|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
July 12th, 2004, 12:25 PM
|
|||
|
|||
|
DNS forward lookup zone not registering chages.
We recently made some changes (added 2 new A records) to our forward lookup zone on a win2k3 server. However, the forward lookup zone is not registering these chages. The reverse zone does but not the forward one. I have not been able to figure out what the problem is for several days now. Any help will be appreciated.
Thanks, -- Nick
|
|
#2
July 12th, 2004, 04:25 PM
|
|||
|
|||
|
Here is some more information:
DNS lookup returns the following: http://www.dollardns.net/cgi-bin/dn...bmit=Send+Query However, there should be 2 more entries in there: mlist.saclaw.lib.ca.us 600 A 63.195.132.197 scllhip.saclaw.lib.ca.us 600 A 63.195.132.211. I am not sure why the server is not showing these 2 A records. There are in the zone file. Any ideas on what is going on? Thanks, -- Nick
|
|
#3
July 12th, 2004, 05:35 PM
|
|||
|
|||
|
At this point, the forward lookup zone is propagating to root hints and notify serves.
Ergo, the problem is that the changes is not registered. The changes show up in the zone file but quering the server, the changes do not show up.
|
|
#4
July 12th, 2004, 06:43 PM
|
||||
|
||||
|
I see them just fine:
mlist.saclaw.lib.ca.us. 600 A 63.195.132.197 scllhip.saclaw.lib.ca.us. 600 A 63.195.132.211 The reason those records don't show up in the other query is cause they exist under a different domain. It's not like you were looking at a zone transfer, your server doesn't allow DNS Crawler to grab zone transfers. However, notice we were using TCP before to see the records. Now let's see it with UDP. mlist.saclaw.lib.ca.us. 600 A 63.195.132.197 scllhip.saclaw.lib.ca.us. 600 A 63.195.132.211 Interesting that it timed out. I know it's not firewall/router related cause the query you made using UDP works. MS DNS strikes again. Shame I don't know it better.
__________________
Send me a private message if you would like me to setup your DNS for you for a price of your choosing. This is the preferred method if your DNS needs to be fixed/setup fast and you don't have the time to bounce messages back and forth on a forum. Also, check out these links: Whois Direct | DNS Crawler | NS Trace | Compare Free DNS Hosts Last edited by SilentRage : July 12th, 2004 at 06:47 PM.
|
|
#6
July 16th, 2004, 06:52 PM
|
||||
|
||||
|
Tell me what all forward zones you have setup on the server. I have a suspicion you've got a confusing subzone setup that could be causing problems and should be consolidated under a single zone.
|
|
#8
July 19th, 2004, 12:32 PM
|
|||
|
|||
|
So, I can query the newly added records over TCP but not UDP. Older records can be queried over both TCP and UDP.
What does this actually mean? Aren't all queries going over UDP? And, what does it mean that server can be queried over TCP? Thanks.
|
|
#9
July 19th, 2004, 12:41 PM
|
|||
|
|||
|
Also, in your DNSCrawler, when you enter a.root-servers.net in server and query some FQDN that needs a referal but you check TCP, it seems that is only the first query is over TCP but subsequent queries are over UDP.
|
|
#10
July 20th, 2004, 03:45 AM
|
||||
|
||||
|
That is correct, you should not try to resolve a domain from root using TCP cause not all servers allow TCP queries. DNS Crawler will only query the first server via TCP.
Attach your zone file for me. Don't know if you realized it, but MS DNS also has zone files. I'd like to take a look at it.
|
|
#11
July 20th, 2004, 11:51 AM
|
||||
|
||||
|
Ok, now I think it might not be a normal problem. Something is/was very wrong. You made a query recently in DNS Crawler which caused my script to complain to me in my logs. It said that it was confused, it didn't know what the heck a certain record was. After looking through the access logs, I found out it was you who made that query. Remember when you made a query and it resulted in a "Unknown Record" result? That should never have happened. Both DNS Crawler and DIG had a problem with the dns response. Here's a link:
dig @63.195.132.195 211.132.195.63.in-addr.arpa ptr I've looked at the raw response, and found the bug. The SOA record name field had a domain pointer (used for compression in DNS packets) with a value 1 greater than it should have been. Either this is the result of something seriously wrong with your server, or it's a bug in the server. Last edited by SilentRage : July 20th, 2004 at 01:06 PM.
|
|
#13
July 23rd, 2004, 11:02 AM
|
|||
|
|||
|
Indeed very strange action from your server. Your server isn't named 'localhost' or 'local' or anything like that is it?
Have you tried adding a new record, maybe 'test' to see if that works? Have you tried deleting and recreating the entire zone from scratch? There are some known and extremely annoying bugs in w2k3 dns, but I have to admit this is the first time I've seen this particular one. Are you using AD, the registry, or zone files? AlanGrah
|
|
#14
July 23rd, 2004, 11:46 AM
|
||||
|
||||
|
Is there any error reporting in MS DNS server? When things get especially head scratching with BIND, the error messages always bail me out.
|
|
#15
July 23rd, 2004, 02:24 PM
|
||||||
|
||||||
|
Quote:
No. Quote:
Yes. That is what the problem is. The "old" records are OK. Any A record I add in is not working. Quote:
Yes. Quote:
No AD.
|
|
| Viewing: Dev Shed Forums > System Administration > DNS > DNS forward lookup zone not propagating |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
