I have built a secondary webserver for backup in case my primary server
fails. I have pointed all of the websites that I am hosting's secondary
name server at the registrar to my secondary server ns2.domainname.com with
the correct IP at the registrar. When I ping ns2 I cannot find host. I
have DNS and IIS setup correctly - I can put in my static IP and it will
resolve to the test website I have running on the secondary server. I need
to get ns2 to reply to a ping. Any suggestions?

Hi
Internal and External resolution are handled differently.
In External DNS server you point the records to the public IPAddress of your
/Router/FW.
In Internal DNS resolution you point the records for the private lan
Ipaddress of your IIS servers.
The fact that you fail to ping the PUBLIC IPaddress has to do with FW
configuration that doesn't aloow ICMP.

--
I hope that the information above s you

Good Luck
Jorge Silva
MCSA
Systems Administrator

"Brian" <briant1@cox.net> wrote in message
news:O$VYs$E1GHA.1292@TK2MSFTNGP03.phx.gbl...
>I have built a secondary webserver for backup in case my primary server
>fails. I have pointed all of the websites that I am hosting's secondary
>name server at the registrar to my secondary server ns2.domainname.com with
>the correct IP at the registrar. When I ping ns2 I cannot find host. I
>have DNS and IIS setup correctly - I can put in my static IP and it will
>resolve to the test website I have running on the secondary server. I need
>to get ns2 to reply to a ping. Any suggestions?
>

Thank you for your response. I can ping the static IP successfully however
I recieve "Cannot find host" when I ping the FQDN NS2.nameserver.com. I do
not believe my DNS is being updated throughout the inet. Everything works
locally but will not resolve externally. If I put in the IP in explorer in
an external computer the default test website I created resolves correctly.
The hosted domains I have on the server do not resolve and will not until I
get the NS2 resolving. IP is resolving FQDN is not and it seems like the
records of my DNS server are not propogating. Do I have to set the DNS
server to "push" the records out or does that happen automatically. I am
running Webserver 2003. Thanks

"Jorge Silva" <jorgesilva_pt@hotmail.com> wrote in message
news:e13IvVN1GHA.3908@TK2MSFTNGP05.phx.gbl...
> Hi
> Internal and External resolution are handled differently.
> In External DNS server you point the records to the public IPAddress of
> your /Router/FW.
> In Internal DNS resolution you point the records for the private lan
> Ipaddress of your IIS servers.
> The fact that you fail to ping the PUBLIC IPaddress has to do with FW
> configuration that doesn't aloow ICMP.
>
> --
> I hope that the information above s you
>
> Good Luck
> Jorge Silva
> MCSA
> Systems Administrator
>
> "Brian" <briant1@cox.net> wrote in message
> news:O$VYs$E1GHA.1292@TK2MSFTNGP03.phx.gbl...
>>I have built a secondary webserver for backup in case my primary server
>>fails. I have pointed all of the websites that I am hosting's secondary
>>name server at the registrar to my secondary server ns2.domainname.com
>>with the correct IP at the registrar. When I ping ns2 I cannot find host.
>>I have DNS and IIS setup correctly - I can put in my static IP and it will
>>resolve to the test website I have running on the secondary server. I need
>>to get ns2 to reply to a ping. Any suggestions?
>>
>
>

Brian wrote:
> Thank you for your response. I can ping the static IP successfully
> however I recieve "Cannot find host" when I ping the FQDN
> NS2.nameserver.com. I do not believe my DNS is being updated
> throughout the inet. Everything works locally but will not resolve
> externally. If I put in the IP in explorer in an external computer
> the default test website I created resolves correctly. The hosted
> domains I have on the server do not resolve and will not until I get
> the NS2 resolving. IP is resolving FQDN is not and it seems like
> the records of my DNS server are not propogating. Do I have to set
> the DNS server to "push" the records out or does that happen
> automatically. I am running Webserver 2003. Thanks

If you are going to try hosting a public DNS server on your local machine,
you should post the actual name.

Name servers do not push records out to anything, they just sit there and
wait for someone or another DNS server, to come asking for a name to
resolve. The closest a name server comes to pushing is when it Notifies
servers with Secondary zones that there is a newer version of the zone and
it needs to ask for a zone transfer. Do not confuse a DNS Server with a
Secondary zone with an Alternate DNS server, they are two totally different
things.
If a Server has a Secondary zone, it is its responsibly to go ask the Master
(Primary) for a zone transfer, the primary's responsibility ends with
deciding what servers can get a zone transfer (full copy of the zone), and
which DNS servers can only get the record or records it asks for
specifically by name and type.

