[isalist] Re: Maybe OT: DNS Resolution oddities
- From: Pierre Robert <Pierre.Robert@xxxxxxxxxxxxx>
- To: "'isalist@xxxxxxxxxxxxx'" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 16 Aug 2010 15:09:00 -0400
I see this issue once on my network.
I have internal DNS that have for forwarder our ISA SERVER, Isa Server have has
forwarder a cisco router (dns proxy), and the cisco router ask our isp dns.
The problem was the cisco proxy. I never be able to make it work.
So I set my ISA Server to forward directly to our ISP dns.
The problem was resolve.
Pierre Robert
Rubenstein Bros. Co. Inc.
-----Original Message-----
From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On
Behalf Of Joe Pochedley
Sent: Monday, August 16, 2010 1:36 PM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Maybe OT: DNS Resolution oddities
I’m not sure this is a TMG problem… But I haven’t totally ruled out TMG…
I’m investigating why we’re unable to deliver email to the domain
ceramic-substrates.co.uk … The issue started last week and is still happening
today. The issue appears to be a DNS problem (internal DNS Server: Server 2003
SP2, no forwarders)… When I try to nslookup the ceramic-substrates.co.uk
domain, I get:
> ceramic-substrates.co.uk
Server: [10.1.1.78]
Address: 10.1.1.78
DNS request timed out.
timeout was 2 seconds.
*** Request to [10.1.1.78] timed-out
However, resolution is working fine for other domains….
> google.com
Server: [10.1.1.78]
Address: 10.1.1.78
Non-authoritative answer:
google.com MX preference = 100, mail exchanger = google.com.s9a1.psmtp.com
google.com.s9a1.psmtp.com internet address = 74.125.148.10
I thought maybe something weird with the co.uk root servers, but no, other
.co.uk domains appear to resolve correctly:
> bbc.co.uk
Server: [10.1.1.78]
Address: 10.1.1.78
Non-authoritative answer:
bbc.co.uk MX preference = 10, mail exchanger = cluster1.eu.messagelabs.com
bbc.co.uk MX preference = 20, mail exchanger =
cluster1a.eu.messagelabs.com
cluster1a.eu.messagelabs.com internet address = 85.158.141.190
cluster1a.eu.messagelabs.com internet address = 85.158.136.170
cluster1a.eu.messagelabs.com internet address = 85.158.137.231
So then I switched to Google’s name servers to make sure that it wasn’t the
remote DNS that’s the problem…
> server 8.8.8.8
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8
> ceramic-substrates.co.uk
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
ceramic-substrates.co.uk MX preference = 10, mail exchanger =
mail2.ukisp.com
I even tried some of the online DNS lookup tools, and they were able to resolve
the domain name (A and MX records) with no problems… So I’m at a bit of a
loss… DNS resolution seems to work OK for other domains, but not
ceramic-substrates.co.uk… The connection to the DNS server responsible for the
ceramic-substrates.co.uk domain initiates, and then a few moments later is
reported as “gracefully closed in an orderly shutdown process with a three-way
FIN-initiated handshake”…
I have not tried disabling the DNS app filter yet as I figured that I should
see something in the log if the DNS app filter was tripping up the connection?
Anyone else have an issue with their DNS servers not being able to resolve the
ceramic-substrates.co.uk domain’s MX records? (Note, I also get a timeout if I
try to resolve the A record for www.ceramic-substrates.co.uk … So it’s not
limited to MX record lookups….)
Other related posts:
