Re: Strange DNS problem

From: C Hall (someone_at_microsoft.com)
Date: 04/20/05

• Next message: Steven L Umbach: "Re: Quick Launch Bar & Security"
• Previous message: Steve Clark [MSFT]: "Re: IPSEC not blocking specific IP address per Ethereal"
• In reply to: Herb Martin: "Re: Strange DNS problem"
• Next in thread: Herb Martin: "Re: Strange DNS problem"
• Reply: Herb Martin: "Re: Strange DNS problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 20 Apr 2005 12:47:30 -0400

I hear you....it seems that one of the main problems is that on our F/W
there was a statement to NAT our dns server ip to an outside address and
that's why it was trying to transfer the public zone to our private zone.
Not sure how/when that happened, but am glad to know what needs to happen to
resolve the problem.

Chris

"Herb Martin" <news@LearnQuick.com> wrote in message
news:%23uvuRUTRFHA.3704@TK2MSFTNGP12.phx.gbl...
> "C Hall" <someone@microsoft.com> wrote in message
> news:#mv9kyRRFHA.3496@TK2MSFTNGP12.phx.gbl...
> > Thanks for the lesson, Herb.
>
> Sure but it still didn't solve you real issue. <grin>
>
>
> > "Herb Martin" <news@LearnQuick.com> wrote in message
> > news:enUGOrRRFHA.248@TK2MSFTNGP15.phx.gbl...
> > > "C Hall" <someone@microsoft.com> wrote in message
> > > news:OS$oyyORFHA.688@TK2MSFTNGP10.phx.gbl...
> > >
> > > > That was my first thought--DNS cache poisoning. The one reason I
> thought
> > > > that it just may be an internal configuration problem is that the
zone
> > I'm
> > > > using is already in use as an Internet domain space--a mistake on my
> > part.
> > >
> > > First, your internal zone using an internal name the
> > > same as a public name doesn't really interact with
> > > cache poisoning.
> > >
> > > Holding your zones, it distinct from the resolution
> > > you do for clients (beyond those zones) and poisoning
> > > is worked through that resolution.
> > >
> > >
> > >
> > >
> >
> >
>
>

• Next message: Steven L Umbach: "Re: Quick Launch Bar & Security"
• Previous message: Steve Clark [MSFT]: "Re: IPSEC not blocking specific IP address per Ethereal"
• In reply to: Herb Martin: "Re: Strange DNS problem"
• Next in thread: Herb Martin: "Re: Strange DNS problem"
• Reply: Herb Martin: "Re: Strange DNS problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Error msg. 4007 ... :: message every time I either reboot or try to restart the DNS server: ... :: and use information from the directory for this zone and is unable ... :: The DNS server could not signal the service "NAT". ... Sounds like it thinks the zone is in the ForestDnsZones app partition. ... (microsoft.public.windows.server.dns) Re: DNS issue with Windows 2003 ... Is there a firewall or NAT between the two DNS servers? ... >I have "Allow zone transfers to any server" on the other DNS server. ... (microsoft.public.windows.server.dns) Re: FQDN cannot be managed because it is not running Windows NT ... The DNS server was unable to open zone 18.35.10.in-addr.arpa in the Active ... that the Active Directory is functioning properly and reload the zone. ... event data is the error code. ... (microsoft.public.windows.server.active_directory) Re: Local Delivery is not sending to one recipient in Exchange Ser ... The DNS server was unable to open zone rickkochoil in the Active Directory ... Errors in File Replication Service: ... Running partition tests on: ForestDnsZones ... (microsoft.public.exchange.admin) Re: Error 4515 on reboot of DC/DNS Svr - normal? ... switch back to AD with Forest wide, and then put the DNS service ... I do believe you are correct that the "old" zone is still there. ... (replication is for all DNS servers in the forest) ... The key is that your clients have to be able to go to ANY DNS server ... (microsoft.public.windows.server.dns)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint