On 19 August 2016 at 09:02, anup albal wrote:
> Below are the options on the external name server.
That's not the full configs, and from both DNS servers. I get you
don't want to expose some of the information but you're asking for
help, we can't do that if you keep things back and obfuscate deta
orking.
There is a firewall between the internal and external name servers. Other than
ensuring that port53 is open between the two name servers for TCP and UDP
traffic, is there anything else i need to check?
Thanks
Anup
____
From: anup albal
Sent: Friday, 19 August 2016
On 19 August 2016 at 07:25, anup albal wrote:
> After that I cannot run a "dig sharepoint.com" or "dig microsoft.com" from
> dns1. However it can resolve it if i run a "dig +trace sharepoint.com" or
> "dig +trace microsoft.com"
Can you post your full configs and the full dig outputs? Don't use
+t
From: anup albal
Sent: Thursday, 18 August 2016 9:47 AM
To: Chris Buxton
Cc: BIND Users
Subject: Re: Selective forwarding from an internal only name server
Hi Chris
Below is without "+trace" option. Also there is a firewall between internal
(dns1) and
boun...@lists.isc.org] On Behalf Of S Carr
Sent: Thursday, August 18, 2016 4:31 AM
To: BIND Users
Subject: Re: Selective forwarding from an internal only name server
On 18 August 2016 at 01:04, anup albal wrote:
> Does that mean I setup another forwarding zone called microsoft.com or
> s
compliance.
- Kevin
-Original Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
Margolin
Sent: Wednesday, August 17, 2016 9:08 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Selective forwarding from an internal only name server
In article
On 18 August 2016 at 01:04, anup albal wrote:
> Does that mean I setup another forwarding zone called microsoft.com or
> sharepoint.microsoft.com or both?
Ideally you should setup a completely separate caching/forwarding
server and not be using the external DNS box (NS1) for this purpose.
On the
On 18 August 2016 at 02:07, Barry Margolin wrote:
> That's why Cloudflare's method is "RFC-compliant", but what MS is doing
> with sharepoint.com is not.
Microsoft's DNS implementation allows CNAMEs at the zone apex, correct
it's not RFC compliant, but this is Microsoft...
___
point.com is not.
>
> - Kevin
>
> -Original Message-
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
> Margolin
> Sent: Wednesday, August 17, 2016 4:34 PM
&
, 18 August 2016 9:47 AM
To: Chris Buxton
Cc: BIND Users
Subject: Re: Selective forwarding from an internal only name server
Hi Chris
Below is without "+trace" option. Also there is a firewall between internal
(dns1) and external (ns1) name servers and
we have opened up TCP/UDP port 53
ust 2016 2:26 AM
To: anup albal
Cc: BIND Users
Subject: Re: Selective forwarding from an internal only name server
Try it without "+trace".
Regards,
Chris
On Aug 17, 2016, at 2:59 AM, anup albal
mailto:anupal...@hotmail.com>> wrote:
Hi
First up apologies if this is not the
Message-
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry
Margolin
Sent: Wednesday, August 17, 2016 4:34 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Selective forwarding from an internal only name server
In article ,
"Darcy Kevin (FCA)" wrot
In article ,
"Darcy Kevin (FCA)" wrote:
> Well, sharepoint.com is a CNAME to sharepoint.microsoft.com, so you might
> need to make arrangements for that to be resolvable as well.
That doesn't seem valid to begin with. The .COM zone has delegation NS
records for sharepoint.com. Having a CNAME
sts.isc.org] On Behalf Of anup
albal
Sent: Wednesday, August 17, 2016 6:00 AM
To: bind-users@lists.isc.org
Subject: Selective forwarding from an internal only name server
Hi
First up apologies if this is not the right list to email and for a long email.
I am hoping you can give me a clue as to w
Try it without "+trace".
Regards,
Chris
> On Aug 17, 2016, at 2:59 AM, anup albal wrote:
>
> Hi
>
> First up apologies if this is not the right list to email and for a long
> email. I am hoping you can give me a clue as to what I am doing wrong here?
> Or may be this is not supposed to work
Hi
First up apologies if this is not the right list to email and for a long email.
I am hoping you can give me a clue as to what I am doing wrong here? Or may be
this is not supposed to work at all.
We have an internal only DNS server (dns1) with fake root zone. i.e a fake file
for the zone ".
16 matches
Mail list logo