DNS server configuration: dig @localhost myserver NXDOMAIN
Hi, I've tried to look in all topics, but I was not able to find any solution.
I'm installing a DNS service over a Mac OSX Server 10.6, but I'm still having lots of problems with the configuration.
While the forwarders works greatly, the internal zone do not works:
$ dig @localhost www.google.com
; <<>> DiG 9.6.0-APPLE-P2 <<>> @localhost www.google.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3652
$ dig @localhost myserver
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63100
$ dig @localhost -x 192.168.0.202
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30287
This is my configuration:
$ hostname
myserver.private
$ ifconfig
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.0.202 netmask 0xffffff00 broadcast 192.168.0.255
$ tail /etc/dns/options.conf.apple
directory "/var/named";
forwarders { 208.67.222.222; 208.67.220.220; 192.168.0.1; };
allow-transfer { none; };
$ tail /etc/dns/publicView.conf.apple
acl "com.apple.ServerAdmin.DNS.public" {localnets;};
view "com.apple.ServerAdmin.DNS.public" {
//GUID=44FBB9A0-2F7F-4C09-ADD8-DD4615137B72;
allow-recursion {"com.apple.ServerAdmin.DNS.public";};
zone "private." {
type master;
file "db.private.";
allow-transfer {none;};
allow-update {none;};
zone "0.168.192.in-addr.arpa." {
type master;
file "db.0.168.192.in-addr.arpa.";
allow-transfer {none;};
allow-update {none;};
zone "." {
type hint;
file "named.ca";
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
$ tail /var/named/zones/db.private.zone.apple
$TTL 10800
private. IN SOA myserver.private. admin.private. (
2009111407 ;Serial
86400 ;Refresh
3600 ;Retry
604800 ;Expire
345600 ;Negative caching TTL
private. IN NS myserver
myserver IN A 192.168.0.202
$ tail /var/named/zones/db.0.168.192.in-addr.arpa.zone.apple
$TTL 10800
0.168.192.in-addr.arpa. IN SOA myserver.private. admin.private. (
2009111403 ;Serial
86400 ;Refresh
3600 ;Retry
604800 ;Expire
345600 ;Negative caching TTL
0.168.192.in-addr.arpa. IN NS myserver.private.
202.0.168.192.in-addr.arpa. IN PTR myserver.private.
Does anybody have any suggestion ?
Thanks Felix for quick response.
In your scenario:
1. You configured to different DNS servers and probably only one of them replied to DNS queries. And this is OK.
2. When non valid IP configured means that DNS server will not reply to DNS query and than failover will query the second DNS server in the list. And this is also OK.
I'm looking 2 different DNS servers configuration when one of them will reply to different domains. For example:
First server will reply to *.mycompany.com.
The second one will reply to any query except mycompany.com domain(since it is not published).
Thanks again,
Oleg.
Similar Messages
-
DNS server configuration and behaivour
Hi all,
I'm looking for detail explanations which can explain how Mac OS X 10.6 *DNS client* works and may be configured.
According to http://discussions.apple.com/thread.jspa?threadID=2227251 nothing is not guaranteed like order and failover.
According to http://support.apple.com/kb/HT4030 failover will take affect when DNS server returns with SERV_FAIL (0x2) error code. What about NXDOMAIN (0x3) error code (which is more interesting scenario)?
What I'm looking for DNS client?
I'm looking for several DNS servers configuration which allow to split DNS domains for several areas. This, for example, may be very useful for VPN connections when VPN DNS server will resolve internal resource and another server (configured before VPN tunnel established) will resolve external resources.
Is there any possible configuration to achieve this requirement for Mac OS?
Thanks in advance,
Oleg.Thanks Felix for quick response.
In your scenario:
1. You configured to different DNS servers and probably only one of them replied to DNS queries. And this is OK.
2. When non valid IP configured means that DNS server will not reply to DNS query and than failover will query the second DNS server in the list. And this is also OK.
I'm looking 2 different DNS servers configuration when one of them will reply to different domains. For example:
First server will reply to *.mycompany.com.
The second one will reply to any query except mycompany.com domain(since it is not published).
Thanks again,
Oleg. -
DNS server configuration on solaris 10
Please, can somebody give me the way, step by step to configure a DNS server on solaris 10. i want to have the directories and files that it is necessary to modify and the modification to have a domain name "deptech.lan" with ip adress of the DNS server 192.168.100.2.
thank> Please, can somebody give me the way, step by step to
configure a DNS server on solaris 10. i want to have
the directories and files that it is necessary to
modify and the modification to have a domain name
"deptech.lan" with ip adress of the DNS
server 192.168.100.2.
>
> thankDo this in this way,
1. unconfig your system
# sys-unconfig
2. Then press " Y" after that it wil reboot..
3. Then it will start config.
4. you can see like that,
Network ( y/n)
Network Interfence ( acc. 2 ur NIC , e.g. rstl0 /nge0 etc..)
select it. If you have two NIC in your system. then you choose any one..
5. Enter your " Host name"
6. then system ip
7. Then some stpes wll appear, it shows,, DHCp, Enable Ipv6 etc.. select acc. 2 ur configartion.
8. Then it will appear ' name service"
then select " Dns"
9. Give your DNS server name
10 . enter " server ip "
then search domain ( enter acc. 2 ur config/ may leave blank)
N.B: for going next stages / contiues you have to use " F2" key..
then it will configured..
