so we can make
sure you aren't falling for the infamous NSLookup
"fake error."
--
Herb Martin
Thanks for your help!
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl...
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS timeout.
What happens if you increase the timeout? Is it just slow,
or really broken?
nslookup -time=10 NAME dns.server.IP.address
-time=10 can be 20 or whatever until you convince yourself
it is OUT (or works slow.)
If it is out, then it is one of:
1) DNS server not working
2) DNS server not on
3) DNS server with firewall
4) Client set to wrong DNS server address
5) Firewall or other filter BETWEEN them
And remember to ignore any INITIAL error from
NSLookup (on the first few lines) IF you get the
answer sought down below before the command
output completes.
--
Herb Martin
"Mark Renoden [MSFT]" <markreno@online.microsoft.com> wrote in
message
news:eVVlFbD%23EHA.1300@TK2MSFTNGP14.phx.gbl...
Hi Brian
What happens if you do an NSLookup from DNS2 using one of the
servers
you're
forwarding to?
Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address
to
email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers
no
rights.
"Brian" <bhanley72@yahoo.com> wrote in message
news:uaQIJ8C%23EHA.3640@tk2msftngp13.phx.gbl...
I've got a Win2000 AD domain.
Two DNS servers configured.
All network clients have DNS1 as their primary and DNS2 as their
secondary
DNS servers (XP clients).
The other day, DNS1 crashed. During that time, no clients could
resolve
external addresses. I was shocked. I got DNS1 back up within a
few
minutes,
but now I'm concerned as to why DNS2 is not resolving external
addresses!
Here is output for each DNS server using nslookup for cnn.com:
DNS1:
cnn.com
Server: DNS1.corp.us
Address: 172.1.1.1
Non-authoritative answer:
Name: cnn.com
Addresses: 64.236.24.12, 64.236.24.20, etc
DNS2:
cnn.com
Server: DNS2.corp.us
Address: 172.1.1.2
DNS request timed out.
timeout was 2 seconds.
*** Can't find address for server cnn.com: timed out
Both servers have the same forwarders set up. Any ideas of what
I
should
be
looking for?
Thanks!
|
|
|
| Back to top |
|
|
Brian
Guest
|
| Posted:
Fri Jan 14, 2005 8:39 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
Hi Guys, I think I stumbled across something. In DNS Manager, I expanded
both DNS servers 'Cached Lookups' folder. Both have a "." folder. I then
expand that on both servers. Here is the heirarchy of each DNS server. The
"bad" DNS server looks a whole lot different.
DNS1 (working DNS server):
AR
arpa
at
au
..
.. <--these ellipses mean there are nearly 50 folders I didn't list
..
za
Also, within each of these subfolders there are hundreds, if not thousands
of subfolders for Internet domains.
______________________________________________
DNS2 (non-working DNS server):
net <--this is the only subfolder of "." and within this folder is the
following:
root-servers <--this folder is empty
Is this screwed up or what?
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23Iwptjc%23EHA.2316@TK2MSFTNGP15.phx.gbl...
| Quote: | Are you sure he is not getting the infamous "can't find server name for
address <ipaddress>"?
No, that is why I included instructions for ignoring
it <grin
--
Herb Martin
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:ORYG5Lc#EHA.936@TK2MSFTNGP12.phx.gbl...
In news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl,
Herb Martin <news@LearnQuick.com> commented
Then Kevin replied below:
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS
timeout.
Are you sure he is not getting the infamous "can't find server name for
address <ipaddress>"?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Kevin D. Goodknecht Sr. [
Guest
|
| Posted:
Fri Jan 14, 2005 9:10 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
In news:e9$8Sbk%23EHA.3924@TK2MSFTNGP15.phx.gbl,
Brian <bhanley72@yahoo.com> commented
Then Kevin replied below:
______________________________________________
| Quote: | DNS2 (non-working DNS server):
net <--this is the only subfolder of "." and within this
folder is the following:
root-servers <--this folder is empty
Is this screwed up or what?
|
Check on the Property sheet of the DNS server in the console to see if
"Disable recursion" is checked on the Advanced tab, if it is, uncheck it.
Make sure Root Hints are resolved to addresses on the Root hints tab.
If you have a Forwarder enabled make sure the forwarder is answering
recursive queries.
Make sure the machine has the correct default Gateway listed in TCP/IP
properties.
