←February→
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
1 |
2 |
3 |
4 |
| 5 |
6 |
7 |
8 |
9 |
10 |
11 |
| 12 |
13 |
14 |
15 |
16 |
17 |
18 |
| 19 |
20 |
21 |
22 |
23 |
24 |
25 |
| 26 |
27 |
28 |
29 |
|
|
|
| ←2012→| Months |
|---|
| Jan |
Feb | Mar |
| Apr |
May |
Jun |
| Jul |
Aug |
Sep |
| Oct |
Nov |
Dec |
|
Fri, Sep 25, 2009 7:08 pm
Windows XP System Not Using Primary DNS
After a user rebooted her system, email she sent to an internal POP3 email
server was being rejected. When I checked the email server's log file, I found
that it was rejecting the email because it saw the email coming from the outside
address of the firewall. It saw the "to" address of the email message she was
trying to send as one that was not destined for an account on the email server
and rejected it with a "relaying denied" message. The email server was
configured to allow relaying from the IP address of her PC, but since it
saw the email coming through the external firewall, it rejected it.
When I tried pinging the internal email server, mail.example.com, from
her system, instead of its internal address, 192.168.0.25, being used, I saw
the external address for the firewall was being used. I checked her
/windows/system32/drivers/etc/hosts file first. I didn't see
any entry for mail.example.com there. Nor did I see the address cached
on her system when I entered the command ipconfig /displaydns |
find /i "mail.example.com" at a command prompt. So I used a
sniffer to observe
the network traffic from/to her system. I saw that her system was
querying the DNS server configured as the secondary name server for her
system, which was an external DNS server provided by her Internet Service
Provider (ISP) rather than the internal name server on her
LAN.
I tried ipconfig /flushdns, but that made no difference.
Her system continued to query the secondary name server and didn't seem
to ever cache the address for mail.example.com. When I tried
ipconfig /registerdns, the system then queried the primary
DNS server again.
The /registerdns argument to the ipconfig command
"refreshes all DHCP leases and re-registers DNS names." The system had
a static IP address, so the "re-registers DNS names" function of the
command must have fixed the problem.
When she tried sending her email message again, though,
it was rejected by the internal mail server. I had her restart her email
client, Microsoft Outlook, and that resolved the problem. Apparently, Outlook
also maintains its own cached information for the mail server it uses. I
still didn't see the internal mail server's address cached when I issued
an ipconfig /displaydns command, though.
The long term solution, though, to prevent the problem recurring would
be to set up another internal DNS server to use as the secondary DNS
server.
References:
-
XP not using Primary DNS
Date: March 20, 2009
TechTalkz.com Technology @ your
fingertips
-
Configuring IP Addressing and Name Resolution
Microsoft TechNet: Resources for
IP Professionals
-
When does a Windows client stop using a secondary DNS server and revert back
to primary
Date: August 11, 2009
Server Fault
-
Renew DNS client registration using the ipconfig command
Updated: January 21, 2005
Microsoft TechNet: Resources for
IP Professionals
[/network/dns/windows]
permanent link
Mon, May 11, 2009 9:15 pm
DNS Query Logging in Bind
BIND does not log DNS queries by default. If you want to log DNS queries,
you will need to add code similar to the following to
named.conf:
logging {
channel query_logging {
file "/var/log/named_querylog"
versions 3 size 100M;
print-time yes; // timestamp log entries
};
category queries {
query_logging;
};
};
To have the change take effect, you need to kill the named
process and restart it , e.g. kill `cat path_to/named.pid`
followed by /usr/sbin/in.named to restart the
service. You should then be able to view the log of DNS queries.
# cat /var/log/named_querylog
11-May-2009 17:00:34.885 XX /127.0.0.1/inbound.broadbandsupport.net/A
11-May-2009 17:00:36.097 XX /192.168.1.3/cisco.com/A
11-May-2009 17:00:39.883 XX /127.0.0.1/inbound.broadbandsupport.net/A
#
[ More Info ]
[/network/dns]
permanent link
Mon, Feb 09, 2009 4:34 pm
No-IP Coupon Code
I had to renew
No-IP Plus Managed
DNS service for a domain today, so that I could continue to
use No-IP's
DDNS service for
the domain. I found a promo code that gave me a $5 discount for the renewal.
The coupon code was EXP427.
[/network/dns]
permanent link
Wed, May 07, 2008 9:21 pm
Online Tools to Check MX Records
Two webpages offering online tools to look up
MX record information
for a domain are listed below:
Check MX Records for Email Tool - Live2Support.com
MX Lookup - MXToolbox.com
[/network/dns]
permanent link
Thu, Nov 08, 2007 6:23 pm
Root Hints
I was notified by someone that the L root name server had changed. To
see what root name servers one of my DNS servers, running Redhat
Linux 9, was using, I ran
dig and saw the following output:
# dig
; <<>> DiG 9.2.1 <<>>
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60704
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 517448 IN NS G.ROOT-SERVERS.NET.
. 517448 IN NS H.ROOT-SERVERS.NET.
. 517448 IN NS I.ROOT-SERVERS.NET.
. 517448 IN NS J.ROOT-SERVERS.NET.
. 517448 IN NS K.ROOT-SERVERS.NET.
