Public DNS can't resolve private DNS! Please Help!

[Scott M.]

When I visit: DNSReport.com, and try to view my domain, I get the following:

[ERROR: The parent servers say that the domain marcusnet.us does not have
any NS records (although they may have some other information on that zone).
I can not do a DNS report on a hostname (such as mail.example.com) or a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and reverse
zones!

Please help!

 

[Jason Meyer]

Ok, first I think you might want to clarify whether this is a problem with
your public or private DNS. You state that you can't get dnsreport.com to
work on your private DNS zone, but then you make references to having a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying to test
a private network. You can't. Your nameservers have private IP address that
aren't reachable from the internet. dnsreport.com will only access a public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145 and
..146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and thats
where the problem starts. I would read up on how to setup DNS properly for
private use and public use. Right now you are trying to combine the two.
Hope this helps.

Jason

 

[Scott M.]

What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with the data from
my DNS server), but instead I get the error below.

Ok, first I think you might want to clarify whether this is a problem with
your public or private DNS. You state that you can't get dnsreport.com to
work on your private DNS zone, but then you make references to having a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying to test
a private network. You can't. Your nameservers have private IP address that
aren't reachable from the internet. dnsreport.com will only access a public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145 and
.146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and thats
where the problem starts. I would read up on how to setup DNS properly for
private use and public use. Right now you are trying to combine the two.
Hope this helps.

Jason

When I visit: DNSReport.com, and try to view my domain, I get the following:

[ERROR: The parent servers say that the domain marcusnet.us does not have
any NS records (although they may have some other information on that zone).
I can not do a DNS report on a hostname (such as mail.example.com) or a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and reverse
zones!

Please help!

 

[Jeff Westhead [MS]]

The name of your domain is "marcusnet.us"? The US servers do not appear to
have a delegation for your zone.

marcusnet.us.

Server: A.GTLD.BIZ
Address: 209.173.53.162

------------
Got answer:
HEADER:
opcode = QUERY, id = 16, rcode = NOERROR
header flags: response, auth. answer, want recursion
questions = 1, answers = 0, authority records = 1, additional = 0

QUESTIONS:
marcusnet.us, type = NS, class = IN
AUTHORITY RECORDS:
-> us
ttl = 86400 (1 day)
primary name server = a.gtld.biz
responsible mail addr = hostmaster.gtld.biz
serial = 2002191666
refresh = 900 (15 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)

------------
us
ttl = 86400 (1 day)
primary name server = a.gtld.biz
responsible mail addr = hostmaster.gtld.biz
serial = 2002191666
refresh = 900 (15 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)

--

This posting is provided "AS IS" with no warranties, and confers no rights.

When I visit: DNSReport.com, and try to view my domain, I get the following:

[ERROR: The parent servers say that the domain marcusnet.us does not have
any NS records (although they may have some other information on that zone).
I can not do a DNS report on a hostname (such as mail.example.com) or a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and reverse
zones!

Please help!

 

[Jason Meyer]

Yeah I know. I did lookups, the reason it errors out is that your
nameservers in your zone are private IPs (192.168.1.XXX). Thats where the
misconfig is. If they were the public IPs(69.37.4.XXX) then all should be
ok. Think of it this way, some one tries to do a lookup on
domainserver.marcusnet.us, the tld nameserver knows to forward the request
to 69.37.4.146 or .145. Now your server will spit back that the nameserver
is 192.168.1.XXX. When the client tries to connect to that IP it obviously
can't since it is a private IP. If your NS records were changed to the
public IPs things would work better.

Jason

What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with the data from
my DNS server), but instead I get the error below.

Ok, first I think you might want to clarify whether this is a problem with
your public or private DNS. You state that you can't get dnsreport.com to
work on your private DNS zone, but then you make references to having a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying to test
a private network. You can't. Your nameservers have private IP address that
aren't reachable from the internet. dnsreport.com will only access a public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145 and
.146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and thats
where the problem starts. I would read up on how to setup DNS properly for
private use and public use. Right now you are trying to combine the two.
Hope this helps.

Jason

When I visit: DNSReport.com, and try to view my domain, I get the following:

[ERROR: The parent servers say that the domain marcusnet.us does not have
any NS records (although they may have some other information on that zone).
I can not do a DNS report on a hostname (such as mail.example.com) or a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and reverse
zones!

Please help!

 

[Kevin D. Goodknecht]

In

What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with the
data from my DNS server), but instead I get the error below.

The problem is your DNS is retuning non-routable private addresses for all
your records.

Netsol Records:
DOMAINSERVER.MARCUSNET.US 69.37.4.145
OFFICE.MARCUSNET.US 69.37.4.146
Your records:
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

W:\>nslookup
Default Server: kjweb.lsaol.com
Address: 192.168.0.2

marcusnet.us

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** No address (A) records available for marcusnet.us

set type=ns
marcusnet.us

Server: kjweb.lsaol.com
Address: 192.168.0.2

*** No name server (NS) records available for marcusnet.us

server 69.37.4.145

DNS request timed out.
timeout was 2 seconds.
Default Server: [69.37.4.145]
Address: 69.37.4.145

set type=all
marcusnet.us

Server: [69.37.4.145]
Address: 69.37.4.145

DNS request timed out.
timeout was 2 seconds.
marcusnet.us internet address = 192.168.1.145
marcusnet.us nameserver = office.marcusnet.us
marcusnet.us nameserver = marcusnet.us
marcusnet.us nameserver = domainserver.marcusnet.us
marcusnet.us
primary name server = domainserver.marcusnet.us
responsible mail addr = hostmaster.marcusnet.us
serial = 2003102317
refresh = 600 (10 mins)
retry = 600 (10 mins)
expire = 1209600 (14 days)
default TTL = 3600 (1 hour)
office.marcusnet.us internet address = 192.168.1.146
marcusnet.us internet address = 192.168.1.145
domainserver.marcusnet.us internet address = 192.168.1.145

server 69.37.4.146

Default Server: 69.37.4.146.adsl.snet.net
Address: 69.37.4.146

marcusnet.us

Server: 69.37.4.146.adsl.snet.net
Address: 69.37.4.146

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to 69.37.4.146.adsl.snet.net timed-out

marcusnet.us

Server: 69.37.4.146.adsl.snet.net
Address: 69.37.4.146

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to 69.37.4.146.adsl.snet.net timed-out
One of your Name servers has only private records the other is lame and does
not respond.
Both public DNS server must only return public records. You need a third
machine with DNS and use one of your machines for your local DNS. Then put a
public zone on your other two DNS servers and port forward to those
machines.

 

[Scott M.]

Ok, I've changed my DNS records to indicate only the public (static) IP's of
my NS, but I'm still having the same problem.

I understand what you are saying about the internal IP's. I had thought
that once a user made it to my nameServer it could refer to an internal IP,
because my nameserver can see my other internal IP's.

Even with my system pointing to internal IP's, shouldn't the DNS Report at
least show "some" information, rather than the error, I'm getting, which
seems to imply that it can't even find ANY record for my domain.

Yeah I know. I did lookups, the reason it errors out is that your
nameservers in your zone are private IPs (192.168.1.XXX). Thats where the
misconfig is. If they were the public IPs(69.37.4.XXX) then all should be
ok. Think of it this way, some one tries to do a lookup on
domainserver.marcusnet.us, the tld nameserver knows to forward the request
to 69.37.4.146 or .145. Now your server will spit back that the nameserver
is 192.168.1.XXX. When the client tries to connect to that IP it obviously
can't since it is a private IP. If your NS records were changed to the
public IPs things would work better.

Jason

What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with the data from
my DNS server), but instead I get the error below.

Ok, first I think you might want to clarify whether this is a problem with
your public or private DNS. You state that you can't get dnsreport.com to
work on your private DNS zone, but then you make references to having a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying

to
test

a private network. You can't. Your nameservers have private IP address that
aren't reachable from the internet. dnsreport.com will only access a public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145 and
.146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and thats
where the problem starts. I would read up on how to setup DNS properly for
private use and public use. Right now you are trying to combine the two.
Hope this helps.

Jason


When I visit: DNSReport.com, and try to view my domain, I get the
following:

[ERROR: The parent servers say that the domain marcusnet.us does not have
any NS records (although they may have some other information on that
zone).
I can not do a DNS report on a hostname (such as mail.example.com)

or

a

domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and
reverse
zones!

Please help!

 

[Jason Meyer]

Well it could take some time for the updates to propagate around...give it a
day.

Ok, I've changed my DNS records to indicate only the public (static) IP's of
my NS, but I'm still having the same problem.

I understand what you are saying about the internal IP's. I had thought
that once a user made it to my nameServer it could refer to an internal IP,
because my nameserver can see my other internal IP's.

Even with my system pointing to internal IP's, shouldn't the DNS Report at
least show "some" information, rather than the error, I'm getting, which
seems to imply that it can't even find ANY record for my domain.

Yeah I know. I did lookups, the reason it errors out is that your
nameservers in your zone are private IPs (192.168.1.XXX). Thats where the
misconfig is. If they were the public IPs(69.37.4.XXX) then all should be
ok. Think of it this way, some one tries to do a lookup on
domainserver.marcusnet.us, the tld nameserver knows to forward the request
to 69.37.4.146 or .145. Now your server will spit back that the nameserver
is 192.168.1.XXX. When the client tries to connect to that IP it obviously
can't since it is a private IP. If your NS records were changed to the
public IPs things would work better.

Jason
problem
with dnsreport.com
to

having

a

public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying to
test
a private network. You can't. Your nameservers have private IP address
that
aren't reachable from the internet. dnsreport.com will only access a
public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to

69.37.4.145
and

.146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and thats
where the problem starts. I would read up on how to setup DNS

properly
for

private use and public use. Right now you are trying to combine the two.
Hope this helps.

Jason


When I visit: DNSReport.com, and try to view my domain, I get the
following:

[ERROR: The parent servers say that the domain marcusnet.us does not
have
any NS records (although they may have some other information on that
zone).
I can not do a DNS report on a hostname (such as mail.example.com)

or

a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and
reverse
zones!

Please help!

 

[Ace Fekay [MVP]]

In

When I visit: DNSReport.com, and try to view my domain, I get the
following:

[ERROR: The parent servers say that the domain marcusnet.us does not
have any NS records (although they may have some other information on
that zone). I can not do a DNS report on a hostname (such as
mail.example.com) or a domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with my
registration service (Network Solutions) and the NameServers are
listed correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and
reverse zones!

Please help!

In addition to all the responses, this is a good example of requiring two
DNS servers. One to host your internal private range and AD, the other to
host your external data. Good for security and insures internal users can
get to your site as well as Internet users to get to your site.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS IS" with no warranties.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

 

[Jason Meyer]

See. now was that so bad?

Jason

Well it could take some time for the updates to propagate around...give it a
day.

Ok, I've changed my DNS records to indicate only the public (static)

IP's

of
my NS, but I'm still having the same problem.

I understand what you are saying about the internal IP's. I had thought
that once a user made it to my nameServer it could refer to an internal IP,
because my nameserver can see my other internal IP's.

Even with my system pointing to internal IP's, shouldn't the DNS Report at
least show "some" information, rather than the error, I'm getting, which
seems to imply that it can't even find ANY record for my domain.

Yeah I know. I did lookups, the reason it errors out is that your
nameservers in your zone are private IPs (192.168.1.XXX). Thats where the
misconfig is. If they were the public IPs(69.37.4.XXX) then all should be
ok. Think of it this way, some one tries to do a lookup on
domainserver.marcusnet.us, the tld nameserver knows to forward the request
to 69.37.4.146 or .145. Now your server will spit back that the nameserver
is 192.168.1.XXX. When the client tries to connect to that IP it obviously
can't since it is a private IP. If your NS records were changed to the
public IPs things would work better.

Jason
What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with the data
from
my DNS server), but instead I get the error below.



Ok, first I think you might want to clarify whether this is a problem
with
your public or private DNS. You state that you can't get dnsreport.com
to
work on your private DNS zone, but then you make references to

having

a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are

trying
to

test
a private network. You can't. Your nameservers have private IP address
that
aren't reachable from the internet. dnsreport.com will only access a
public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145
and
.146 as your public name servers. When people contact your name servers
looking for host names the get returned 192.168.1.XXX addresses and
thats
where the problem starts. I would read up on how to setup DNS properly
for
private use and public use. Right now you are trying to combine

the
two.

Hope this helps.

Jason


When I visit: DNSReport.com, and try to view my domain, I get the
following:

[ERROR: The parent servers say that the domain marcusnet.us does not
have
any NS records (although they may have some other information on that
zone).
I can not do a DNS report on a hostname (such as

mail.example.com)
or

a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers

with
my

registration service (Network Solutions) and the NameServers are
listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward and
reverse
zones!

Please help!

 

[Scott M.]