There may be more but this is all I can think of, at this time.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
=================================== |
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Fri Jan 14, 2005 9:19 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Brian" <bhanley72@yahoo.com> wrote in message
news:e9$8Sbk#EHA.3924@TK2MSFTNGP15.phx.gbl...
| Quote: | Hi Guys, I think I stumbled across something. In DNS Manager, I expanded
both DNS servers 'Cached Lookups' folder. Both have a "." folder. I then
expand that on both servers. Here is the heirarchy of each DNS server. The
"bad" DNS server looks a whole lot different.
|
The cache is irrelevant (mostly.)
--
Herb Martin
"Brian" <bhanley72@yahoo.com> wrote in message
news:e9$8Sbk#EHA.3924@TK2MSFTNGP15.phx.gbl...
| Quote: | Hi Guys, I think I stumbled across something. In DNS Manager, I expanded
both DNS servers 'Cached Lookups' folder. Both have a "." folder. I then
expand that on both servers. Here is the heirarchy of each DNS server. The
"bad" DNS server looks a whole lot different.
DNS1 (working DNS server):
AR
arpa
at
au
.
. <--these ellipses mean there are nearly 50 folders I didn't list
.
za
Also, within each of these subfolders there are hundreds, if not thousands
of subfolders for Internet domains.
______________________________________________
DNS2 (non-working DNS server):
net <--this is the only subfolder of "." and within this folder is the
following:
root-servers <--this folder is empty
Is this screwed up or what?
"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23Iwptjc%23EHA.2316@TK2MSFTNGP15.phx.gbl...
Are you sure he is not getting the infamous "can't find server name
for
address <ipaddress>"?
No, that is why I included instructions for ignoring
it <grin
--
Herb Martin
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:ORYG5Lc#EHA.936@TK2MSFTNGP12.phx.gbl...
In news:%23LIMuQb%23EHA.2016@TK2MSFTNGP15.phx.gbl,
Herb Martin <news@LearnQuick.com> commented
Then Kevin replied below:
"Brian" <bhanley72@yahoo.com> wrote in message
news:#1Hpnka#EHA.2076@TK2MSFTNGP15.phx.gbl...
When I do an NSLookup from DNS2, it fails with DNS
timeout.
Are you sure he is not getting the infamous "can't find server name
for
address <ipaddress>"?
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
|
|
|
| Back to top |
|
|
Herb Martin
Guest
|
| Posted:
Fri Jan 14, 2005 9:25 pm Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
"Brian" <bhanley72@yahoo.com> wrote in message
news:eGEeKUk#EHA.2180@TK2MSFTNGP10.phx.gbl...
| Quote: |
"Herb Martin" <news@LearnQuick.com> wrote in message
news:eCfTujc%23EHA.2316@TK2MSFTNGP15.phx.gbl...
"Brian" <bhanley72@yahoo.com> wrote in message
news:O8JhJ5b#EHA.1292@TK2MSFTNGP10.phx.gbl...
I set the timeout to 20 seconds and it still fails. Looks like it's
OUT.
Also, that DNS server fails the Recursive test when I do it in the DNS
gui
interface.
Failing the recursive test usually doesn't mean
as much for an internal server -- it may have no
access to the root servers (to do the recursion).
Does it pass the non-recursive test? Usually this
means you will NOT get a timeout even if you get
an incorrect answer.
DNS2 does pass the simple (non recursive) test. But fails the recursive.
I'm wondering if I remove DNS from this server and re-add it that
will take care of the problem.
Probably not, but if you don't mind the work involved
in recreating the zone it is worth a try.
What happens if you use the nslookup from the SAME
server (ask itself).
When I first go to a cmd prompt and type "nslookup" on DNS2, the default
server of DNS1 comes up as it's DNS server. Is this ok?
|
Sure but it won't help you.
If you just STAY out of the NSLookup shell by issuing
full command (hard to do at first):
nslookup whateverNAME dns2.ip.addr.ess
| Quote: | I then type "server
DNS2" to change the DNS server to itself. I can then do a DNS query for
it's
own name and it returns instantly and with the correct IP address. Here is
output for both looking up itself, and looking up yahoo.com:
|
Then it is working and reachable from THAT machine.
| Quote: | DNS2
Server: DNS2.corp.us
Address: 172.15.91.63
Name: DNS2.corp.us
Address: 172.15.91.63
yahoo.com
Server: DNS2.corp.us
Address: 172.15.91.63
DNS request timed out.
timeout was 2 seconds.
