What will encourage those folks with non-compliant implementations to upgrade, then, eh? :-)
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, June 24, 2004 2:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: W2k3's DNS Yeah, you could do that. But remember that the "cause" of the problem IS the fact that W2K3 DNS has this large packet size in the first place. It's RFC-compliant and all, but there are tons of people and devices out there that simply do not speak this language. This is why Win2K3 DNS barfs regularly. So, I agree that REDUCING the packet size on the DNS server (rather than configuring PIX to accept the large packet) is a more effective way to ensure that your DNS packets will get to the maximum number of destinations possible. Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon ________________________________ From: [EMAIL PROTECTED] on behalf of Michael B. Smith Sent: Thu 6/24/2004 10:42 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: W2k3's DNS IMHO, enabling large DNS packets will tend, over time, to make DNS more efficient over all the Internet. It's what I did. YMMV. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Witasick Sent: Thursday, June 24, 2004 1:07 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] OT: W2k3's DNS Is one solution - disable large DNS packet on W2k3 vs. enable large DNS packets on the PIX - better than the other? ----- Original Message ----- From: Michael B. Smith <mailto:[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Sent: Tuesday, June 22, 2004 11:22 PM Subject: RE: [ActiveDir] OT: W2k3's DNS Your WAN group can enable large DNS packets through the PIX. Have them take a look at their "fixup protocol dns maximum-length 512" statement. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Witasick Sent: Tuesday, June 22, 2004 11:11 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] OT: W2k3's DNS Thanks much. All the "weirdness" began right around the time our WAN group started routing traffic through PIX firewalls. John W. ----- Original Message ----- From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, June 22, 2004 7:39 PM Subject: RE: [ActiveDir] OT: W2k3's DNS dnscmd your_DNS_Server_Name /EnableEDNSProbes 0 Net stop DNS Net start DNS It's a "known issue" with the new Win2K3 EDNS0 Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon ________________________________ From: [EMAIL PROTECTED] on behalf of John Witasick Sent: Tue 6/22/2004 1:45 PM To: ActiveDir Subject: [ActiveDir] OT: W2k3's DNS I am having issues resolving some yahoo aliases. Aliases that redirect to *.yahoo2.akadns.net do not resolve, although the redirection URL resolves correctly. Aliases that redirect to *.yahoo.akadns.net resolve fine. Has anybody else experienced this with Windows Server 2003 DNS? Any ideas? FYI - the two servers experiencing this are my jump-off DNS servers to the internet; both use root hints. John W ------------------------- H:\>nslookup > www.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx Non-authoritative answer: Name: www.yahoo.akadns.net Addresses: 216.109.118.78, 216.109.118.69, 216.109.118.66, 216.109.118.70 216.109.117.108, 216.109.117.205, 216.109.118.65, 216.109.117.110 Aliases: www.yahoo.com > health.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx Non-authoritative answer: Name: health.yahoo.akadns.net Address: 216.109.117.98 Aliases: health.yahoo.com > sports.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx Non-authoritative answer: Name: sports.yahoo.akadns.net Address: 216.109.126.241 Aliases: sports.yahoo.com > finance.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx DNS request timed out. timeout was 2 seconds. *** Request to dns1.domain timed-out > finance.yahoo2.akadns.net Server: dns1.domain Address: xxx.xxx.xxx.xxx Name: finance.yahoo2.akadns.net Address: 216.109.119.250 > news.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx DNS request timed out. timeout was 2 seconds. *** Request to dns1.domain timed-out > dailynews.yahoo2.akadns.net Server: dns1.domain Address: xxx.xxx.xxx.xxx Name: dailynews.yahoo2.akadns.net Address: 216.109.124.244 > weather.yahoo.com Server: dns1.domain Address: xxx.xxx.xxx.xxx DNS request timed out. timeout was 2 seconds. *** Request to dns1.domain timed-out > weather.yahoo2.akadns.net Server: dns1.domain Address: xxx.xxx.xxx.xxx Name: weather.yahoo2.akadns.net Address: 216.109.126.70 ________________________________ This E-mail, including any attachments, may be intended solely for the personal and confidential use of the sender and recipient (s) named above. This message may include advisory, consultative and/or deliberative material and, as such, would be privileged and confidential and not a public document. Any Information in this e-mail identifying a client of the department of Human Services is confidential. If you have received this e-mail in error, you must not review, transmit, convert to hard copy, copy, use or disseminate this e-mail or any attachments to it and you must delete this message. You are requested to notify the sender by return e-mail. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ________________________________ This E-mail, including any attachments, may be intended solely for the personal and confidential use of the sender and recipient (s) named above. This message may include advisory, consultative and/or deliberative material and, as such, would be privileged and confidential and not a public document. Any Information in this e-mail identifying a client of the department of Human Services is confidential. If you have received this e-mail in error, you must not review, transmit, convert to hard copy, copy, use or disseminate this e-mail or any attachments to it and you must delete this message. You are requested to notify the sender by return e-mail. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/