udp packets and ftp.nai.com

Toggle sidebar Toggle sidebar
B

Blake

Distinguished
Apr 4, 2004
42
0
18,530
Archived from groups: microsoft.public.win2000.dns (More info?)

Because our PIX will not support large UDP packets, I have applied the
stanard fix:

dnscmd /Config /EnableEDnsProbes 0

However, now I cannot resolve ftp.nai.com.

In my cached zone, there is an FTP zone beneath the NAI zone.

The FTP.NAI.COM zone has no A records, just 2 NS records. Anybody seen this
behavior??

Blake
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:O9V0EenwEHA.1204@TK2MSFTNGP10.phx.gbl,
Blake <blake_duffey@NOSPAM.hotmail.com> commented
Then Kevin replied below:
> Because our PIX will not support large UDP packets, I
> have applied the stanard fix:
>
> dnscmd /Config /EnableEDnsProbes 0
>
> However, now I cannot resolve ftp.nai.com.
>
> In my cached zone, there is an FTP zone beneath the NAI
> zone.
>
> The FTP.NAI.COM zone has no A records, just 2 NS records.
> Anybody seen this behavior??
>

QUESTION SECTION:
ftp.nai.com. IN A

ANSWER SECTION:
ftp.nai.com. 15 IN CNAME ftp.nai.speedera.net.
ftp.nai.speedera.net. 59 IN A 63.209.221.236
ftp.nai.speedera.net. 59 IN A 208.254.18.148

Query time: 290 ms
Server : 192.168.0.2:53 udp (192.168.0.2)
When : 11/4/2004 11:11:49 AM
Size rcvd : 95



--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
B

Blake

Distinguished
Apr 4, 2004
42
0
18,530
Archived from groups: microsoft.public.win2000.dns (More info?)

So NAI is aliasing the FTP host via a CNAME?

I assume MS DNS (2k3) can handle that OK??

Blake
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:%23XClVGpwEHA.2196@TK2MSFTNGP14.phx.gbl...
> In news:O9V0EenwEHA.1204@TK2MSFTNGP10.phx.gbl,
> Blake <blake_duffey@NOSPAM.hotmail.com> commented
> Then Kevin replied below:
>> Because our PIX will not support large UDP packets, I
>> have applied the stanard fix:
>>
>> dnscmd /Config /EnableEDnsProbes 0
>>
>> However, now I cannot resolve ftp.nai.com.
>>
>> In my cached zone, there is an FTP zone beneath the NAI
>> zone.
>>
>> The FTP.NAI.COM zone has no A records, just 2 NS records.
>> Anybody seen this behavior??
>>
>
> QUESTION SECTION:
> ftp.nai.com. IN A
>
> ANSWER SECTION:
> ftp.nai.com. 15 IN CNAME ftp.nai.speedera.net.
> ftp.nai.speedera.net. 59 IN A 63.209.221.236
> ftp.nai.speedera.net. 59 IN A 208.254.18.148
>
> Query time: 290 ms
> Server : 192.168.0.2:53 udp (192.168.0.2)
> When : 11/4/2004 11:11:49 AM
> Size rcvd : 95
>
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

In news:uSKXEypwEHA.2196@TK2MSFTNGP14.phx.gbl,
Blake <blake_duffey@NOSPAM.hotmail.com> commented
Then Kevin replied below:
> So NAI is aliasing the FTP host via a CNAME?
>
> I assume MS DNS (2k3) can handle that OK??

Yes, it can.

I think the problem is in your PIX firewall, I'd fix that. I know you said
you disabled EDNS, when you ran the command did it apply successfully? That,
is the recommended fix.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
 
O

obiwan

Distinguished
Feb 16, 2001
90
0
18,630
Archived from groups: microsoft.public.win2000.dns (More info?)

> Because our PIX will not support large UDP packets,
> I have applied the stanard fix:

> dnscmd /Config /EnableEDnsProbes 0

hm ... not sure, but if I recall it correctly the above
should just tell to the DNS to avoid checking ext
servers for EDNS support; this in turn means that
query answers not fitting a single (standard) UDP
packet will be retried using TCP .. does your PIX
allow DNS traffic on TCP ?


--

* ObiWan

Microsoft MVP: Windows Server - Networking

http://www.microsoft.com/communities/MVP/MVP.mspx
http://mvp.support.microsoft.com
 
B

Blake

Distinguished
Apr 4, 2004
42
0
18,530
Archived from groups: microsoft.public.win2000.dns (More info?)

It works fine for other look ups. Just not this host.

These servers/configs have been in place for a couple years.

"ObiWan" <obiwan@mvps.org> wrote in message
news:uvdD5XpwEHA.2568@TK2MSFTNGP11.phx.gbl...
>> Because our PIX will not support large UDP packets,
>> I have applied the stanard fix:
>
>> dnscmd /Config /EnableEDnsProbes 0
>
> hm ... not sure, but if I recall it correctly the above
> should just tell to the DNS to avoid checking ext
> servers for EDNS support; this in turn means that
> query answers not fitting a single (standard) UDP
> packet will be retried using TCP .. does your PIX
> allow DNS traffic on TCP ?
>
>
> --
>
> * ObiWan
>
> Microsoft MVP: Windows Server - Networking
>
> http://www.microsoft.com/communities/MVP/MVP.mspx
> http://mvp.support.microsoft.com
>
>
 
B

Blake

Distinguished
Apr 4, 2004
42
0
18,530
Archived from groups: microsoft.public.win2000.dns (More info?)

Something has changed on NAI's DNS info - this is working now, they have an
A record in the ftp.nai.com zone

Thanks

Blake
"ObiWan" <obiwan@mvps.org> wrote in message
news:uvdD5XpwEHA.2568@TK2MSFTNGP11.phx.gbl...
>> Because our PIX will not support large UDP packets,
>> I have applied the stanard fix:
>
>> dnscmd /Config /EnableEDnsProbes 0
>
> hm ... not sure, but if I recall it correctly the above
> should just tell to the DNS to avoid checking ext
> servers for EDNS support; this in turn means that
> query answers not fitting a single (standard) UDP
> packet will be retried using TCP .. does your PIX
> allow DNS traffic on TCP ?
>
>
> --
>
> * ObiWan
>
> Microsoft MVP: Windows Server - Networking
>
> http://www.microsoft.com/communities/MVP/MVP.mspx
> http://mvp.support.microsoft.com
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

I told you this morning that this was NOT "your problem" to fix.

--


Sincerely,

Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
"Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message
news:#udL50pwEHA.3844@TK2MSFTNGP12.phx.gbl...
> Something has changed on NAI's DNS info - this is working now, they have
an
> A record in the ftp.nai.com zone
>
> Thanks
>
> Blake
> "ObiWan" <obiwan@mvps.org> wrote in message
> news:uvdD5XpwEHA.2568@TK2MSFTNGP11.phx.gbl...
> >> Because our PIX will not support large UDP packets,
> >> I have applied the stanard fix:
> >
> >> dnscmd /Config /EnableEDnsProbes 0
> >
> > hm ... not sure, but if I recall it correctly the above
> > should just tell to the DNS to avoid checking ext
> > servers for EDNS support; this in turn means that
> > query answers not fitting a single (standard) UDP
> > packet will be retried using TCP .. does your PIX
> > allow DNS traffic on TCP ?
> >
> >
> > --
> >
> > * ObiWan
> >
> > Microsoft MVP: Windows Server - Networking
> >
> > http://www.microsoft.com/communities/MVP/MVP.mspx
> > http://mvp.support.microsoft.com
> >
> >
>
>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<body>
<blockquote type="cite" cite="midO9V0EenwEHA.1204@TK2MSFTNGP10.phx.gbl">
<p>Because our PIX will not support large UDP packets, I have applied
the stanard fix:</p>
</blockquote>
<p>
No you haven't.  You've applied the <a
href="http://homepages.tesco.net./%7EJ.deBoynePollard/FGA/dns-edns0-and-firewalls.html#LocalFix">local
fix</a>, not the <a
href="http://homepages.tesco.net./%7EJ.deBoynePollard/FGA/dns-edns0-and-firewalls.html#ServiceFix">service
fix</a>.<br>
<blockquote type="cite" cite="midO9V0EenwEHA.1204@TK2MSFTNGP10.phx.gbl">
<p>However, now I cannot resolve <samp><a class="moz-txt-link-abbreviated" href="ftp://ftp.nai.com">ftp.nai.com</a>.</samp></p>
</blockquote>
<p>
The owners of <samp>nai.com.</samp> are publishing
mutually-contradictory data at the moment.  This is not your problem.<br>
</body>
</html>
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.dns (More info?)

I had the exact same problem, and here is what fixed it for me:

Microsoft KB article 873430 describes the problem and the hotfix that
is available. I called Microsoft, and they emailed me the hotfix
immediately, and it solved the problem. I can now resolve
ftp.nai.com.


"Blake" <blake_duffey@NOSPAM.hotmail.com> wrote in message news:<O9V0EenwEHA.1204@TK2MSFTNGP10.phx.gbl>...
> Because our PIX will not support large UDP packets, I have applied the
> stanard fix:
>
> dnscmd /Config /EnableEDnsProbes 0
>
> However, now I cannot resolve ftp.nai.com.
>
> In my cached zone, there is an FTP zone beneath the NAI zone.
>
> The FTP.NAI.COM zone has no A records, just 2 NS records. Anybody seen this
> behavior??
>
> Blake
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom