Unable to resolve DNS server name

Hello,

I've been trying to set up my own nameserver to host my website using IIS. I first tried the DNS that came with my Windows Server 2003. When I tested the server it would just timeout. So I removed that and tried to set it up using bind. My problem is now I can use it locally and it seems to be working but when I test from elsewhere (such as on dnsreports.com) I get the error "cannot resolve DNS server name". I've attached my config files if anyone can help figure this out I would greatly appreciate it.

I'm running W3k not on domain controller with IIS, SMTP, ICF and BIND 9. (only ICF until I find a better firewall)

I've been instructed by some that I cannot be a nameserver unless my ISP adds it to their files...but that doesn't make sense to me since when/if I use services like zoneedit they can do it and I dont' think they request to be added to all their customers ISP's dns files-do they?

BTW, I've confirmed with my ISP that they do not block any ports at all and the firewall I use has port 53 tcp & udp open which I can I am listening on when I use netstat.

I've setup my reverse as a slave to try and get it to resolve correctly but it didn't seem to help so the files you will see have my ip as a slave from my ISP's dns's.

The only other thing to point out is I have a resolv.conf file that I'm not sure is set up correctly.....examples I've found all have the format
domain yourdomain.com
localhost 127.0.0.1
nameserver 1.2.3.4
so on mine I put my ip address after nameserver and replaced the word nameserver with 'ns1.geborgenheit.us' which is my nameserver I'm trying to use. Should that actually just be 'nameserver'??

~Silver Lynx~

FYI: It's called Win2k3 or W2k3. W3k is still waiting for the year 3000 to come around.

And I see you in my DNS Crawler logs. Seems I need to teach ya how to diagnose your server remotely using that script. DNSReport is a great tool. Shoot, I'm jealous of it for it makes me wanna write something similar. However, there's nothing that can beat a good manual diagnostic. DNS Crawler is kinda hard to use for the DNS beginner, but provides more information in some areas than even dig and nslookup. Anyway, use the "Local Recursion" checkbox for general resolution testing as shown below:

Full resolution of "geborgenheit.us"
http://www.dollardns.net/cgi-bin/dn...&lr=4&submit=DS

I don't know about you, but I got this:


ok, so now we know the IP address "65.60.176.37" doesn't work. What about the other hosts? Let's see what was returned by "A.GTLD.BIZ" by clicking on that aqua colored link.

Rollback query to A.GTLD.BIZ
http://www.dollardns.net/cgi-bin/dn...&lr=1&submit=DS

And I got this:


looks like there's one other host at "65.60.130.231". The script automatically chose to "crawl" to ns1, but now we can manually "crawl" to ns2 to see what it says. Click the purple "geborgenheit.us" link beside ns2.geborgenheit.us.

Direct query to ns2.geborgenheit.us
http://www.dollardns.net/cgi-bin/dn...it.us&submit=DS

Another timeout:


Well what about TCP at least? Let's query the IP address since domains don't resolve too well:
http://www.dollardns.net/cgi-bin/dn...it.us&submit=DS

After a long connection attempt:


For now, we're done remotely testing your configuration. It appears the domain is registered just fine. There are 2 hosts, ns1 and ns2, which resolve to 2 different IP's. Requests to both IP addresses time out. TCP connections to ns1 fails.

Now what do timeouts and failed connections tell us? Well, I don't think that it's just a case of your server not running. You'd get a different response (Port Unreachable! No DNS server is configured at "IP:Port"). And the long connection attempt seems to tell us that the connection timed out too (damn perl for not giving proper connection failed descriptions). When a server isn't responding in any way - not even error ICMP packets - then the most likely problem is a firewall. So I would double check that router forwarding, and make sure there's no personal firewalls running on the server preventing incoming UDP and TCP requests to port 53.

Hi SilentRage, thanks for answering...yes I've found your test here in the forums and was trying to use it. I've turned off all firewall on my computer and have tried again but it still gives me the timed out message. As for the ns2, that is the ip of my other computer which of course is also not working.

Any ideas what else may be causing this?

Grrr, ok I just checked my event viewer and it's filled up with errors "could not listen on UDP socket: permission denied" and "creating IPv4 interface TCP/IP Interface 1 failed; interface ignored"

:/

Pfft, I'm an idiot....forget that last post I forgot the the MS DNS was still installed so the BIND couldn't start properly with that running.

So I take it everything works now?

No, just the error messages are gone in event viewer....My computer is now online with no firewall running and the ms dns is now uninstalled and disabled and still I just get the timeout message

Any idea what else could be the problem??

We could test locally. I want to see the response to the following commands at the DOS prompt:

First command is to look for running dns services:

netstat -an | find ":53"

Second command is to query your server for information

nslookup - 127.0.0.1
> set type=any
> geborgenheit.us

OK, here's what I get from those tests:

C:\Program Files\dns\bin>netstat -an | find ":53"
TCP 65.60.176.37:53 0.0.0.0:0 LISTENING
TCP 127.0.0.1:53 0.0.0.0:0 LISTENING
UDP 65.60.176.37:53 *:*
UDP 127.0.0.1:53 *:*


C:\Program Files\dns\bin>nslookup - 127.0.0.1
>set type=any
>geborgenheit.us
geborgenheit.us
primary name server = ns1.geborgenheit.us
responsible mail addr = postmaster.geborgenheit.us
serial = 1
refresh = 28800 (8 hours)
retry = 7200 (2 hours)
expire = 2419200 (28 days)
default TTL = 86400 (1 day)
geborgenheit.us nameserver = ns1.geborgenheit.us
geborgenheit.us internet address = 65.60.176.37
geborgenheit.us MX preference = 10, mail exchanger = mail.geborgenheit.us
ns1.geborgenheit.us internet address = 65.60.176.37
mail.geborgenheit.us internet address = 65.60.176.37

oh the joys. Well, there are things that we know for certain.

Fact: You are tcp listening on 65.60.176.37 port 53.
Fact: I get "connection timed out" errors when I try to connect
Fact: Your DNS server is not at fault

I've taken the liberty to scan your common ports from 1-1024. You are hosting several services and I can connect to THEM just fine.

You said your ISP isn't blocking ports, so supposedly that's not the problem.

You said you turned off your firewalls, so supposedly that's not the problem.

You probably don't have a router between you and the world cause BIND is directly listening on 65.60.176.37. But I'm gonna ask anyway. Do you have a router?

I have an MN700 but all router capabilites are off and I'm using it only as an access point in order for the two computers to each have their own ip address. I can't access it when it's used as an access point because that disables all the router/nat capabilities so the only way to change anything would be to reset it and start all over setting it up (which wasn't very fun trying to get it into access point mode). It's slightly possible that could be the problem but it doesn't make any sense that any/all ports can be opened except 53.....

I do have a second NIC in my computer although it is disabled but is there any chance this might be causing any trouble? I disabled it because I couldn't set it up properly..the errors in event viewer said things like it couldn't bind to it because another computer on the network already had the same name but I couldn't figure out how to change that with W2k3.

The strange thing to me is this: the ns2 is pointed to a second ip yes, but that ip came from the ip given to my second nic when I originally put it on my computer...my domain is registered with godaddy and they wouldn't allow the same ip address for the name servers so I just entered that to add the name server since I had to have 2 so I know the ns2 will timeout since it doesn't exist....but what makes it strange is that my ns1 acts like the ns2...timing out as if I don't have dns installed. But in my logs I do see that someone has made a query but I can't figure out from there what makes it timeout....hope that makes sense. Another weird thing about the logs is I see tons of queries from my ISP's dns servers to wpad.geborgenheit.us which I don't understand because I have no site/sub-domain called wpad.