Let me know if its ok or for any problem..
Thanks
Partha -
I used the following commands to enable DNS server on my 2651XM router running IOS 12.4(1a - C2600-ADVENTERPRISEK9-M):
ip dns server
ip dns spoofing xxx.xxx.xxx.xx
Now, I'd like to add one local zone to it so it resolves it locally? ..how do I go about doing that?
Thanks!anyone?
-
DNS server required for default route
I'm trying to find out if Apple is aware of this requirement, as it is problematic for network engineers.
The summary of the problem is that without a DNS server configured, mavericks will not activate the default route. So if you configure a DHCP scope without a DNS server, your Mac will not be able to have IP connectivity outside it's local subnet.
I blogged the details of this bug/feature: http://transmitfailure.blogspot.com/2014/02/mac-os-x-mavericks-dns-server-requir ed.html
I'd really like to hear from Apple, just to say if this is intended or not. The commenter said this is happening on 10.9.2 as well as the 10.9.1 I tested.You're very unlikely to receive a direct response on that from Apple through these discussions.
https://bugreport.apple.com may get something. -
Register global IPv6 Address on NRPT defined DNS-Server
Hello
I have implemented IPv6 on my home network and I am using Windows Firewall with IPSec to secure connections from foreign networks to my home network.
I configured a NRPT with generic rules for my domain so my client is using the home DNS-Server to resolve names of computers on my home network. This is working quite good so far but I it seems like the foreign client does not register his own
global IPv6 on the home DNS-Server.
When i run ipconfig /registerdns the list of servers to which the update has been sent to is empty (<?>) while the DNS-Server list does not mention the DNS-Server configured using NRPT. So my very simple question is: How can I configure my Client to
register DNS based on the NRPT or a static list of DNS-Servers?Hi,
Does the FQDN of the foreign client match the NRPT rule?
Please make sure that the FQDN of the foreign client matches the NRPT rule. Then when the client try to send a update packet, it will be redirect to the internal DNS server.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
I have an Actiontec router that is my primary router, and where my broadband connection is. Behind this I have a second Actiontec that is connected via a MoCA extension in my bedroom and a Netgear router that is connected to the primary via wired ethernet. The Netgear is handling wireless only.
At present the two routers behind the primary router have no DNS server configured. I would like to make the primary router the defacto DNS server. Is it just as easy as pointing the two routers behind the primary to it, or is there more to this. Second the primary router's Network (Home/Office) section is not pointing to any DNS server. Do I just point this section to the IP of the primary also?
Last but not least I would like to resolve the names I gave my routers to their IPs. The problem I see is that the primary router cannot have a DNS entry for itself. Is there anyway to get around this?
Thanks,
Steve
Solved!
Go to Solution.If the second Actiontec is functioning as a MOCA bridge, it is NOT functioning as a router and it's DHCP server must be disabled. Therefore, it is NOT supplying DNS addresses.
Whether the Netgear is functioning as a router depends on whether it is connected to the primary LAN-to-WAN or LAN-to-LAN.
If configured LAN-to-LAN, then the Netgear is functioning only as a WAP and not as a router and it's DHCP server should also be DISABLED.
Your primary Actiontec should be the only one of the three with DHCP server enabled. It will then be the only source of DNS addresses. -
Dear Community!
Could someone help me to fine-tuning DNS server configuration?
I'm configuring an IOS router act as a DNS server with the following parameters:
ip name-server [IP #1] [IP #2]
ip dns server
ip domain round-robin
ip domain name [domain.net]
The 1st DNS server is a public DNS server accessible from Internet, the 2nd one is a private corporate DNS server accessible from a site-2-site tunnel.
The client PCs at the remote end of the IPSec tunnel should query public DNS names from public DNS server, and the records of our private DNS domain.
Is it possible to configure a "policy" to query corporate DNS domain from a dedicated DNS server, and the other public DNS name from the public one?
Thanks in advance!
Best Regards,
Belabacsi
from Budapest, HungarySure, it's called DNS Proxy. It's not supported on all devices, so you'll have to check.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123relnt/800/rn830xc3.htm
DNS Proxy
In virtual private network (VPN), Point-to-Point Protocol over Ethernet (PPPOE), etc. PCs connected to the LAN may get Dynamic Host Configuration Protocol (DHCP) parameters including the IP addresses of the Domain Name System (DNS) server prior to the router connecting to the WAN to get the information over IP Control Protocol (IPCP). The objective with Proxy DNS (or caching-only name server) enables the router to receive DNS queries on behalf of the real DNS servers and proxy for the hosts on the LAN connected users. This enables the DHCP server to immediately send the hosts the router's own LAN address in lieu of the DNS server's IP address. The router forwards the DNS queries from local users to real DNS servers after the WAN connection comes up and caches the DNS records in response. Over the time, cache includes the DNS information most often requested by the local resolvers and this can reduce the overhead of packets to the WAN.
The router must obtain the correct DNS server information from the WAN in order for it to function as a proxy DNS server.
The global configuration command ip dns server enables DNS proxy server functionality on the router, and causes it to forward DNS queries to the actual DNS servers. The global configuration command dns-server address causes the router to respond to DNS queries with its own IP address.
HTH and please rate. -
I have a local LAN DNS server. My preferences point to that server. Why does dig give me 8.8.8.8 as my DNS server?
