DNS Confusion / Server 2003 / SOA record
Hi everyone. I am a web designer who has been tasked with maintaining my organization's Windows Server 2003 web server. I am learning as I go, but I am having trouble getting a grasp on our DNS setup.
Our DNS zone currently has three name servers defined in NS records: two with public ips, and one .local with a private ip. When I run a diagnostic with Intodns.com, it gives me the following error: "The following nameservers are listed at your nameservers as nameservers for your domain, but are not listed at the parent nameservers". (You can run the test with the domain fmb.lib.fl.us to see what I mean). The name server that causes this error is the one name server that points to the .local with a private ip. This is also listed as the primary server in the SOA record. It seems to me that the solution to this problem is simply to remove the NS record for this name server as well as remove it as the primary server in the SOA record. However, whenever I do this, the NS record is later regenerated (upon re-opening the DNS manager) and the SOA record reverts to what it was.
I am scratching my head trying to make sense of this, and I have searched around for answers to no avail. Can anyone help?
A little more information...If I make the changes outlined in my previous post, everything works fine and the Intodns.com diagnostic will not report the error. However, when I reload or re-open DNS manager, the NS record is re-created and the SOA record reverts back. What could be causing this?
Querying the root servers for fmb.lib.fl.us produces several servers.
Querying one of those (a.cctld.us [18.104.22.168]) lists 4 servers:
Querying any one of those yields these 2 as authoritative:
Querying either of these for fmb.lib.fl.us does not produce an A record, but www.fmb.lib.fl.us does.
I do not know anything specific about Server 2003, but if there is a private address listed, I would suspect that it is required for those work stations behind the NAT router. NAT routers do not generally loop back to a public address.
It turns out that active directory integration on the zone was causing the records to regenerate. I changed it to a primary zone without AD integration and it this seemed to solve the problem. Since I don't think we need AD integration, I'll leave it as is.