*** Request to DNS2.corp.us timed-out
|
Ok, so it is only broken for Internet resolution?
| Quote: | Also, this may be a stupid question, but in the IP configuration of both
my
DNS servers, I've got my internal DNS IP addresses as the DNS servers. Is
this a problem?
|
No, that is correct. INTERNAL machines (including
the DNS servers) must use ONLY Internal DNS servers
on their NIC->IP->DNS server properties.
I like Kevin's suggestion, make sure you have not disabled
RECURSION in the ADVANCED tab, as that turns off
all non-local lookups, both forwarding and physical
recursion from the root down.
Any firewall blocking this machine from performing it's
own recursion might cause this too.
Generally it is best to avoid most such problems and just
use the Forwarding tab to forward to a either your own
firewall/gateway Caching only DNS server or to your ISP.
In the latter case (forwarding to the ISP) your internal
server much have limited access to pass the firewall
however. |
|
| Back to top |
|
|
Mark Renoden [MSFT]
Guest
|
| Posted:
Mon Jan 17, 2005 12:18 am Post subject:
Re: Primary & Secondary DNS Server Problem |
|
|
Hi all
What I was actually interested in at my last post was whether you could do a
lookup against the DNS server you're forwarding to from DNS2. In other
words, specify the forwarder as the DNS server and try to resolve something
external. If this fails, you know you've got connectivity problems from
DNS2 to the forwarder. If it succeeds, you can rest assured that this is
fine and move on to troubleshooting DNS2 itself.
HTH
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: markreno@online.microsoft.com
Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.
This posting is provided "AS IS" with no warranties, and confers no rights.
"Herb Martin" <news@LearnQuick.com> wrote in message
news:uQ1PA8k%23EHA.1564@TK2MSFTNGP09.phx.gbl...
| Quote: | "Brian" <bhanley72@yahoo.com> wrote in message
news:eGEeKUk#EHA.2180@TK2MSFTNGP10.phx.gbl...
"Herb Martin" <news@LearnQuick.com> wrote in message
news:eCfTujc%23EHA.2316@TK2MSFTNGP15.phx.gbl...
"Brian" <bhanley72@yahoo.com> wrote in message
news:O8JhJ5b#EHA.1292@TK2MSFTNGP10.phx.gbl...
I set the timeout to 20 seconds and it still fails. Looks like it's
OUT.
Also, that DNS server fails the Recursive test when I do it in the
DNS
gui
interface.
Failing the recursive test usually doesn't mean
as much for an internal server -- it may have no
access to the root servers (to do the recursion).
Does it pass the non-recursive test? Usually this
means you will NOT get a timeout even if you get
an incorrect answer.
DNS2 does pass the simple (non recursive) test. But fails the recursive.
I'm wondering if I remove DNS from this server and re-add it that
will take care of the problem.
Probably not, but if you don't mind the work involved
in recreating the zone it is worth a try.
What happens if you use the nslookup from the SAME
server (ask itself).
When I first go to a cmd prompt and type "nslookup" on DNS2, the default
server of DNS1 comes up as it's DNS server. Is this ok?
Sure but it won't help you.
If you just STAY out of the NSLookup shell by issuing
full command (hard to do at first):
nslookup whateverNAME dns2.ip.addr.ess
I then type "server
DNS2" to change the DNS server to itself. I can then do a DNS query for
it's
own name and it returns instantly and with the correct IP address. Here
is
output for both looking up itself, and looking up yahoo.com:
Then it is working and reachable from THAT machine.
DNS2
Server: DNS2.corp.us
Address: 172.15.91.63
Name: DNS2.corp.us
Address: 172.15.91.63
yahoo.com
Server: DNS2.corp.us
Address: 172.15.91.63
DNS request timed out.
timeout was 2 seconds.
*** Request to DNS2.corp.us timed-out
Ok, so it is only broken for Internet resolution?
Also, this may be a stupid question, but in the IP configuration of both
my
DNS servers, I've got my internal DNS IP addresses as the DNS servers. Is
this a problem?
No, that is correct. INTERNAL machines (including
the DNS servers) must use ONLY Internal DNS servers
on their NIC->IP->DNS server properties.
I like Kevin's suggestion, make sure you have not disabled
RECURSION in the ADVANCED tab, as that turns off
all non-local lookups, both forwarding and physical
recursion from the root down.
Any firewall blocking this machine from performing it's
own recursion might cause this too.
Generally it is best to avoid most such problems and just
use the Forwarding tab to forward to a either your own
firewall/gateway Caching only DNS server or to your ISP.
In the latter case (forwarding to the ISP) your internal
server much have limited access to pass the firewall
however.
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in