It was a bit of a learning curve, that's for sure. Thanks for your help.
Now my only problem is that you need to provide 2 DNS servers to InterNic
and I'm only running one, so the other one I supplied is not quite in sync
with the real one (the first nameserver).

See. now was that so bad?

Jason

Well it could take some time for the updates to propagate around...give

it

a
day.


IP's internal
IP,

Report

at where
the should
be

access

a

public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to 69.37.4.145
and
.146 as your public name servers. When people contact your name
servers
looking for host names the get returned 192.168.1.XXX addresses and
thats
where the problem starts. I would read up on how to setup DNS properly
for
private use and public use. Right now you are trying to combine the
two.
Hope this helps.

Jason


When I visit: DNSReport.com, and try to view my domain, I get the
following:

[ERROR: The parent servers say that the domain marcusnet.us

does
not

have
any NS records (although they may have some other information on
that
zone).
I can not do a DNS report on a hostname (such as mail.example.com)
or
a
domain name that does not have its own zone.]

What does this mean? I've checked the registered NameServers with
my
registration service (Network Solutions) and the NameServers are
listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the

forward
and

reverse
zones!

Please help!

 

[Jason Meyer]

Yeah that can be a problem. If you do some google searches you can probably
find some DNS hosting providers that will be a secondary for a small price.

Jason

It was a bit of a learning curve, that's for sure. Thanks for your help.
Now my only problem is that you need to provide 2 DNS servers to InterNic
and I'm only running one, so the other one I supplied is not quite in sync
with the real one (the first nameserver).

See. now was that so bad?

Jason

around...give

it

a
day.


Ok, I've changed my DNS records to indicate only the public (static) IP's
of
my NS, but I'm still having the same problem.

I understand what you are saying about the internal IP's. I had thought
that once a user made it to my nameServer it could refer to an internal
IP,
because my nameserver can see my other internal IP's.

Even with my system pointing to internal IP's, shouldn't the DNS

Report

at
least show "some" information, rather than the error, I'm getting, which
seems to imply that it can't even find ANY record for my domain.




Yeah I know. I did lookups, the reason it errors out is that your
nameservers in your zone are private IPs (192.168.1.XXX). Thats where
the
misconfig is. If they were the public IPs(69.37.4.XXX) then all should
be
ok. Think of it this way, some one tries to do a lookup on
domainserver.marcusnet.us, the tld nameserver knows to forward the
request
to 69.37.4.146 or .145. Now your server will spit back that the
nameserver
is 192.168.1.XXX. When the client tries to connect to that IP it
obviously
can't since it is a private IP. If your NS records were changed to the
public IPs things would work better.

Jason
What I mean is this:

Publicly registered domain name: MarcusNet.Us
Registered to use domainserver.MarcusNet.us as a name server.
My machine (domainserver.MarcusNet.us) has DNS running on it.
Hosted by me @ domainserver.MarcusNet.us (name server).

So, when I do a DNS Report, I should see the DNS record (with

the
data

from
my DNS server), but instead I get the error below.



message
Ok, first I think you might want to clarify whether this is a
problem
with
your public or private DNS. You state that you can't get
dnsreport.com
to
work on your private DNS zone, but then you make references to
having
a
public DNS zone. Well which is it?

The reason that dnsreport.com is erroring out is that you are trying
to
test
a private network. You can't. Your nameservers have private IP
address
that
aren't reachable from the internet. dnsreport.com will only

access

a
public
available nameservers. Now you have stuff setup correctly at Network
Solutions people looking for marcusnet.us are referred to
69.37.4.145
and
.146 as your public name servers. When people contact your name
servers
looking for host names the get returned 192.168.1.XXX

addresses
and

thats
where the problem starts. I would read up on how to setup DNS
properly
for
private use and public use. Right now you are trying to

combine
the

two.
Hope this helps.

Jason


When I visit: DNSReport.com, and try to view my domain, I

get
the

following:

[ERROR: The parent servers say that the domain marcusnet.us does
not
have
any NS records (although they may have some other

information

on

that
zone).
I can not do a DNS report on a hostname (such as mail.example.com)
or
a
domain name that does not have its own zone.]

What does this mean? I've checked the registered

NameServers
with

my
registration service (Network Solutions) and the NameServers are
listed
correctly (with the correct IP's).

I've checked in our DNS and there are NS entries in the forward
and
reverse
zones!

Please help!