DNS: I should stop/start for a domain!

G

Gatsu

Hello,

sometimes I should restart the service DNS SERVER because this server
can't resolve a particular domain: 263.net.

The configuration of my Dns Server:

- Windows 2003
- Forwarders: nobody
- Advanced: only these options are selected:
bind secondaries
enalbe round robin
enable netmask ordering
secure cache againt pollution
name checking: multibyte (UTF8)
load zone data on startup: from active directory and registry

Suggestions?

Thanks!!!
JD
 
J

Jorge Silva

Hi

configure your forwarding to point to your ISP DNS, or your router IP.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
 
J

Jorge Silva

When you say :this server can't resolve a particular domain: 263.net

what conclusions did you come up with, I mean when it starts to fail to
resolve that particular domain did you run nslookup to check if the problem
is related with wrong IPAddress? Instead of restarting the server did you
tried to clear DNS server cache- dnscmd /clearcache, are you using the
default root hints to name resolution?

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
 
G

Gatsu

Jorge said:
what conclusions did you come up with
Click to expand...

Before to restart the service I tried to clear the cache, without
success.
For the next time, I try to query with nslookup.

I use the root dns-servers.
Thanks!
 
H

Herb Martin

Gatsu said:
Before to restart the service I tried to clear the cache, without
success.
For the next time, I try to query with nslookup.

I use the root dns-servers.
Thanks!
Click to expand...

When you say "THIS server cannot resolve" do you mean as a DNS
client (i.e., resolve the name for itself) or as a DNS SERVER
(i.e., resolve the name for others as a SERVER)????

How do you know? (Really -- you gave no direct symptoms, merely
a conclusion.)

Are your DNS forwarder entries set to a CONSISTENT set of forwarders
(that all resolve PRECISELY the same names), rather than multiple
(sets of) DNS servers that know different things?

Setting DNS forwarders to different sets is (always) WRONG.

Same thing for the Server's own DNS Client settings -- DNS Clients
must use STRICTLY the DNS server (set) which can resolve ALL names
for that client.

What are the client settings if the DNS server is experiencing the
problem ITSELF when acting as a DNS client?

What does NSLookup give when you focus it in turn on EACH DNS server
involved???

You do this by appending the DNS server IP to the end of the NSlookup
command:

nslookup something.263.net Your.DNS.Server.IP

nslookup something.263.net DNS.Forwarder.OnRouter.IP

nslookup something.263.net Working.DNS.Server.IP

nslookup something.263.net NS.record.for236net.IP

You get NS records for 263.net by doing nslookup when
the resolution is working or using a known working DNS
server:

nslookup -q=ns 263.net 4.2.2.1
(Gives:
263.net nameserver = nsb.capital-online.com.cn
211.150.96.31, 211.150.96.32
263.net nameserver = ns.capital-online.com.cn
211.150.96.32, 211.150.96.31
)

So now you can ask these guys DIRECT questions with NSlookup
and see if they are reachable, working, AND CONSISTENT (i.e.,
do ALL FOUR of those addresses give the SAME answers.)

(Which doesn't appear to be the case)

If you ask nsb for those same NS records then you get NEW IP addresses:

nsb.capital-online.com.cn internet address = 211.150.124.82
ns.capital-online.com.cn internet address = 211.150.125.210

Basically,the problem may not even be YOUR PROBLEM but rather their
inconsistencies but you cannot know that without testing explicitly.

Since you are an ISP you should be motivated to develop the skills
to run these explicit tests....

We are HAPPY to help, but your are going to typically need to respond
to problems created by YOUR servers, or prove they are NOT your
problems, within minutes rather than wait for a newsgroup response
which typically takes hours to days for resoluation....
 
R

Ryan Hanisco

Gatsu,

Is your problem just with this domain?? I am not seeing this advertised
on all of the root DNS servers. There might be a problem with the way
this site is registered.

If this is mission critical for you, you might consider making a stub
zone to spoof this locally. This is generally not a good idea, but if
it is really a problem, you might not have a choice.

Ryan Hanisco
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

invalid domain name/packet rejected ID 5504 1
Primary DNS Fails Shortly when Secondary is down 1
DNS name resolution slow - the first time... 1
Placeholder Domain Model and DNS Configuration 3
Still having trouble removing DNS Server from Domain 5
Stop Win2k DNS Server Resolving External DNS Requests 4
Event 7062 - DNS server encountered a packet addressed to itself 3
Netmask order on DNS Server 3

Top