Guys need help , from my Local DNS server (internal) name resolution is not happening to few of the domains like cognizant.com, shift4.com etc etc .. what could be the reason actually due to this mails are also not going to these domains as my edge server is pointing to the internal DNS server..PLs suggest what all can i check for this and how to fix this issue ?? Thanks

Hello, for networking there is an own forum available http://social.technet.microsoft.com/Forums/en/winserverNIS/threads Are the domains on the internet or internal domains from your company? Have you configured FORWARDERS on the domain DNS servers to the ISPs one? Please describe some more details about the network and how DNS is configured.Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Check to see the root hints servers on your DNS. How many servers are there listed? Try configuring public dns servers like 8.8.8.8 and 8.8.4.4 as forwarders and test again. Remember to clear the dns cache or use flushdns (dnscmd /clearcache)MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

Meinolf @ the domains what i mentioned is the external one , what i am not able to resolve the names from internal domain ..No forwarders set . Root hints are in place so hope resolution is happening through root hints.. below is the screen shot.. Marius@ When i configured the Public DNS on my EDGE server as i can not set on the DC as of now but when configuring the same on EDGE then mail are going and the name resolution is happening as well from my edge server which is in DMZ and pointing to Local Internal DNS.. while configuring the Google DNS server what you mentioned when configuring this then nslookup is happening . Apart from this i checked the cache.dns file on my Dc is quite old so that could be the reason , and the root hints is updated one. pls help don;t know what to do ti fix this issue... - NS lookup from DC ------------------------------ C:\>nslookup Default Server: DC02.abc.corp.local Address: 10.104.0.41 > cognizant.com Server: DC02.abc.corp.local Address: 10.104.0.41 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. *** Request to DC02.abc.corp.local timed-out > shift4.com Server: DC02.abc.corp.local Address: 10.104.0.41 DNS request timed out. timeout was 2 seconds. DNS request timed out. timeout was 2 seconds. *** Request to DC02.abc.corp.local timed-out >

Hi Jugal, You need to configure your DNS to forward request to external DNS for external name resolutionsThanks and Regards, Mukesh. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Please VOTE as HELPFUL if the post helps you and remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

No why i need that ..as only few of the domains are having the issue not all, and at other site i have same setup and no forwarder set as well things are working their.. Other site mean to say US site. Both sides internet connectivity is separate.

Hello, have you updated the root hints to be sure they are not out of date? If not i suggest to work with the ISPs DNS server as Forwarders. Additioanl see the following article about EDNS0 http://msmvps.com/blogs/acefekay/archive/2010/10/11/edns0-extension-mechanisms-for-dns.aspxBest regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Maybe your firewall is blocking EDNS0. Please read the following article from Ace: http://msmvps.com/blogs/acefekay/archive/2010/10/11/edns0-extension-mechanisms-for-dns.aspx "Here's a quick nslookup command to test if there's an EDNS0 restriction in your firewall: nslookup -type=TXT rs.dns-oarc.net Or if you want to test a specific DNS server for EDNS0 support, whether an internal or external DNS server, use the following method: c:\>nslookup > server 4.2.2.2 <---- you can change this IP to whatever DNS server you want to test for EDSN0 support > set q=txt > rs.dns-oarc.net Look for the part in the response that says, " ...DNS reply size limit is at least xxxx." The xxxx is what it will support. If it's under 512, then it is blocking EDNS0 or the Forwarder you are using is blocking or not allowing/configured to use EDNS0."MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

Meinolf - I have not updated the Root hints as of now.. but i checked from the http://www.internic.net/domain/named.root its upto date but in my cache.dns file is not updated some entries are old seems to be so don;t know that cache.dns file should be updated one as well or it's OK..? Marius - I gone through the URL it's the same what Meinolf mentioned.. so i ran below from my DNS server ..but why at first it did not ran and gave request timed out. but second it gave the results.. is that normal..? ------------------------------------------------ C:\>nslookup Default Server: in1prddc02.abc.corp.local Address: 10.104.0.41 > set q=txt > rs.dns-oarc.net Server: in1prddc02.abc.corp.local Address: 10.104.0.41 DNS request timed out. timeout was 2 seconds. *** Request to in1prddc02.abc.corp.local timed-out > set q=txt > rs.dns-oarc.net Server: in1prddc02.abc.corp.local Address: 10.104.0.41 Non-authoritative answer: rs.dns-oarc.net canonical name = rst.x476.rs.dns-oarc.net rst.x476.rs.dns-oarc.net canonical name = rst.x485.x476.rs.dns-oarc.net rst.x485.x476.rs.dns-oarc.net canonical name = rst.x490.x485.x476.rs.dns-oarc.net rst.x490.x485.x476.rs.dns-oarc.net text = "14.140.149.65 DNS reply size limit is at least 490" rst.x490.x485.x476.rs.dns-oarc.net text = "14.140.149.65 lacks EDNS, defaults to 512" rst.x490.x485.x476.rs.dns-oarc.net text = "Tested at 2012-07-13 07:17:37 UTC" >

"14.140.149.65 DNS reply size limit is at least 490" rst.x490.x485.x476.rs.dns-oarc.net text = "14.140.149.65 lacks EDNS, defaults to 512" rst.x490.x485.x476.rs.dns-oarc.net text = From the info you posted it seems your firewall is blocking EDNS0. The recommended solution is to Upgrade the router(firewall) IOS/firmware in your location. As a workaround try the following article: http://support.microsoft.com/kb/832223 PS all the info is in Ace's blog article, I suggest you read it more thoroughly.

"14.140.149.65 DNS reply size limit is at least 490" rst.x490.x485.x476.rs.dns-oarc.net text = "14.140.149.65 lacks EDNS, defaults to 512" rst.x490.x485.x476.rs.dns-oarc.net text = From the info you posted it seems your firewall is blocking EDNS0. The recommended solution is to Upgrade the router(firewall) IOS/firmware in your location. As a workaround try the following article: http://support.microsoft.com/kb/832223 PS all the info is in Ace's blog article, I suggest you read it more thoroughly.