. 517448 IN NS L.ROOT-SERVERS.NET.
. 517448 IN NS M.ROOT-SERVERS.NET.
. 517448 IN NS A.ROOT-SERVERS.NET.
. 517448 IN NS B.ROOT-SERVERS.NET.
. 517448 IN NS C.ROOT-SERVERS.NET.
. 517448 IN NS D.ROOT-SERVERS.NET.
. 517448 IN NS E.ROOT-SERVERS.NET.
. 517448 IN NS F.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
F.ROOT-SERVERS.NET. 172107 IN A 192.5.5.241
J.ROOT-SERVERS.NET. 172107 IN A 192.58.128.30
;; Query time: 169 msec
;; SERVER: 207.233.128.10#53(207.233.128.10)
;; WHEN: Thu Nov 8 16:15:46 2007
;; MSG SIZE rcvd: 260
I only saw the addresses for two of the thirteen root servers listed. The
servers are named A.ROOT-SERVERS.NET. through
M.ROOT-SERVERS.NET. as shown
by the output of a dig command below.
# dig . NS @f.root-servers.net
; <<>> DiG 9.2.1 <<>> . NS @f.root-servers.net
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19934
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
L.ROOT-SERVERS.NET. 3600000 IN A 199.7.83.42
M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
;; Query time: 235 msec
;; SERVER: 192.5.5.241#53(f.root-servers.net)
;; WHEN: Thu Nov 8 16:22:59 2007
;; MSG SIZE rcvd: 436
I also checked the status of the DNS service on the system with the
rndc status command and saw the following:
# rndc status
number of zones: 6
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
When I checked the /var/named/named.ca file on the system, I
found it was dated January 24, 2003, so was almost 5 years old, since
the current date is November 8, 2007. I backed up the current
named.ca file and then overwrote the file with the latest
information.
# dig . NS @f.root-servers.net >/var/named/named.ca
I then restarted the DNS server with
/etc/init.d/named restart.
Note: if you see the following when you check the DNS server status,
try issuing the /etc/init.d/restart command again.
# rndc status
rndc: connect failed: connection refused
The root hints file, /var/named/named.ca should be updated
periodically, which I hadn't been doing on the server. A script to
do so can be found at
Keeping it
working. The script will have to be customized for your particular
system though, e.g. I would need to use named.ca instead of
root.hints for the filename. And you also need to substitute
the name of a system or an IP address of a system that should normally be
reachable over your Internet connection for some.machine.net
References:
-
Configuring DNS > Configuring named
O'Reilly - Safari Books Online
-
LOCAL AREA NETWORK DOMAIN NAME SYSTEM (DNS)
Small Enterprise Networking and
Computing Primer
-
Keeping it working
Linux.com
[/network/dns]
permanent link
Wed, Jan 18, 2006 1:07 pm
Network Solutions DNS Outage on January 18, 2006
A short while ago I found that I couldn't access my website. I then
discovered that I couldn't retrieve IP addresses for any of my domain
names for which I have
DNS
service from
Network Solutions.
Network Solutions is probably the largest domain name registrar in the world.
I've been using
GoDaddy primarily for
registering domain names for quite some time, since their service is as good
or better than Network Solutions service and they are a lot cheaper, but I still
have some domain names registered with Network Solutions.
At the Internet Storm Center (ISC), I found
a posting from
Swa Frantzen at 2006-01-18 17:14:32 UTC regarding reports that Network Solutionsworldnic DNS servers are not responding to name queries. Network Solutions
name servers have names of the form nsxx.worldnic.com, where xx is some number.
I called the Network Solutions customer support number. I heard a recorded
message stating that they are experiencing a widespread outage and are working
diligently to resolve the problem, which is their highest priority at the
moment. There was no estimated time for restoring service.
The 24 x 7 Network Solutions support numbers are as follows:
In the U.S. and Canada call:
1.888.642.9675 (General Support)
1.866.391.HELP (Technical Assistance)
Outside the U.S. call:
1.570.708.8788
I first noticed the problem at noon US
EST. At 12:55 PM EST, the
problem was resolved. I could then successfully lookup IP addresses for
domain names hosted with Network Solutions. I don't know when the problem
first started, but it appears to have taken at least an hour to resolve
(I'm presuming I didn't see it at the exact moment it started).
[/network/dns]
permanent link
Fri, Jul 08, 2005 8:51 am
Starting and Stopping No-IP Service
If your system is connected to the Internet by a dynamic Internet Protocol
(IP) address, but you need to be able to reach the system with a fixed
name, you can use a dynamic Domain Name System (DNS) service, such as the
one provided by No-Ip.com. You can
install their dynamic update client on the system and it will report its
IP address to No-Ip's DNS servers.
If the No-IP Dynamic Update Client (DUC) software on a system is not
updating the IP address for the system with
No-IP's servers, you can start and stop the service from the command line
(you may need to be logged into an account in the administrator group) by
using the following commands:
net stop noipducservice
net start noipducservice
You can determine when a system last updated its address with No-Ip's
servers by logging into your No-Ip account and under "Hosts/Redirects",
click on "Manage". Locate the name of the system in question and click on
"Modify" for it. You will see a "Last Update" for it.
[/network/dns]
permanent link
Privacy Policy
Contact
