Jude's Blog

Archive for the ‘Other’ Category

Split DNS! Something to consider when designing your Domain Environment

leave a comment »

Hello everyone, so today there was a situation where i had some issues with my newly deployed test environment where some users are having troubles when connecting to their email. My Lab scenario here is the organization, lets call it Contoso went through a new infra deployment where a new domain (contoso.com) was configured. The deployment of the DC’s were done just a day before and was in the fine-tuning stage.

Here’s the scenario:

  • Internal domain – contoso.com
  • External domain – contoso.com
  • E-mail domain – contoso.com
  • E-mail Provider – 3rd Party Hosted with POP
  • E-mail Client – Microsoft Outlook

The symptoms here were,  client mail connection is lost. However, some clients were able to communicate. Some experienced send receive issues most according to the clients.

So, let’s go through what has happened here by checking the two scenarios;

Users Who Cannot Connect

On the users who cannot connect, Outlook client reported that it cant find the server to connect. Send Receive status showed the Inbound/Outbound Servers were unable to connect to. However, when trying to resolve the MX record using NSLOOKUP, it was noted that no entry is returned except the SOA.

So I looked on their Network settings and noticed that their Primary DNS is set for the internal DNS server and the Secondary to an External.

Users Who Could Connect

Noticing the above, did the same thing and the nslookup was able to resolve the MX record lookup and returned the correct values. Upon checking the Network IP settings, it was identified that the Primary DNS IP was given an External.

 

So the conclusion was, the Internal DNS was unable to resolve the MX record as well as any mail related DNS records even though they were properly set up in the Public DNS Registrar.

Now let’s look at what has happened

For users who can connect, things happened like this. When the connection initiates from the outlook, it will try to resolve the records(fqdns) to connect. For that,

  1. It will look for the DNS cache first inside the client computer.
  2. It will look for the Primary DNS server assigned to get an authoritative reply.
  3. Look for the Secondary DNS server assigned for an authoratative reply.

Now since the client has given 8.8.8.8 (Google DNS) as primary, all queries were sent to that address and resolved successfully with a happy Client.

Now for the users who had the internal DNS server for Primary, the request was sent to the local DNS Server and the DNS server didn’t respond with a proper response that would connect outlook.

The reason had to do with the scenario with both the Internal and External Domain Names’ being the SAME!

Now if someone asks why, when the client looks for a query for mail.contoso.com it looks for the matching name in the local DNS server. The local DNS server receives the query and sees that the server itself is authoritative for the contoso.com Zone. However, in this new environment, NO mail.contoso.com Nor any mail based records were present. Due to this fact, the DNS server replies with nothing. Making the client not to connect.

So we call our situation is in a SPLIT DNS scenario. Now how to make things work?

The only thing you need to do is to create the pointers which are sitting on the Internet World on your local DNS Server. In my case, I created an records with the hostnames/IPs pointing to the internet. So now when a request comes for mail.contoso.com, the local DNS server see’s that there is an entry present pointing to an internet IP address and the client will use this to connect to the relevant service accordingly.

So what’s the catch here?

If your Internal Domain Name = External Domain Name in your environment, You are in a Split DNS environment. And you need to provide pointers for all your external domain based services on your local server.

dns query - split dns

If you have any such scenarios or suggestions to improve this article, please let us know 🙂

 

Advertisements

Written by judeperera

February 21, 2014 at 9:48 am

Keep yourself Updated with the FIFA 2010 Schedule using Windows Live Calendar

leave a comment »

FIFA World Cup 2010 is just around the corner and and I’m one of the die hard fans who doesnt want to miss a single minute of the  matches. Special thanks for BBC for taking the trouble to make a calendar that can be used with Windows Live and many other apps as well. The Calendar is in .ics format which enables multi-app usage. However, here I will show how to use the calendar with the Windows Live Calendar. This is a great way for the soccer fans who are not sure about the times and  for the people who are on the go as you will get a Reminder before each match. Theres nothing much you need to do. Just go through the following steps and your Windows Live Calendar will be fully updated with the match fixtures with a brief info on the broadcasts by BBC for the UK fans and you will be notified 15 minutes(can be changed) just before the match.

  • Download the World Cup fixtures v1.0 and save the .ics file to your Desktop.
  • Go to the Windows Live Calendar webpage.
  • Sign In with your Windows Live ID.
  • Click on Subscribe, which is located just above the Calendar.
  • Select and Browse for the .ics file which you downloaded previously.
  • Select Import into a new calendar.
  • Click Import calendar.
  • Click Done.

Now you will see that the Calendar is already updated with the Match Fixtures according to your Time Zone*.  You can even use the Windows Live Mail Desktop Applications Calendar Option too. Each Event will give you a brief summary on the

  • Match Name (Teams and Group)
  • Venue
  • Time
  • A Description on BBC s Coverage.
  • and you can set a custom time for a reminder.

Official FIFA 2010 Match Schedule

Written by judeperera

June 1, 2010 at 8:48 am

Posted in Other, Windows Live

Tagged with , , ,