OK, here is the deal. Just started a new job, got a ton of issues. The one I am working on now relates to DNS I have 2 DCs in my office, one running 2003 and one running 2008. Both have DNS installed. On my DC1, running 2003, I cant get external forwarders to work. If I set up a PC with just one static DNS address of DC1, DNS fails. I have 2 public DNS servers in as forwarders (8.8.8.8 and 4.2.2.1). Nothing resolves with this setup. Internal DNS works just fine. If I just point to DC2 (running 2008), then it works great, no problems. If I set up my 2003 server to use my 2008 server as a forwarder, then it work. So, the problem is, the forwarders on my 2003 box dont work if I am trying to forward to an external IP. Any suggestions before I just uninstall DNS completely and reconfigure it?

Look at the advanced properties of DNS. If you disable recursion, that also disables forwarders. Visit: anITKB.com, an IT Knowledge Base.

Hi, In addition with JM’s suggestion ,as the problem is the internal DNS server cannot receive the response after they forwarder the DNS name query, It should have the following causes: 1. The firewall between your internal network and external network blocks the port 53, so the DNS query from your internal DNS server does not reach the external DNS server configured as forwarders. Or the response from them is blocked so the internal DNS server does not receive the response. 2. The external DNS servers receive the query but do not send any response. 3. The DNS network packets get lost during the transmission between your DNS server and DNS forwarders. I think you need to check network connection or your firewall log (the firewall between your internal network and external network, you may also capture netmon trace on your DNS server and telmex DNS server configured as DNS forwarders at the same time) to see whether the DNS forwarders receive the query and answer them. Microsoft Network Monitor 3.4 http://www.microsoft.com/downloads/en/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en Thanks. Tiger LiPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, In response to your question:- On my DC1, running 2003, I cant get external forwarders to work. If I set up a PC with just one static DNS address of DC1, DNS fails. I have 2 public DNS servers in as forwarders (8.8.8.8 and 4.2.2.1). Nothing resolves with this setup. Internal DNS works just fine. <-- proves network connectivity internally, can you logon to the 2003 dc and try a telnet on port 53 to a forwarder IP. If this is successful then your external network connectivity is ok. If I just point to DC2 (running 2008), then it works great, no problems. <-- this is good it means both internal and external network connection. If I set up my 2003 server to use my 2008 server as a forwarder, then it work. So, the problem is, the forwarders on my 2003 box dont work if I am trying to forward to an external IP. <-- from what you are explaining i beleive that the recursion is disabled or you have no root hints. check the following --> open the dns mmc, right click on the server, properties - forwarders check use root hints if no forwarders are available. next click on advanced - ensure that (disable recursion option) is un selected. Hope this helps.

Thanks for the replies, here is where this is at. I am fairly certain this is now a firewall issue. Further troubleshooting found that on DC1, I can not ping anything, I can not browse to anything, it is basically cut off from the outside world. on DC2 all these things work just fine. I have yet to jump onto the firewall to look more into this yet, since there are more pressing needs right now, and I do have a second DNS server so my end users are not aware of a problem. Thanks for the replies