Something is/was modifying my DNS preferences to 8.8.8.8 It seems to be pointed correctly now (at my local LAN DNS server), but why was it pointed at 8.8.8.8 before? I never want it pointed to 8.8.8.8You've hit the nail on the head Ben. For point to point communications, the IP addresses should be fixed, therefore there is no need for DNS. If a DNS is configured, the NIC (Network Interface Card) drivers will try to contact it.
In my test system, I need DNS for the test computer, but I am communicating with a dedicated Spectrum Analyzer over TCP/IP. So I added a second NIC. The main NIC is configured for DNS and all that jazz. The second NIC (plugged into PCI slot) is configured with a hard coded address, no DNS, no Gateway, nothing else. I connect that NIC to the spectrum analyzer using a crossover cable. The analyzer is configured with a hard coded address also. Now my computer can get on our company network, and the spectrum analyzer is isolated from the network, so it can't catch any viruses, etc., and it still talks to the computer. When using a configuration such as this, it is best to use a dedicated address for the 2nd NIC and spectrum analyzer in the range of 192.168.100.0 to 254
- tbob
Inventor of the WORM Global -
I originally posted this question to the community section and was advised to post it here. Please bear with me as this will be a long post. I'm including the scenarios involving this reoccurring issue, the trouble shooting steps I've already
taken and the results of several diagnostic tools and logs.
I have a Sony VAIOS VPCEBB33FM lap top since 2011. I have had this issue on an off for a long time. I'm at my wit's end. Any new insights or suggestions would be greatly appreciated.
Scenario Details
1) Some times it's on and off through out the day, sometimes it won't work all day, and once in a while it will work fine for the entire day.
2) I've had this issue across several wireless services, Clear Network accessed with WiMax, Library Wi-fi, Comcast cable internet using wireless router and Wi-fi, and Comcast Xfinity Wi-Fi, to name a few examples.
3) Other devices in the household or library will work with no problems such as my smart phone or my roommates' laptops or desktop computers.
4) Once in a while, the built-in wireless adapter is not found and I have to reinstall the driver. Also the diagnostic tool has had to reset my adapter on an increasing basis.
5) I had my hard drive replaced in December 2014 and my system restored from the System Restore disks that came with it when I bought the laptop. Even though I've been online on an infrequent basis it worked just fine for a while. Now that
I've been online a bit more I'm having the same issues again.
Below are my attempts at trouble shooting so far but I still have not been able to consistently resolve my DNS issues
1) Restarting my adapter
2) Turning off my laptop and removing the power supply for 5-10 minutes before turning it back on.
3) Using the IP Config in Command Prompt
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
4) Using the NetSh reset in Command Prompt and restarting my laptop
netsh int ip reset c:\resetlog.txt
netsh winsock reset
ipconfig /flushdns
[restart laptop]
5) Configuring the TCP/IP in several settings
Select Internet Protocol Version 4 (TCP/IPv4), and then click Properties.
I have used the following settings:
a) Obtain an DNS server address automatically
b) OpenDNS
208 67 222 222
208 67 220 220
c) Google DNS
8 8 8 8
8 8 4 4
6) Updating the driver for my Intel Centrino(R) Advanced-N 6250 AGN and Intel Centrino(R) WIMAX 6250 from the Intel website previous having my laptop wiped clean in 2014. It still did not resolve the issue. My laptop
manufacturer as not come up with an driver update for my adapter since 2010. I haven't tried to update the adapter driver from Intel's website since having my laptop repaired due to the fact that Intel strongly recommending using the manufacturer's updates
instead and frankly it didn't make much of a difference when I did it the first time.
7) The last one I've tried as of today is going into Services and changing the start up type to automatic for the following:
Computer Browser [changed from manual to automatic]
DHCP Client [already set to automatic]
DNS Client [already set to automatic]
Network Connections [already set to automatic]
Network Location Awareness [changed from manual to automatic]
Remote Procedure Call (RPC) [already set to automatic]
Server [already set to automatic]
TCP/IP Netbios helper [already set to automatic]
Workstation [already set to automatic]
...and I'm still having DNS issues.
My only guessing are that my laptop came with a lemon adapter that needs to be replaced, some advanced setting(s) that I'm not aware off, or my firewall/anti-virus is interfering. I've used Symmantic Anti-virus and Firewall in the past and currently
Avast Anti-Virus with Microsoft Network Firewall. I've had DNS issues with both anti-virus/firewall set ups.
Below are the results from the diagnostics and tests that I've ran.
Windows Network Diagnostics
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding Detected Detected
Contact your network administrator or Internet service provider (ISP) Completed
Windows can't communicate with the device or resource (DNS server). The computer or service you are trying to reach might be...
