DNS & network news

Author Archive: firstdns

Windows DNS debug logging before decommissioning DNS server


I’m looking to demote a DNS server soon, but I want to make sure that there isn’t anything querying it anymore.

  • FSMO roles have been transferred.
  • DHCP server options have been changed to list 2 new DC’s. The outgoing server is no longer listed.
  • Member servers and devices that have static settings have been changed manually.

I’ve turned on Debug Logging on the old server for:

  • Direction: Incoming
  • Protocol: UDP + TCP
  • Packet contents: Queries/transfers
  • Packet type: Request

There are entries in the log that I wasn’t expecting, and I’d like some guidance on what to make of this.

11/09/2020 6:11:56 0D5C PACKET 0000008E8C2D8120 UDP Rcv 5370 ? [746f ATD NOTIMP] (33)[ERROR length byte: 0x21 at 0000008E8C2D8F35 leads outside message] 11/09/2020 6:12:09 0D5C PACKET 0000008E8EA461A0 UDP Rcv 5370 ? [746f ATD NOTIMP] 43086 [EAEB][ERROR offset at 0000008E8EA46FB4 to higher byte in packet 0000008E8EA49A93] 

These IP’s are from domain computers. Ipconfig /all shows me that they only have the 2 new servers listed as DNS, and not the outgoing one.

Can anyone shed some light on this?

submitted by /u/Raziel_Ralosandoral
[link] [comments]

Powered by WPeMatico

Q ref SOA with domain name appended to DNS server name

Could someone please explain to me the following: from a list of many domains for which I need to validate their SOA ($dig +short SOA <domain.com>), the large majority come back with expected results:

ns1.domain-holding-SOA.com and ns2.domain-holding-SOA.com

with two or three exceptions, which come back as follows (all associated with the second DNS being identified):

$dig +short SOA domain.com

ns1.domain-holding-SOA.com ns2.domain-holding-SOA.com.domain.com

Any idea why the appended / repeat of the domain name in the second server response?

submitted by /u/ntwrk-guy
[link] [comments]

Powered by WPeMatico

Bind9: Subdomain hierarchy in named.conf


I want to have distinct zone files for subdomains in a private network.

For that, is this the proper way to configure it in named.conf.local

zone "bbb.ccc.mydomain.com" IN { type master; file "/etc/named/zones/db.bbb.ccc.mydomain.com"; 


zone "aaa.bbb.ccc.mydomain.com" IN { type master; file "/etc/named/zones/db.aaa.bbb.ccc.mydomain.com"; 


Moreover, is the ordering in named.conf.local of any importance, i.e. do more specific subdomains need to be upfront? Unfortunately, I didn’t find a concise explanation in the docs of Bind9.

submitted by /u/lizardkinger
[link] [comments]

Powered by WPeMatico

Unable to translate any pages in Google chrome unless I change the DNS server. 😕

I am having this issue for a while now. I am unable to translate any page in chrome. But the problem was solved after I changed my DNS server.

But the problem keeps on occurring from time to time, sometimes mutliple times a day. Every time I keep on switching between the DNS servers.

Even though it works on switching the DNS server, it is getting really annoying.

Can someone help me solve this issue???

submitted by /u/febinst05
[link] [comments]

Powered by WPeMatico

Use root domain for 2 different ip’s?

Hi all,

I have 2 servers with different services. My website is on one ip (example and my other server is on It’s ip ( port 25565).

How can I setup my A records and SRV to allow my root domain to forward to either or depending on if the user has a webrowser or the other client? (The client auto forwards the user to this point)

What I have so far in my cloudflare A website.com A website.com

SRV @ website.com port 25565

Is this possible? Or will I have to use a subdomain for the server (such as client.website.com )


submitted by /u/Reecepbcups___
[link] [comments]

Powered by WPeMatico

Dynamic DNS alternative

So I was looking at DDNS providers and honestly I’m too cheap to pay for a service like that. I was wondering wouldn’t it be possible to write a program that executes once a day on my home server and have it check if my public IP address has changed and if so somehow make it change the A record on my domain to match the new IPv4 assigned to my domain?

Has anyone done anything like this or heard of anything like that?

submitted by /u/yoseph1998
[link] [comments]

Powered by WPeMatico

DNS alternative to pi-hole that allows per-client rules

I was browsing reddit this week and I ran across a post talking about how someone was using “can’t remember the name of what the product was” in a method similar to:

Parent-devices: block ads, basically default pi-hole level restrictions

Child-devices: locked down to educational, etc. sites

IoT: very restrictive (or open, I can’t remember

Basically looking to secure child-devices to a much more safe internet for their age while not messing with my wife and I’s devices.

I’ve spent the last hour using Google + site:reddit to try and find the post I didn’t bookmark.

submitted by /u/ozbarge
[link] [comments]

Powered by WPeMatico