Thank you. Tuesday, October 20, AM. Let's take a look at this again. Or is it something like www. In it you have your forward lookup zone. In that zone you should find the server you are trying to access as server.
And the forwarder will den supply the external address So make sure you have the local ip set in your local DNS for name resolution to work. What I mean by external DNS is the exact above, you have a company. Your external DNS is probably set up by your ISP or someone you get your webhosting from so you might not have to worry about that. But your internal DNS system is up to you. Wednesday, October 21, AM. Thank you for your reply, here is the requested info: The PC has two nics as it was set up to be part of two networks for security!!
Accounts To get this a little more clear. Your IP:s, Let's say the If you ping the server by it's IP adress it replies, right? Do you use the same name on an external DNS? If you do, the following happens - Client asks for abc. Tuesday, October 20, PM. Hello, As Described Accoding to the sentence above I assume that you have 2 nic on the client one is configured with Hello Mats Thank you for your help with this, the answers are as follows: 1.
Yes, the domain controller and DNS are the same server Yes server replies on IP address using ping 3. Forgive me but I do not understand the "same name on an external DNS question". However, apparently the guy who set it up used the same name for the website, ie, company. Remove anything currently listed, and click Add and enter your nameservers i. When done, click OK to close the window.
You are now ready to set up your zone records. This will help secure your server from a variety of DNS recursion attacks. You can test that your DNS server is properly serving DNS from a Windows command prompt, by using the nslookup command in this format:. For example:. Click NEXT and then select the first option, Create a Forward lookup zone On the next screen, leave the default option selected, This Server maintains the zone, and click NEXT Now you will need to enter the domain name that you want to create your first zone file for.
Then check the box labeled " Disable recursion " Congratulations! If they can't, a recursive query can fail for any of the following reasons:. Start troubleshooting at the server that was used in your original query. Check whether this server forwards queries to another server by examining the Forwarders tab in the server properties in the DNS console. If the Enable forwarders check box is selected, and one or more servers are listed, this server forwards queries.
If this server does forward queries to another server, check for problems that affect the server to which this server forwards queries. When that section instructs you to perform a task on the client, perform it on the server instead. If the server is healthy and can forward queries, repeat this step, and examine the server to which this server forwards queries. If this server does not forward queries to another server, test whether this server can query a root server. To do this, run the following command:.
If the resolver returns the IP address of a root server, you probably have a broken delegation between the root server and the name or IP address that you're trying to resolve.
Follow the Test a broken delegation procedure to determine where you have a broken delegation. If the resolver returns a "Request to server timed out" response, check whether the root hints point to functioning root servers. To do this, use the To view the current root hints procedure. If the root hints do point to functioning root servers, you might have a network problem, or the server might use an advanced firewall configuration that prevents the resolver from querying the server, as described in the Check DNS server problems section.
It's also possible that the recursive time-out default is too short. Begin the tests in the following procedure by querying a valid root server. The test takes you through a process of querying all the DNS servers from the root down to the server that you're testing for a broken delegation.
Resource record type is the type of resource record that you were querying for in your original query, and FQDN is the FQDN for which you were querying terminated by a period. If the response includes a list of "NS" and "A" resource records for delegated servers, repeat step 1 for each server and use the IP address from the "A" resource records as the server IP address.
If the response does not contain an "NS" resource record, you have a broken delegation. If the response contains "NS" resource records, but no "A" resource records, enter set recursion , and query individually for "A" resource records of servers that are listed in the "NS" records. If you do not find at least one valid IP address of an "A" resource record for each NS resource record in a zone, you have a broken delegation. If you determine that you have a broken delegation, fix it by adding or updating an "A" resource record in the parent zone by using a valid IP address for a correct DNS server for the delegated zone.
If root hints appear to be configured correctly, verify that the DNS server that's used in a failed name resolution can ping the root servers by IP address. If the root servers do not respond to pinging by IP address, the IP addresses for the root servers might have changed.
However, it's uncommon to see a reconfiguration of root servers. If the server restricts zone transfers to a list of servers, such as those listed on the Name Servers tab of the zone properties, make sure that the secondary server is on that list.
0コメント