Details about network adapter diagnosis:
Network adapter Wireless Network Connection driver information:
Description . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6250 AGN
Manufacturer . . . . . . . . . : Intel Corporation
Provider . . . . . . . . . . . : Intel
Version . . . . . . . . . . . : 13.2.1.5
Inf File Name . . . . . . . . . : C:\Windows\INF\oem17.inf
Inf File Date . . . . . . . . . : Monday, June 14, 2010 9:05:44 AM
Section Name . . . . . . . . . : Install_MPCIEX_GEN_6250_AGN_2x2_HMC_WIN7_64_MOW
Hardware ID . . . . . . . . . . : pci\ven_8086&dev_0087&subsys_13018086
Instance Status Flags . . . . . : 0x180200a
Device Manager Status Code . . : 0
IfType . . . . . . . . . . . . : 71
Physical Media Type . . . . . . : 9
Informational Diagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
Information for connection being diagnosed
Interface GUID: 70a0781d-6329-45e4-8d7c-34aeca294c39
Interface name: Intel(R) Centrino(R) Advanced-N 6250 AGN
Interface type: Native WiFi
Connection incident diagnosed
Auto Configuration ID: 1
Connection ID: 1
Connection status summary
Connection started at: 2015-03-07 19:57:14-186
Profile match: Success
Pre-Association: Success
Association: Success
Security and Authentication: Success
List of visible access point(s): 22 item(s) total, 22 item(s) displayed
BSSID BSS Type PHY Signal(dB) Chnl/freq SSID
60-02-92-C6-D3-E8 Infra <unknown> -62 11 HOME-C7D4-2.4
60-02-92-A1-75-E0 Infra <unknown> -58 6 HOME-B917-2.4
00-1D-D5-D5-34-F0 Infra <unknown> -73 6 HOME-34F2
60-02-92-A1-75-E1 Infra <unknown> -58 6 (Unnamed Network)
06-1D-D5-D5-34-F0 Infra <unknown> -78 6 xfinitywifi
C4-27-95-C9-C4-2D Infra <unknown> -57 1 HOME-C42D
02-1D-D5-D5-34-F0 Infra <unknown> -74 6 (Unnamed Network)
00-0D-97-07-E0-79 Infra g -75 6 (Unnamed Network)
00-1D-CF-2A-44-C0 Infra <unknown> -86 6 HOME-44C2
02-1D-CF-2A-44-C0 Infra <unknown> -86 6 (Unnamed Network)
F8-E4-FB-3C-87-A2 Infra <unknown> -89 6 YVNM7
06-1D-CF-2A-44-C0 Infra <unknown> -87 6 xfinitywifi
0C-F8-93-7A-13-50 Infra b -87 6 PKennedy
06-F8-93-7A-13-50 Infra b -89 6 xfinitywifi
02-F8-93-7A-13-50 Infra b -87 6 (Unnamed Network)
E0-88-5D-C8-A9-DC Infra <unknown> -80 1 HOME-A9DC
E2-88-5D-C8-A9-DD Infra <unknown> -79 1 (Unnamed Network)
16-CF-E2-43-0B-30 Infra <unknown> -88 1 xfinitywifi
60-02-92-F0-A8-C0 Infra <unknown> -90 11 HOME-96A6-2.4
60-02-92-C6-D3-E9 Infra <unknown> -63 11 (Unnamed Network)
02-1D-D4-EB-87-00 Infra <unknown> -88 11 (Unnamed Network)
06-1D-D4-EB-87-00 Infra <unknown> -88 11 xfinitywifi
Connection History
Information for Auto Configuration ID 1
List of visible networks: 13 item(s) total, 13 item(s) displayed
BSS Type PHY Security Signal(RSSI) Compatible SSID
Infra <unknown> Yes 63 Yes HOME-C7D4-2.4
Infra <unknown> Yes 70 Yes HOME-B917-2.4
Infra <unknown> Yes 43 Yes HOME-34F2
Infra <unknown> Yes 70 Yes (Unnamed Network)
Infra <unknown> No 40 Yes xfinitywifi
Infra <unknown> Yes 71 Yes HOME-C42D
Infra g No 43 Yes (Unnamed Network)
Infra <unknown> Yes 28 Yes HOME-44C2
Infra <unknown> Yes 20 Yes YVNM7
Infra b Yes 21 Yes PKennedy
Infra <unknown> Yes 33 Yes HOME-A9DC
Infra <unknown> Yes 35 Yes (Unnamed Network)
Infra <unknown> Yes 16 Yes HOME-96A6-2.4
List of preferred networks: 3 item(s)
Profile: xfinitywifi
SSID: xfinitywifi
SSID length: 11
Connection mode: Infra
Security: No
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: Yes
Profile: HTC Portable Hotspot 9F50
SSID: HTC Portable Hotspot 9F50
SSID length: 25
Connection mode: Infra
Security: Yes
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: No
Reason: 0x00028002
Profile: belkin.332
SSID: belkin.332
SSID length: 10
Connection mode: Infra
Security: Yes
Set by group policy: No
Connect even if network is not broadcasting: No
Connectable: No
Reason: 0x00028002
Information for Connection ID 1
Connection started at: 2015-03-07 19:57:14-186
Auto Configuration ID: 1
Profile: xfinitywifi
SSID: xfinitywifi
SSID length: 11
Connection mode: Infra
Security: No
Pre-Association and Association
Connectivity settings provided by hardware manufacturer (IHV): No
Security settings provided by hardware manufacturer (IHV): No
Profile matches network requirements: Success
Pre-association status: Success
Association status: Success
Last AP: 06-1d-d5-d5-34-f0
Security and Authentication
Configured security type: Open
Configured encryption type: None
802.1X protocol: No
Key exchange initiated: Yes
Unicast key received: No
Multicast key received: No
Number of security packets received: 0
Number of security packets sent: 0
Security attempt status: Success
Connectivity
Packet statistics
Ndis Rx: 2068
Ndis Tx: 2543
Unicast decrypt success: 0
Multicast decrypt success: 0
Unicast decrypt failure: 0
Multicast decrypt failure: 0
Rx success: 3954
Rx failure: 0
Tx success: 537
Tx failure: 4
Tx retry: 2
Tx multiple retry: 2
Tx max lifetime exceeded: 0
Tx ACK failure: 18
Roaming history: 0 item(s)
InformationalDiagnostics Information (Wireless Connectivity)
Details about wireless connectivity diagnosis:
For complete information about this session see the wireless connectivity information event.
