DNS & network news

Monthly Archive: July 2018

Who updates the TLD zone?

Solved: My hoster has a menu which allows me to change this, which is different from the one that is (I think) AXFR related.

Problem was:

I have a domain ending in .org, for which I changed the primary NS a week ago. I just noticed that when asking one of the .org nameservers which nameservers are authoritative for my domain, it still lists the old one after a week.

I was under the impression that I would just need to change my domain’s zonefile, and everything would properly propagate, given some time.

Can anyone shed some light on this? Thank you!

Edit: Something that I should add: The old primary nameserver was still running and serving an old zonefile that listed itself as the primary. I switched it off half an hour ago, and I now rely on the secondary NS, which did not change and serves the proper zonefile. The scheme I run is that I have a primary NS, and the secondary NS is provided by my hoster, and transfers the data via AXFR. All I did to switch was put in the new primary NS IP into their Web-Interface for the domain, but in retrospective, this probably was not enough…

SOA record settings if they are of any relevance:

 180722000 ; serial 172800 ; refresh (every 2 days) 900 ; retry (every 15 minutes) 1209600 ; expire (2 weeks) 1800 ; negative caching time (30 minutes) 

submitted by /u/spheenik
[link] [comments]

Powered by WPeMatico

How will a resolver know about our second nameserver if we don’t have two NS entries?

We had one of our nameservers go down yesterday and everyone in the office was scratching their heads wondering why our other DNS didn’t immediately pick up the load. The two nameservers are not in master-slave configuration, but their zones and records in the zones are all identical. They live on two completely different networks (Comcast and Verizon) as well.

I theorized that because we only had one NS entry in each zone file, no resolver would ever see the secondary nameserver — and was looked at is if I had two heads. We have one entry in each zone (on each nameserver), ns1.xxxxx.com. So my question is: am I right in thinking that whatever resolver — whether it be a Windows machine or a mobile device — will not know about our secondary nameserver, ns2.xxxxx.com, unless we explicitly put an NS entry for that server into each zone file?

I am a programmer primarily, and am now being introduced to DNS, so I want to make sure that I have the right idea of things before bringing my idea to the table as a solution again. I certainly do see many people all over Google having multiple NS entries — sometimes up to 4 — in a zone file for any given website.

Thanks for any help, folks.

submitted by /u/osr
[link] [comments]

Powered by WPeMatico

Mystery IP addresses insist on attaching to name server

domain.local has three nameservers, two 2012 R2 one 2016

On each of the nameservers I see the following strangeness:

In DNS Server I open domain.local under forward lookup zones and see my three nameservers.

On one of them I have additional IP addresses appearing that belong in subnets that do not exist:

In Edit Name Server Record I delete the IPs, click OK, then Apply and get a series of “do you want to delete the record for ns1.domain.local” and each of the IPs appear to get deleted. But when I go back in, they have reappeared.

Where are these coming from and how do I get rid of them once and for all?

submitted by /u/networkedquokka
[link] [comments]

Powered by WPeMatico

Forwarding lookups to a public DNS for a zone that exists on internal DNS.

So, I have an issue that I have yet to come across in my experience until now.

Scenario: Using Microsoft DNS servers, I am needing to create a Forward Lookup Zone containing one “A” record, but forward any other lookups for that zone to public DNS. So for example you have “domain.com“. I need to resolve “support.domain.com” using an “A” record on my internal DNS to an internal IP, but forward all other requests for “domain.com” to our public DNS servers. Maybe this is a rookie question, but is this possible using Microsoft DNS? I mean, once you create the Forward Lookup Zone on the internal DNS server, it is the authoritative server for that zone and will attempt to resolve all lookups for that namespace?

Of course I could create an entry in the hosts file and manage that with Group Policy, but that is not the route I would want to take.

I would gladly appreciate any help or advise.



submitted by /u/techie213
[link] [comments]

Powered by WPeMatico