recursive query

[user]

Archived from groups: microsoft.public.win2000.dns (More info?)

Dns server installed in windows 2003 small business serveur premium, with
isa un-installed, nslookup report an error (on the server) when i try
www.microsoft.com. When i test with a recursive query inside mmc, a have an
error too. The redirectors are well setted, internet connection work fine,
on the server and on the network. Nslookup doesn't work on pc on the
network. The name resolution in Exchange 2003 with pop3 connection doesn't
work too. Any idea

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:421af565$0$9125$ba620e4c@news.skynet.be,
r <r> commented
Then Kevin replied below:
> Dns server installed in windows 2003 small business
> serveur premium, with isa un-installed, nslookup report
> an error (on the server) when i try www.microsoft.com.

What kind of error does nslookup give you?

> When i test with a recursive query inside mmc, a have an
> error too.

Have you tried giving the DNS server a forwarder?

The redirectors are well setted, internet
> connection work fine, on the server and on the network.

redirectors?

> Nslookup doesn't work on pc on the network. The name
> resolution in Exchange 2003 with pop3 connection doesn't
> work too. Any idea

In an Active Directory environment the DC must point to its own address for
DNS, only. (if the DC has the DNS for the AD domain)
The same is said for a Active Directory clients, use the DC for DNS, only.

Another problem is caused from using the same domain name for the AD domain
as the public domain name on the internet. The internal DNS server will not
be able to resolve names from the public domain, unless you add the names to
it. Names for instance like www, mail, etc. will have to be added to the
internal DNS server by the use of host "A" records, or delegations.
An example of what you need to add and how to add it is, for www.domain.com,
open the forward lookup zone for domain.com, right click and select new host
from the list, name the host www, give it the IP address of the web server.
You will probably need to run ipconfig /flushdns from a command line before
it will work, to flush the cache of a negative answer.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> a écrit dans le
message de news:uXSOzmMGFHA.428@TK2MSFTNGP15.phx.gbl...
> In news:421af565$0$9125$ba620e4c@news.skynet.be,
> r <r> commented
> Then Kevin replied below:
> > Dns server installed in windows 2003 small business
> > serveur premium, with isa un-installed, nslookup report
> > an error (on the server) when i try www.microsoft.com.
>
> What kind of error does nslookup give you?

a timeout error

>
> > When i test with a recursive query inside mmc, a have an
> > error too.
>
> Have you tried giving the DNS server a forwarder?

yes : fowarder = redirector (french version)

>
> The redirectors are well setted, internet
> > connection work fine, on the server and on the network.
>
> redirectors?

sorry, it's a french version and i translate fowarder by redirector. I have
2 forwarders from my isp

>
> > Nslookup doesn't work on pc on the network. The name
> > resolution in Exchange 2003 with pop3 connection doesn't
> > work too. Any idea
>
> In an Active Directory environment the DC must point to its own address
for
> DNS, only. (if the DC has the DNS for the AD domain)
> The same is said for a Active Directory clients, use the DC for DNS, only.

Win 2003 sbs has its own address for dns, the external address only
(192.168.1.200), not the 127.... 2 Nics are setup in the server but one is
disabled. Someone disabled the second nic and setted-up ISA on a second
server with two nics. I think he had problems with isa on the first server
The first server is connected to internet throught the default gateway (the
isa server) with its own adresse as dns server
There is only 2 servers on the lan. One Win 2000 with isa server alone and
the main serveur with exchange 2003, sql 2000, dns, ...
The serveur doesn't need to be joined from outside the lan.
The servers wasn't setup by me. If i un-install the dns and i re-setup it,
do you think it works better?

>
> Another problem is caused from using the same domain name for the AD
domain
> as the public domain name on the internet. The internal DNS server will
not
> be able to resolve names from the public domain, unless you add the names
to
> it. Names for instance like www, mail, etc. will have to be added to the
> internal DNS server by the use of host "A" records, or delegations.
> An example of what you need to add and how to add it is, for
www.domain.com,
> open the forward lookup zone for domain.com, right click and select new
host
> from the list, name the host www, give it the IP address of the web
server.
> You will probably need to run ipconfig /flushdns from a command line
before
> it will work, to flush the cache of a negative answer.
the domaine is named "domaine.local". The name resolution for the domain
work fine
>
>
> --
> Best regards,
> Kevin D4 Dad Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>

 

[Guest]

Archived from groups: microsoft.public.win2000.dns (More info?)

In news:421b1fa1$0$10681$ba620e4c@news.skynet.be,
Guy RULKIN <rulkin_guy@hotmail.com> commented
Then Kevin replied below:
> "Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> a
> écrit dans le message de
> news:uXSOzmMGFHA.428@TK2MSFTNGP15.phx.gbl...
>> In news:421af565$0$9125$ba620e4c@news.skynet.be,
>> r <r> commented
>> Then Kevin replied below:
>>> Dns server installed in windows 2003 small business
>>> serveur premium, with isa un-installed, nslookup report
>>> an error (on the server) when i try www.microsoft.com.
>>
>> What kind of error does nslookup give you?
>
> a timeout error

Is this the "can't find server name for address <ipaddressofdns>?

>
>>
>>> When i test with a recursive query inside mmc, a have an
>>> error too.
>>
>> Have you tried giving the DNS server a forwarder?
>
> yes : fowarder = redirector (french version)
>
>>
>> The redirectors are well setted, internet
>>> connection work fine, on the server and on the network.
>>
>> redirectors?
>
> sorry, it's a french version and i translate fowarder by
> redirector. I have 2 forwarders from my isp
>

OK That sounds better. Sorry for the poor translation. In English a redirect
would mean I don't have it, I'm going to send you over there to get it. That
is NOT how a forwarder works, if the DNS server doesn't have the answer, it
says to the client I'll go get the answer for you wait here.
The DNS server itself has the ability to ask a DNS server "do you have the
answer, if you don't, where can I get the answer? But that isn't a recursive
lookup, it is an iterative lookup. A Forwarder is not asked for these types
of lookups. The whole process is called recursion

Your DNS server will ask its forwarder for recursion, "Do you have the
answer, and if you don't can YOU go get the answer and return it to me?" A
forwarder MUST support recursion.

If ISA is in the mixed make sure the ISA has rules to support the type of
lookup the DNS server is using.
In other words, if ISA is not configured to allow your DNS server to do
iterative lookups you are going to have problems, unless you check the box
on the forwarders tab "Do not use recursion" then make sure the DNS server
has a recursive DNS server as its forwarder. If ISA is in proxy mode, you
will probably want to use ISA as its forwarder. If ISA is in firewall mode
make sure the rules allow your DNS server to connect to external DNS
servers. For the type of lookup it uses. If you don't have a forwarder
enabled, the DNS server has no choice but to use iterative lookups, which
requires it to be able to connect to any DNS server on the internet.
If it has a Forwarder enabled, the forwarder must be able to return the
final answer and not a referral.

> the domaine is named "domaine.local". The name
> resolution for the domain work fine

This tells me that DNS is working.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================