BTW, I do want to test the second nameserver on the actual second computer but godaddy won't allow me to add that ip....I get "Error: Parameter value syntax error -INVALID IPADDRESS - IP v4 Address: 65.60.224.255" so I didn't bother even trying to setup dns on the computer. If you want to know about the second computer it's running W2k Server SP4 but no server components are installed, I just use it as a workstation.

You say you're getting queries from the wide world huh? Ok, fine, I'll humor you. I'll attempt to make a UDP request (considering I can't connect via TCP I won't bother with that) to your 65.60.176.37 IP address port 53. I'm going to make a query for "jiminycricketisdead.com" to your server. You should see in your query log that it is coming from 68.51.39.58. The fastest way to see if I made the query is doing a text search for that domain in your query log file.

Unless you get those queries, I believe this to be a networking problem, and I don't think I can help ya.

btw, IP addresses ending with 255 are considered broadcast IP's and are not routable as normal IP's. I once had a DSL ISP who issued me a *.*.*.255 IP address once and it broke my internet. You'd think they know better.

This is what I found in my logs:

2004-01-12 18:30:54 OPEN-INBOUND UDP 68.51.39.58 65.60.176.37 1926 53 - - - - - - - -
2004-01-12 18:31:25 OPEN-INBOUND UDP 68.51.39.58 65.60.176.37 1945 53 - - - - - - - -
2004-01-12 18:31:40 OPEN-INBOUND UDP 68.51.39.58 65.60.176.37 1953 53 - - - - - - - -
2004-01-12 18:31:41 OPEN-INBOUND UDP 68.51.39.58 65.60.176.37 1957 53 - - - - - - - -
2004-01-12 18:32:18 CLOSE UDP 68.51.39.58 65.60.176.37 1926 53 - - - - - - - -
2004-01-12 18:33:18 CLOSE UDP 68.51.39.58 65.60.176.37 1945 53 - - - - - - - -
2004-01-12 18:33:18 CLOSE UDP 68.51.39.58 65.60.176.37 1953 53 - - - - - - - -
2004-01-12 18:33:18 CLOSE UDP 68.51.39.58 65.60.176.37 1957 53 - - - - - - - -

Jan 12 18:30:54.790 client 68.51.39.58#1926: query: jiminycricketisdead.com IN A
Jan 12 18:31:25.454 client 68.51.39.58#1945: query: 37.176.60.65.in-addr.arpa IN PTR
Jan 12 18:31:40.005 client 68.51.39.58#1953: query: jiminycricketisdead.com IN A
Jan 12 18:31:41.998 client 68.51.39.58#1957: query: jiminycricketisdead.com IN A

But again that doesn't tell me if connection was completed or any errors but I'm assuming something goes wrong somewhere if on you're side you're not connecting.....what do you suggest I do?

My ISP tells me they aren't doing/blocking anything, but might it be possible they are somehow rerouting these somewhere? It's just odd I'm getting hits in the logs but then shortly after there are tons of these:
Jan 12 19:04:32.552 client 64.233.222.2#32773: query: wpad.geborgenheit.us IN A
Jan 12 19:04:35.516 client 64.233.207.16#32782: query: wpad.geborgenheit.us IN A
all in these sets of two (both of these are my ISP's dns servers according to ipconfig and they happen for long periods of time, in other words those I just printed actually took place from 19:04:32 to 21:05:06. They all take place it seems after someone tried to access port 53.

Interestly I found this page http://www.demon.net/external/ and when I used it for testing I came up with the following:

host -v -t any ns1.geborgenheit.us.
Similar to the previous command but the "-v" makes the result Verbose.

rcode = 0 (Success), ancount=1
The following answer is not authoritative:
ns1.geborgenheit.us 7200 IN A 65.60.176.37
For authoritative answers, see:
geborgenheit.us 7200 IN NS ns1.geborgenheit.us
geborgenheit.us 7200 IN NS NS2.geborgenheit.us
Additional information:
NS2.geborgenheit.us 7200 IN A 65.60.130.231