cannot ping my domain

[frank]

Hi,

I have a computer that I want to host a web server on it. I created a
primary lookup zone in the DNS so if I ping the machine such as
27mayo.casadelperno.com I recieve a response, but if I ping just the domain
I don't get anything. What should I do in order to get a response just as if
I ping google.com. Thanks

Frank

 

[Jeff Cochran]

I have a computer that I want to host a web server on it. I created a
primary lookup zone in the DNS so if I ping the machine such as
27mayo.casadelperno.com I recieve a response, but if I ping just the domain
I don't get anything. What should I do in order to get a response just as if
I ping google.com. Thanks

Add a blank host pointing to the IP of the web server.

Jeff

 

[Deji Akomolafe]

Jeff, I don't think you want him to do that, especially if this DNS server
is also his AD DNS server. There are some discussions on this newsgroups
about the pros and cons of doing this. IMO, it causes more problems than
good.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon

 

[Jeff Cochran]

Jeff, I don't think you want him to do that, especially if this DNS server
is also his AD DNS server. There are some discussions on this newsgroups
about the pros and cons of doing this. IMO, it causes more problems than
good.

If he needs to be able to access his web server by domain alone,
that's what he has to do.

Jeff

 

[Herb Martin]

If he needs to be able to access his web server by domain alone,
that's what he has to do.

Yes, but just telling him to do it blindly when he might-have/likely-has
Active Directory is not helping him fully.

He is going to get unreliable results if this is an internal DNS
supporting an AD domain as the DCs also do what you suggest
and with round robin he will be woundering why it works
sometimes (unless he has "netmask ordering" enabled and it
never works the way you indicated.)

Adding the Host record with the same name as the domain/zone
will work IF there is no conflict with other hosts, e.g, for external
client access only it usually works fine.

All DCs register this in internal DNS autmotically and for
internal users it is probably just best to teach them to use
www.whatever.com.

 

[Ace Fekay [MVP]]

In

Yes, but just telling him to do it blindly when he
might-have/likely-has Active Directory is not helping him fully.

He is going to get unreliable results if this is an internal DNS
supporting an AD domain as the DCs also do what you suggest
and with round robin he will be woundering why it works
sometimes (unless he has "netmask ordering" enabled and it
never works the way you indicated.)

Adding the Host record with the same name as the domain/zone
will work IF there is no conflict with other hosts, e.g, for external
client access only it usually works fine.

All DCs register this in internal DNS autmotically and for
internal users it is probably just best to teach them to use
www.whatever.com.

Just to add, that blank record registered by all DCs is called the
LdapIpAddress, which can be altered by a reg entry under the netlogon key.
If he does have AD, then he needs to alter this on each DC.

He can also circumvent this by configuring the default website on each DC
with a redirect to www.domain.com, which of course will resolve to the www
record under domain.com that he previously created.


--
Regards,
Ace

Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.

This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services

Security Is Like An Onion, It Has Layers
HAM AND EGGS: A day's work for a chicken;
A lifetime commitment for a pig.

 

[Herb Martin]

He can also circumvent this by configuring the default website on each DC

with a redirect to www.domain.com, which of course will resolve to the www
record under domain.com that he previously created.

Presuming he has the web server running on any/all DCs,
which might well be considered a terrible security practice
since IIS is probably the most heavily attacked piece of
software in the world.

This is not really an indictment of IIS -- it has had it's
problems -- but just the reality of IIS problems combined
with crackers foundness for attacking this product.

 

[Ace Fekay [MVP]]

In

Presuming he has the web server running on any/all DCs,
which might well be considered a terrible security practice
since IIS is probably the most heavily attacked piece of
software in the world.

This is not really an indictment of IIS -- it has had it's
problems -- but just the reality of IIS problems combined
with crackers foundness for attacking this product.

True, but its the only way I can see around not altering the LdapIpAddress
record. I guess as long as its internal, its much safer than exposing it to
the outside world. But then again, nothing is safe, internal or external.

Ace

 

[Deji Akomolafe]

IIS on his DCs is a more terrible option, IMO.

--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - COMPLETE SPAM Protection
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon


"Ace Fekay [MVP]"

 

[Ace Fekay [MVP]]

In

IIS on his DCs is a more terrible option, IMO.

I know, I know, its not a good one.... I just figured since IIS is already
installed with Win2000, it would be just an option to consider...