Helper Class: Auto Configuration
Initialize status: Success
Information for connection being diagnosed
Interface GUID: 70a0781d-6329-45e4-8d7c-34aeca294c39
Interface name: Intel(R) Centrino(R) Advanced-N 6250 AGN
Interface type: Native WiFi
Result of diagnosis: There may be problem
Network Connection details from Command Prompt (some info hidden for security reasons)
Connection-specific DNS Suffix:
Description: Intel(R) Centrino(R) Advanced-N 6250 AGN
Physical Address: 00-23-15-54-19-B8
DHCP Enabled: Yes
IPv4 Address: 192.168.X.XX
IPv4 Subnet Mask: 255.255.XX.X
Lease Obtained: Saturday, March 07, 2015 7:57:14 PM
Lease Expires: Saturday, March 07, 2015 8:24:44 PM
IPv4 Default Gateway: 192.168.X.X
IPv4 DHCP Server: 192.168.X.X
IPv4 DNS Servers: 75.75.75.75, 75.75.76.76
IPv4 WINS Server:
NetBIOS over Tcpip Enabled: Yes
Link-local IPv6 Address: fe80::b8de:3ac9:e166:XXX%XX
IPv6 Default Gateway:
IPv6 DNS Server:
Results of Ping and Trace Route in Command Prompt
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>ping 127.0.0.1
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\Windows\system32>ping www.youtube.com
Pinging youtube-ui.l.google.com [173.194.121.6] with 32 bytes of data:
Reply from 173.194.121.6: bytes=32 time=24ms TTL=55
Reply from 173.194.121.6: bytes=32 time=19ms TTL=55
Request timed out.
Request timed out.
Ping statistics for 173.194.121.6:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 24ms, Average = 21ms
C:\Windows\system32>ping 74.125.239.34
Pinging 74.125.239.34 with 32 bytes of data:
Request timed out.
Request timed out.
Reply from 74.125.239.34: bytes=32 time=3286ms TTL=50
Request timed out.
Ping statistics for 74.125.239.34:
Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),
Approximate round trip times in milli-seconds:
Minimum = 3286ms, Maximum = 3286ms, Average = 3286ms
C:\Windows\system32>ping www.hotmail.com
Pinging dispatch.kahuna.glbdns2.microsoft.com [65.55.157.204] with 32 bytes of data:
Reply from 65.55.157.204: bytes=32 time=111ms TTL=237
Request timed out.
Request timed out.
Reply from 65.55.157.204: bytes=32 time=1537ms TTL=237
Ping statistics for 65.55.157.204:
Packets: Sent = 4, Received = 2, Lost = 2 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 111ms, Maximum = 1537ms, Average = 824ms
C:\Windows\system32>ping 207.46.11.236
Pinging 207.46.11.236 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 207.46.11.236:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\Windows\system32>tracert www.youtube.com
Tracing route to youtube-ui.l.google.com [173.194.121.5]
over a maximum of 30 hops:
1 19 ms 13 ms 17 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 13 ms 13 ms 27 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net [68.85.192.205]
3 20 ms 26 ms 21 ms he-5-10-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.94.249]
4 18 ms 34 ms 22 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 19 ms 18 ms 18 ms 50-248-116-190-static.hfc.comcastbusiness.net [50.248.116.190]
6 35 ms 18 ms 18 ms 209.85.249.217
7 21 ms 19 ms 19 ms 72.14.233.93
8 * * * Request timed out.
9 * 2509 ms 677 ms iad23s25-in-f5.1e100.net [173.194.121.5]
Trace complete.
C:\Windows\system32>tracert 74.125.239.34
Tracing route to nuq04s19-in-f2.1e100.net [74.125.239.34]
over a maximum of 30 hops:
1 54 ms 23 ms 12 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 22 ms 19 ms 17 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 19 ms 19 ms 18 ms he-5-14-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.166.121]
4 18 ms 18 ms 18 ms he-0-15-0-0-cr01.350ecermak.il.ibone.comcast.net[68.86.85.74]
5 19 ms 18 ms 22 ms 50-248-116-190-static.hfc.comcastbusiness.net [50.248.116.190]
6 22 ms 36 ms 19 ms 209.85.249.217
7 26 ms 23 ms 25 ms 209.85.143.112
8 * * * Request timed out.
9 * * * Request timed out.
10 972 ms * * 216.239.51.97
11 148 ms 97 ms 95 ms 216.239.46.241
12 324 ms 130 ms 432 ms 209.85.246.252
13 * * * Request timed out.
14 1403 ms 101 ms 126 ms nuq04s19-in-f2.1e100.net [74.125.239.34]
Trace complete.
