Re: Wierd DNS stuff...

  • From: "Bryan Andrews" <bandrews@xxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 9 Oct 2001 22:51:32 -0400

Why would I want to put a dns on there? I'd rather keep everything
internal if I can... incoming dns resolves to external dns servers. My
internal dns only does resolving and internal requests.

Thanks!


-----Original Message-----
From: Mark Strangways [mailto:strangconst@xxxxxxxx]
Sent: Tuesday, October 09, 2001 10:19 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Wierd DNS stuff...

http://www.ISAserver.org


Can you set a DNS on your ISA machine, then forward from the AD machines
to the ISA DNS server for
any unresolved adds.
Set up your ISA DNS server to forward it's request's to your ISP's
resolvers.

You should find that offers better security and performance.

Regards,
Mark

----- Original Message -----
From: "Bryan Andrews" <bandrews@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, October 09, 2001 10:24 PM
Subject: [isalist] Wierd DNS stuff...


http://www.ISAserver.org


Hello All,

I have been having dns trouble intermittently where emails are bouncing
back (exchange2000) and I clear my dns caches and everything is ok.

Quick note about my setup:

1. ISA server w/ 2 nics, no DNS, no IIS, no etc
2. internal AD, DNS (AD integrated), E2K server
3. internal AD, DNS (AD integrated)
4. other boxes that are not important.

In troubleshooting I have noticed that I have repeated entries in my dns
for:

Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 10/2/2001
Time: 6:28:04 PM
User: N/A
Computer: TATL0S03
Description:
The DNS server encountered an invalid domain name in a packet from
209.235.102.18.  The packet is rejected.


AND

Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 10/2/2001
Time: 6:28:04 PM
User: N/A
Computer: TATL0S03
Description:
The DNS server encountered an invalid domain name in a packet from
209.235.102.17.  The packet is rejected.

I have no idea why this is happening. I did digs and do not recognize
this address, and whats more, I don't really understand how dns would be
talking to this ip thru the firewall... often and repeatedly.

Has anyone else seen this before is this something I should worry about?

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
strangconst@xxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bandrews@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 10-2001