DNS Question

Doug Stewart dstewart at airclic.com
Mon May 14 19:00:22 UTC 2001


I've just recently joined the mailing list and after a fairly thorough 
search, I was unable to find the answer to this problem in any mailing 
list.  While the date of the last email is a bit old, I hope that this 
might be of assistance to anyone else experiencing the problem.  I think 
I may have found the solution.

Our company was experiencing an analogous situation, with our internal 
DNS boxes (which  all client workstations and laptops use to resolve the 
outside world) unable to resolve schwab.com, acura.com, mbna.com and 
ameritrade.com.  If there were other sites affected by this, we didn't 
find them.   However, out EXTERNAL boxes (SOA for Airclic.com) were able 
to resolve those sites, no questions asked.

Anyways, the problem, as we determined it was that we were dynamically 
NATting all user-side clients, including the internal boxes.  
Apparently, when any of the nameservers for schwab.com, et. al, were 
queried, they refused to respond because the return ports specified in 
NATting weren't recognized DNS ports.  We ended up using up two 
additional IP address and statically NATting our internal boxes, which 
resolved the problem instantly.

Hope this is helpful to anyone out there experiencing a similar problem.

-- 
_____________
.Doug Stewart
Network Engineer,
AirClic, Inc.
www.airclic.com

 >I'm having no problem resolving that name from a Solaris 2.6 box. It
 >seems to be part of some load-balancing scheme -- the name is delegated
 >as a subzone, the A record has a TTL of only 15 seconds and its value
 >frequently changes, and the authoritative servers for the zone don't
 >include Authority or Additional sections in their replies. Maybe the
 >last aspect is giving your browser fits for some reason...
 >
 >
 >- Kevin
 >
Stella Mutya wrote:

 >> Hello,
 >>
 >> I have an unusual problem that I can't figure out.  We
 >> are running DNS BIND 8 on Solaris 2.6 and I'm having
 >> problems resolving www.schwab.com. nslookup is giving
 >> me a DNS request timed out cannot find www.schwab.com:
 >> Non-existent domain. I am also receiving error: unable
 >> to locate the server www.schwab.com using Netscape
 >> browser, and error:
 >> res://c:\winnt\system32\shdoclc.dll/dnserror.htm when
 >> using Microsoft IE.  I have no problems resolving the
 >> other websites like www.fidelity.com, www.etrade.com.,
 >> yahoo, etc.
 >>
 >> What can it be?  I'd appreciate the help.
 >>
 >> Thanks,
 >> Stella
 >>
 >> =====
 >>
 >> __________________________________________________
 >> Do You Yahoo!?
 >> Kick off your party with Yahoo! Invites.
 >> http://invites.yahoo.com/




More information about the bind-users mailing list