C:\Windows\system32>tracert www.hotmail.com
Tracing route to dispatch.kahuna.glbdns2.microsoft.com [65.55.157.144]
over a maximum of 30 hops:
1 13 ms 13 ms 25 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 13 ms 15 ms 13 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 20 ms 19 ms 17 ms he-5-13-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.95.145]
4 17 ms 20 ms 20 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 17 ms 18 ms 38 ms as8075-2-c.ashburn.va.ibone.comcast.net [173.167.58.82]
6 18 ms 18 ms 36 ms ae4-0.ash-96cbe-1a.ntwk.msn.net [207.46.36.172]
7 * * * Request timed out.
8 * 2191 ms 35 ms ae0-0.atb-96cbe-1b.ntwk.msn.net [191.234.81.167]
9 * * * Request timed out.
10 * * * Request timed out.
11 86 ms 84 ms 84 ms ae4-0.lax-96cbe-1a.ntwk.msn.net [191.234.83.150]
12 86 ms 86 ms 87 ms ae9-0.by2-96c-1a.ntwk.msn.net [207.46.42.176]
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 87 ms 84 ms 85 ms origin.by173w.bay173.mail.live.com [65.55.157.144]
Trace complete.
C:\Users\C.Cunningham>tracert 207.46.11.236
Tracing route to origin.by181w.bay181.mail.live.com [207.46.11.236]
over a maximum of 30 hops:
1 16 ms 16 ms 19 ms xfwsr12-nwca-01.sys.comcast.net [68.85.15.244]
2 18 ms 13 ms 13 ms ae-14-32767-ar03.newcastle.de.panjde.comcast.net[68.85.192.205]
3 21 ms 19 ms 21 ms he-5-12-0-0-cr01.ashburn.va.ibone.comcast.net [68.86.95.141]
4 18 ms 21 ms 18 ms he-0-13-0-0-pe07.ashburn.va.ibone.comcast.net [68.86.86.50]
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
Results of Intel WiFi Manual Diagnostics
Test Name Test Result Test Summary
Hardware Test Passed Wireless Hardware is enabled
Driver Test Passed Diver is loaded. NETwNs64 Version 13.3.0.24
Radio Test Passed Radio is ON
Scan Test Passed There are 25 Networks available to connect
Association Test Passed Associated
Authentication Test Passed Authenticated
Signal Test Passed Signal Quality: Poor
Ping Test Failed No Reponse: default gateway, DHCP server
I hope this information is enough to get to the root of this problem once and for all. Please let me know if you any other information such as event logs or statistics.
Thanks in advance.Results of Intel WiFi Event View Log (I deleted some lines since there were basically repeats of the same messages)
#Event Source Time
Error Severity Domain
User Description
45 EvtEngine
3/8/2015 20:40 Success
Connection SYSTEM
iAMT - Failed to read Windows Events Log
46 S24EvMon
3/8/2015 20:41 Information
AppDriver
SYSTEM
Getting List of adapters.
47 S24EvMon
3/8/2015 20:41 Information
AppDriver
SYSTEM
Intel adapter(s) found.
156 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
AddToExclude 06:1d:d5:d5:34:f0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_AUTH_FAILURE
157 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
ATC 06:1d:cf:2a:44:c0 xfinitywifi 6 RSSI=-88
158 S24EvMon
3/8/2015 20:47 Error
Driver SYSTEM
AssociationFailure 06:1d:cf:2a:44:c0 xfinitywifi 6 CNCT_GENERAL_FAILURE
159 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
AddToExclude 06:1d:cf:2a:44:c0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
160 S24EvMon
3/8/2015 20:47 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-79
161 S24EvMon
3/8/2015 20:47 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
162 S24EvMon
3/8/2015 20:47 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -77
163 S24EvMon
3/8/2015 20:49 Information
TCP/IP SYSTEM
VoIP: Got link down - deleting flows .
164 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-88
165 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
166 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
AddToExclude 06:1d:d4:eb:87:00 xfinitywifi 11 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
167 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-89
168 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
169 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
AddToExclude 06:1d:d4:eb:87:00 xfinitywifi 11 WEV_EXCLUDE_LIST_REASON_802_11_ASSOC_FAILURE
170 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d4:eb:87:00 xfinitywifi 11 RSSI=-90
171 S24EvMon
3/8/2015 20:49 Error
Driver SYSTEM
AssociationFailure 06:1d:d4:eb:87:00 xfinitywifi 11 CNCT_GENERAL_FAILURE
172 S24EvMon
3/8/2015 20:49 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-82
173 S24EvMon
3/8/2015 20:49 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
174 S24EvMon
3/8/2015 20:49 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -81
175 S24EvMon
3/8/2015 20:50 Information
Driver SYSTEM
AddToExclude 06:1d:d5:d5:34:f0 xfinitywifi 6 WEV_EXCLUDE_LIST_REASON_802_11_AUTH_FAILURE
176 S24EvMon
3/8/2015 20:50 Information
Driver SYSTEM
ATC 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-79
177 S24EvMon
3/8/2015 20:50 Success
Driver SYSTEM
RxAuthSuccess 06:1d:d5:d5:34:f0 6
178 S24EvMon
3/8/2015 20:50 Success
Driver SYSTEM
RxAssocResp 06:1d:d5:d5:34:f0 6 -80
179 S24EvMon
3/8/2015 21:03 Information
Driver SYSTEM
RoamTrigger 06:1d:d5:d5:34:f0 xfinitywifi 6 RSSI=-81 MisBcn=8 RSSITh=-85 Roam Other Reason
186 S24EvMon
3/8/2015 21:21 Information
General
SYSTEM
DeviceIoCtrlS24NDIS: (2) Failed to send OID 0xff100055 to driver. Error - 31
187
S24EvMon
3/8/2015 21:21 Information
General
SYSTEM
DeviceIoCtrlS24NDIS - Dot11ExtNicSpecificExtension failed (31) -
How to configure DNS server to redirect all web traffic to one external website?
