The current configuration is: 2 internal DNS servers (running Windows 2000)
and 2 external DNS servers (running Windows 2003) in a 'split name space'
configuration.

Our internal servers have an AD integrated zone called 'school.edu' (not
really, but you get the idea). Our external servers have a static zone
called 'school.edu' and an updatable zone called 'student.school.edu'.
Dynamic DNS creates records in the latter.

I want to set up a delegation from the inside to the outside (so I don't
have to do zone transfers from the outside to the inside). I have setup a
delegation within our AD integrated zone for 'student.school.edu' and it is
populated with our external name servers. But I can't get any hosts to
resolve.

ping host.student.school.edu
non existent domain

However if I run nslookup:

set type=ns
student.school.edu

I get the correct NS information.

Any ideas?

Blake

Blake wrote:
> The current configuration is: 2 internal DNS servers (running
> Windows 2000) and 2 external DNS servers (running Windows 2003) in a
> 'split name space' configuration.
>
> Our internal servers have an AD integrated zone called 'school.edu'
> (not really, but you get the idea). Our external servers have a
> static zone called 'school.edu' and an updatable zone called
> 'student.school.edu'. Dynamic DNS creates records in the latter.
>
> I want to set up a delegation from the inside to the outside (so I
> don't have to do zone transfers from the outside to the inside). I
> have setup a delegation within our AD integrated zone for
> 'student.school.edu' and it is populated with our external name
> servers. But I can't get any hosts to resolve.
>
> ping host.student.school.edu
> non existent domain
>
> However if I run nslookup:
>
> set type=ns
> student.school.edu
>
> I get the correct NS information.

It sounds like it should work.
If nslookup returns the NS records, does it also return any records known to
exist?

Are you using a stub zone or a delegation?

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

I am using delegation since the inside servers are 2K (It is my
understanding that only 2k3 support stub zones) If that isn't true please
let me know.

It returns the NS records fine but won't return A records - it just gives me
'non existant domain' errors



Blake

"Kevin D. Goodknecht Sr. [MVP]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Blake wrote:
>> The current configuration is: 2 internal DNS servers (running
>> Windows 2000) and 2 external DNS servers (running Windows 2003) in a
>> 'split name space' configuration.
>>
>> Our internal servers have an AD integrated zone called 'school.edu'
>> (not really, but you get the idea). Our external servers have a
>> static zone called 'school.edu' and an updatable zone called
>> 'student.school.edu'. Dynamic DNS creates records in the latter.
>>
>> I want to set up a delegation from the inside to the outside (so I
>> don't have to do zone transfers from the outside to the inside). I
>> have setup a delegation within our AD integrated zone for
>> 'student.school.edu' and it is populated with our external name
>> servers. But I can't get any hosts to resolve.
>>
>> ping host.student.school.edu
>> non existent domain
>>
>> However if I run nslookup:
>>
>> set type=ns
>> student.school.edu
>>
>> I get the correct NS information.
>
> It sounds like it should work.
> If nslookup returns the NS records, does it also return any records known
> to
> exist?
>
> Are you using a stub zone or a delegation?
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>

Blake wrote:
> I am using delegation since the inside servers are 2K (It is my
> understanding that only 2k3 support stub zones) If that isn't true
> please let me know.
>
> It returns the NS records fine but won't return A records - it just
> gives me 'non existant domain' errors

Can you post one of these queries using nslookup -d2 from the DNS server
machine itself to the IP of the delegated server?

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
https://secure.lsaol.com/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================

Kevin,
It looks like it is working. I always forget it takes time for the
AD-integrated zone to 'propogate' to the other name servers. Once I gave it
some time it seems good. (My client was going against one server and I was
setting up delegation on the other)

Thanks for your time.

Blake

"Kevin D. Goodknecht Sr. [MVP]" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> Blake wrote:
>> I am using delegation since the inside servers are 2K (It is my
>> understanding that only 2k3 support stub zones) If that isn't true
>> please let me know.
>>
>> It returns the NS records fine but won't return A records - it just
>> gives me 'non existant domain' errors
>
> Can you post one of these queries using nslookup -d2 from the DNS server
> machine itself to the IP of the delegated server?
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This Helps
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> https://secure.lsaol.com/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oehelp.com/OEBackup/Default.aspx
> ===================================
>
>