Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Temporary DNS loss

Status
Not open for further replies.
Canadianweasel

Canadianweasel

IS-IT--Management
Apr 9, 2001
42
0
0
CA

We've been experiencing a problem with a temporary loss of DNS connectivity with our SEF. We've a few internal connections which uses a FQD, so it's set up on the firewall to do this (eg: our webserver).

Randomly, it a workstation will loses the ability to get the DNS information from the firewall, and therefore using the FDQ to connect, fails. Other things appear to work fine (outside DNS connections). It will then just begin making appopriate private DNS lookups, and no pattern has emerged as to when it starts working properly again.

Has anyone experienced this problem? The workstations seem to be mostly Windows 2000 from those who have reported it, however I cannot be certain that it's relegated to Windows 2000 machines.
 
Sort by date Sort by votes
I have experienced a simular problem. I would like to know if you have a EXTERNAL RECURSION under the DNSD? If so you need to make sure that the IP Address is that of your ISP DNS,one PRIMARY and one SECONDARY. This should stop your problem. I had switched Internet Service Providers and did not change this field. I found out the HARD way.
 
Upvote 0 Downvote
I have a VR 1300 and I don't see the the area for External Recursion. Where is that again?
 
Upvote 0 Downvote
I solved my problem by moving our DNS services to a primary and secondary server, leaving the firewall out of the DNS loop.

Everything seems to be running quite well now. Infact, it seems to have sped things up.
 
Upvote 0 Downvote
Canadianweasel,

We currently use our SEF for DNS but we also have a win2000 advanced server running dns. Can you give me a few tips on how to move away from using the SEF for dns and move it to our internal dns server.
 
Upvote 0 Downvote
You can set your internal DNS cache to use the firewall as your forwarder. DNS (servername, properties,forwarder, firewall internal IP address) Stop DNS service, go to your DNS folder and edit your cache.dns file to read;
. 1234567890 IN NS firewall.mydomain.com
firewall.mydomain.com IN A xxx.xxx.xxx.xxx( Internal Ip of Firewall)
the 1234567890 is a sub for a root authority if you have something simular just make sub's where needed.
Save the file, start DNS service, then you are good to go. Open your DNS, then open cache and you shoud see,
" . NS firewall.mydomain.com " One thing you will need to have the ecursion set on the firewall to reference ISP DNS or external DNS that way your network is hidden from the public and the above setting will work correctly.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

tjbradford
  • Locked
  • Question
ASAX 5508 - basic config - packet loss
Replies
0
Views
46
tjbradford
tjbradford
mackland1903
  • Locked
  • Question
Populate oblect group from DNS
Replies
1
Views
34
burtsbees
burtsbees
EdwardMcClelland
  • Locked
  • Question
Google DNS works with Sonic-wall installed. Cox doesn't.
Replies
1
Views
60
ChrisHirst
ChrisHirst
RodneyMcSnow
  • Locked
  • Question
TZ400 -how to prevent dns attacks
Replies
2
Views
48
RodneyMcSnow
RodneyMcSnow
mcdermottmb
  • Locked
  • Question
Intermittent loss of SSL connection forcing user to re-login
Replies
0
Views
34
mcdermottmb
mcdermottmb

Part and Inventory Search

Sponsor

Back
Top