Hi,
I've been having problems last couple weeks with my network. I inherited a working system - that has in the last few days stopped functioning. With everything that happens in the company i haven't proactively read up on DNS and AD enough to save me. I did read through about 8 pages of archived messages and didn't find what i was looking for, or just perhaps I don't know what to search for to find my answer.
My Drama:
My company uses windows2k servers with active directory integrated DNS. Very modest number of computers (45ish company wide). We host inhouse on one server our web site, and email.
Internal naming is kimoto.com (192.168.x.x) while external naming is kimototech.com (65.114.55.x) There are currently 3 domain controllers. The primary one to this point is being retired soon as I'm able to figure this out :) which will leave 2.
So, I have my server with 2 zones, kimoto.com and kimototech.com in the forward lookup. In kimoto.com are all our nonpublic ip addressed computers. And kimototech.com is our public ip addressed/refrenced computers. Our company only holds public record rights on kimototech.com (not the name we use internally - kimoto.com)
This is where I'm going to start getting lost - forgive me if this isn't clear as should/could be. I'm not altogether sure how AD / DNS is sharing to the internet the correct name server info when my name servers are listed as they are internally, in my outside forward lookup zone.
the following may be incorrectly done, but it is my best effort/guess and this is what is set at the moment. I'm attempting to run our dns as primary and internet connected dns server as secondary (was how i inherited it, trying to restore functionality at this point)
My current kimototech.com zone looks as follows... I copy and pasted the exported info from a text file.
(same as parent folder) Start of Authority [95], kimoto2.kimoto.com., admin.kimoto.com.
(same as parent folder) Name Server bigkimoto.kimoto.com.
(same as parent folder) Name Server kimoto1.kimoto.com.
(same as parent folder) Name Server svl-ans-01.inet.qwest.net.
(same as parent folder) Name Server dca-ans-01.inet.qwest.net.
(same as parent folder) Name Server kimoto2.kimoto.com.
mail Mail Exchanger [10] kimoto1.kimoto.com.
ns1 Host 65.114.55.66
ns2 Host 65.114.55.67
www Alias kimoto1.kimoto.com.
What i'm concerned with is the Nameserver is listed with INTERNAL names, not external - will this cause me problems, or is that correct? I have NS2 (kimoto2) as my hopeful replacement for ns1(kimoto1 -- which is server that is coming down soon as it is very very old and unstable).
My firewall forwards ports for dns on correct ips to correct server. And if you telnet port 25 to ns1's address you correctly get presented with the mail welcome.
Am I just being impatient in this not updating yet and propegating? It was last changed at 11:30am eastern. Is there a way for me to 'force' an update when things are desperatly bad? Is there a way for me to actually see when was the last update against my files?
Thanks for your time and (hopefully) advice. I do hope there isn't any problem with posting this here in this form. I understand it is a risk but seemed to me most all of it is available with nslookup anyway :)
I'm yours for the saving,
David
p.s. as of this writing when NS lookup is done on my company, many private (192.x.x.x) ip address are published in the record, and refrences to our internal network naming convention -- which is causing browsers and mail to go to never never land as they seem to be randomly scooped up in response by different people trying to sell it to me.
_________________________________________________________________
MSN Movies - Trailers, showtimes, DVD's, and the latest news from Hollywood! http://movies.msn.click-url.com/go/onm00200509ave/direct/01/
List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