I'd like to use the DNS service on my OS X Server as a way to force all all web traffic to one specific, external website. Not quite sure how to go about configuring it, though - any recommendations?
(BTW, this is, obviously, not our primary DNS server; I intend to silently update the preferred DNS server for users who fail to complete their timesheets in order to force the issue)Web clients don't generate uniquely-identifiable DNS queries; there's no SRV request or related traffic that you could select on and spoof. So if you do implement this, everything querying the spoofing DNS server will get the spoofed host, or you'll have to spot specific queries that are likely web queries; Facebook, Google, Bing, etc.
If you still want to implement this, then I'd probably replace the DNS server with a runt DNS server (maybe hack dnsmasq or maraDNS, or create yourself a trivial DNS server) and have that always return the specified IP address. This avoids having to hack BIND to be universally authoritative, which is probably on par with hacking a simpler DNS server to always return a fixed IP address, and the latter is probably easier to undo.
A firewall can spot TCP port 80 and port 443 traffic, unlike a DNS server. Firewalling outbound port 80 traffic is more typical of these requests, and either trap that traffic to a specific web page based on the capabilities of the firewall, or the web proxy approach that Camelot suggests. There are folks that tie access into the web proxies into external authentication and related; that'd be able to do what you want. Web proxies are usually combined with firewall blocks, as most sites want only the web proxy to have external access, too. But this is also rather more pieces than a DNS redirect, too. -
Proper Configuration of DNS server for our new branch office
Hi All,
Our new office will setup a new branch office with a routed network link to our HO. In HO, we have 2 domain controllers configured as AD and DNS just for fail over scenarios.
How will we configure the DNS server of our 3rd domain controller which we will placed in the new branch office. What would be the proper settings of DNS server integrated to AD to work well especially to have a successful replication and communication to
the 2 DC's located in HO?Hi,
If you have multiple DC's in that site i would recommend using any of the partner DC's IP addresses as preferred one and secondary DNS IP to pointing to itself. Dont use loopback addresses configure it with actual IP addresses.
If you have only one server in branch office point itself as the primary DNS and HO DC as secondary and tertiary.
Make sure that all clients in your branch site are pointing to the branch DC as primary DNS server.
Regards,
Rafic
If you found this post helpful, please give it a "Helpful" vote.
If it answered your question, remember to mark it as an "Answer".
This posting is provided "AS IS" with no warranties and confers no rights! Always test ANY suggestion in a test environment before implementing! -
Do I have to configure DNS server before configuring VPN server?
Hi,
In my journey to get this mac os X server to actually work...
Do I need to configure DNS server on Mac OS X server first before setting up VPN or ICHAT server?
Or, it seems that I can use my D-Link Gaming router as a DNS server.
I think I'm most confused with which numbers to enter as my DNS... is it the local IP of my mac mini being used as the server (192.168.0.1) or is it the IP address assigned to my cabel modem?
There are so many posts on this, I am feeling lost.... has anyone found a really great step by step that explains how to do this?
thanks
Ethan-Ethan,
My experience is that it is absolutely necessary to have an external DNS server setup correctly BEFORE you even start installing your OS X Server, so why not keep it. Still, once you have set up OS X Server, you can also use its own DNS server, but be VERY careful to set it up correctly. DNS mistakes, especially the ones regarding server's own IP addresses, are usually not forgiven by OS X Server. Many of us here have learned that the hard way. As for me, I prefer to have a dedicated DNS.
Best regards,
Andrus -
Hello,
I found a test environment and I just trying to understand how it works.
If I have two domains (a.com and b.com) with sub domains(a1.com and b1.com) with two way trust and I want them to point to a Windows DNS server. How should the Forward lookup zones and Reverse lookup zones be configured? In forward lookup
zones do I just add a new zone, make them all primary since only one DNS server, add a.com and b.com and do the same for reverse zones.
Do the sub domains need to be added? What about pointers? Do I add the IP address of a.com and b.com in reverse lookup zones.
A side question: When you create a Domain with dns AD intergrated the forward and reserve lookup are automatically created. You don't need to add the zone of the domain you just created but have to add zones of other domains.Hello,
I found a test environment and I just trying to understand how it works.
If I have two domains (a.com and b.com) with sub domains(a1.com and b1.com) with two way trust and I want them to point to a Windows DNS server. How should the Forward lookup zones and Reverse lookup zones be configured? In forward lookup
zones do I just add a new zone, make them all primary since only one DNS server, add a.com and b.com and do the same for reverse zones.
Do the sub domains need to be added? What about pointers? Do I add the IP address of a.com and b.com in reverse lookup zones.
A side question: When you create a Domain with dns AD intergrated the forward and reserve lookup are automatically created. You don't need to add the zone of the domain you just created but have to add zones of other domains.
Make each domain controller as a DNS server too. Reverse lookup zones & forwarders are not replicated automatically. You can create AD-Integrated reverse lookup zone & set the replication scope.
You can create AD-Integrated DNS zones in the parent/root domain, set the replication scope to the forest-wide & delegate the zones for handling request locally. Once you create AD-Integrated DNS zone & set the replication scope forest wide, all
the zones will appear automatically in each domain's DNS server.
http://awinish.wordpress.com/2011/04/09/configuring-dns-in-child-domain/
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights. -
OS X 10.4.11 Server - configured name and reverse DNS do not match / DNS
Hi all,
I have looked for similar posts but all seem to have different scenarios, hoping to get an answer from someone more experienced than myself before I do anything silly.
Help much appreciated!
Scenario:
We run a 10.4.11 OS X Server on an XServe, hosted at an ISP. ISP provides all DNS services, incl. the reversed DNS entry.
I am currently only running the following services (based on the display in ServerAdmin):
AFP
Firewall
iChat
Mail
QuickTimeStreaming
Web
All others (incl. DNS) are grayed out. (As ISP instructed us not to add a DNS service on our box, that's "normal" according to my experiences with dedicated /co-location server hosting).
We never used changeip after the initial setup, meaning the server's
Current Hostname = somename.local and
DNS Hostname = mail.ourdomainname.net
So in system.log I find this re-occuring entry:
Jul 8 11:41:22 somename servermgrd: servermgr_dns: configured name and reverse DNS name do not match (somename.local != mail.ourdomainname.net), various services may not function properly - use changeip to repair and/or correct DNS
Finally, my question:
As Mail and Web services etc. are currently running OK from what I can tell,
1) do I HAVE to change this at all?
2) Would it be much better / why?
3) Could I change this using the following command
(111.11.111.1 indicating the server's IP address)
changeip 111.11.111.1 111.11.111.1 somename.local mail.ourdomainname.net
4) without running a DNS server on the machine, i.e. DNS service is not required for this to work?
5) obviously I want to be able to use Server Admin after I issue this command...
6) can I fall back easily in case this would screw it up, or is there no risk whatsoever doing this in my case?
THANK YOU so much for any help!Hi Jonas
If port 443 is already being used on the same box as KMS then it will complain and probably not start the service? I've seen this with LDAP port 636. This is when Kerio is installed on a server configured as an OD Master. Clearly the port can't be used by both servers.
It might be easier to change the port your sites are currently using to something else? Although don't do anything yet. Pose the question to Kerio Support and see what advice they offer.
Yes moving the mail to a local folder on the mail client will do it.
Is Kerio going on the same box? If its a different box (presumably different IP address?) Then what you can do is to port forward to the new server's IP address instead of disabling it. This way while you are bringing the new server on line users can still send mail right up until the time you give instructions on changing their inbound/outbound mail server details. Of course they won't be able to receive but if you time it right they may not even get an error message? Depends on what their schedules are.
If it was me I would choose IMAP every time. As the mail admin you have full control and a central location for easy backup. KMS has a built in archiving feature that makes this a simple process. This is an easier option than going round individual client machines and making sure mail held locally in POP accounts are backed up. Besides there is always someone who falls through the loop and I'm not taking into account drive failures. It makes good sense anyway as there is talk of legislation being introduced to make this a requirement for businesses who run their own mail servers. This is certainly true for certain parts of the US and what usually happens there is generally taken up in the UK and most parts of Europe.
Kerio's WebMail Client means users don't even have to have their own computer. Just as long as they have access to one that has access to the internet they can send/receive mail. No need for dedicated mail applications such as Apple Mail, Thunderbird, Entourage etc. How mail is uses remains consistent for all users.
Yes. I did this not so long ago with Leopard's built in Mail Server. I sent an e-mail defining a time when no inbound mail would be received. Disabled port forwarding for SMTP port 25 and approx 30 minutes after that another mail stating no outbound mail should be sent. Once everything was swopped over (we were changing from a G4 10.4 server to a G5 10.5 Server) port 25 was enabled, new server brought online and everyone was mailing again with no appreciable downtime.
These boxes were to have the same IP address hence the slightly different approach.
Does this help?
Tony
Maybe you are looking for
-
Error Renaming/Deleting a folder!
Hi Guys - I am having problem renaming and deleteing any folder. The functions return false each time and no delete or rename is done. Can anyone spot what I am doing wrong? Here are the tow methods for this functionality: public boolean renameFolder
-
FINALLY getting to the end of the iCloud upload...
After a week, I am almost through about 23,000 songs (slow internet that has to reset daily). A lot of songs matched, lots were uploaded, and a few were eneligible since they belong to another apple account (and just deleted). The remaining were co
-
Hi all, i want to know the logic maintained in abap program " RSNAST00" to trigger neu type output message and schedule details for that program triggered by batch job . Edited by: tech_bug on Apr 29, 2011 8:36 AM Edited by: tech_bug on May 5, 2011 1
-
Mathing record with partner code else all recoreds shown in '+'
SELECT t.dnd_id, t.dnd_no, t.dnd_size, t.dnd_type, t.dnd_iso_code, t.dnd_carrier, t.dnd_pool_code, t.dnd_hub, t.dnd_booking_no, (SELECT agt_area_agt_code FROM tab_mdl_agent_cont_area WHERE agt_area_hub_code = t.dnd_hub) vwagtcode, t.dnd_bl_no, t.dnd_
-
Populate drop down on pageload using struts
How can i populate my dropdown box from database on pageload event by using struts