If you host a public name server, the first thing you must do is get the
name server's name and IP address listed at the parent servers for a domain.

Example, say you own brian.com, and you want to host a name server
ns1.brian.com, before you name server can host ANY public domain, even
brian.com, the .com (parent) servers must know the name and IP of
ns1.brian.com.
How do you do this?
The answer varies from Registrar to Registrar, (the company that registered
you as the owner brian.com). Some make it very easy and have a link on their
website for adding DNS Host names, this is where you add NS1.brian.com to
the parent (.com) servers.

Even after you do this, your DNS server must be able to resolve
ns1.brian.com, do this by creating a host named NS1, in the brian.com zone,
then you have to add NS1.brian.com to the name servers tab as a name server.
You must also add NS records for all DNS servers that host a brian.com zone
and are listed on the public record for brian.com.

As for how long it take for this to "propagate" depends on if a DNS server
has been asked to resolve ns1.brian.com before ns1.brian.com existed and how
much TTL is left to expire on that server. DNS servers that don't have the
brian.com zone usually cache negative and positive answers, until the
answers have expired from cache, that DNS server will answer from what it
has in cache. There is no way to hurry that process up, the time depends
entirely on the remaining TTL of its cached answer. The remaining TTL
depends on the TTL of the record on the server that holds authority, and the
Maximum Cached TTL of the server the record is in cache on. The default
Maximum cache TTL for MS DNS is one day, the default Maximum Cached TTL for
BIND DNS is seven days.
Negative answers are cached, too. The default maximum negative cached TTL on
MS DNS is 1 hour, (IIRC) I'm not sure what the maximum negative cached TTL
on BIND is, but it probably somewhere in line with MS DNS.

--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================

WOW! Very well put - Thank you. After investigating I realized that I had
in fact added a host ns2 to the zone, however the IP entry was "Unknown" in
the name servers tab so I manually put in my public IP (Registered with the
registrar of the domain for NS2. I dont know if this is all i've missed
however it led me to discover the "Unknown" IP entry. I will give this
change some time and see if I sill get "Host not found" Thanks.

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:uSAEieP1GHA.3476@TK2MSFTNGP04.phx.gbl...
> Brian wrote:
>> Thank you for your response. I can ping the static IP successfully
>> however I recieve "Cannot find host" when I ping the FQDN
>> NS2.nameserver.com. I do not believe my DNS is being updated
>> throughout the inet. Everything works locally but will not resolve
>> externally. If I put in the IP in explorer in an external computer
>> the default test website I created resolves correctly. The hosted
>> domains I have on the server do not resolve and will not until I get
>> the NS2 resolving. IP is resolving FQDN is not and it seems like
>> the records of my DNS server are not propogating. Do I have to set
>> the DNS server to "push" the records out or does that happen
>> automatically. I am running Webserver 2003. Thanks
>
> If you are going to try hosting a public DNS server on your local machine,
> you should post the actual name.
>
> Name servers do not push records out to anything, they just sit there and
> wait for someone or another DNS server, to come asking for a name to
> resolve. The closest a name server comes to pushing is when it Notifies
> servers with Secondary zones that there is a newer version of the zone and
> it needs to ask for a zone transfer. Do not confuse a DNS Server with a
> Secondary zone with an Alternate DNS server, they are two totally
> different
> things.
> If a Server has a Secondary zone, it is its responsibly to go ask the
> Master
> (Primary) for a zone transfer, the primary's responsibility ends with
> deciding what servers can get a zone transfer (full copy of the zone), and
> which DNS servers can only get the record or records it asks for
> specifically by name and type.
>
> If you host a public name server, the first thing you must do is get the
> name server's name and IP address listed at the parent servers for a
> domain.
>
> Example, say you own brian.com, and you want to host a name server
> ns1.brian.com, before you name server can host ANY public domain, even
> brian.com, the .com (parent) servers must know the name and IP of
> ns1.brian.com.
> How do you do this?
> The answer varies from Registrar to Registrar, (the company that
> registered
> you as the owner brian.com). Some make it very easy and have a link on
> their
> website for adding DNS Host names, this is where you add NS1.brian.com to
> the parent (.com) servers.
>
> Even after you do this, your DNS server must be able to resolve
> ns1.brian.com, do this by creating a host named NS1, in the brian.com
> zone,
> then you have to add NS1.brian.com to the name servers tab as a name
> server.
> You must also add NS records for all DNS servers that host a brian.com
> zone
> and are listed on the public record for brian.com.
>
> As for how long it take for this to "propagate" depends on if a DNS server
> has been asked to resolve ns1.brian.com before ns1.brian.com existed and
> how
> much TTL is left to expire on that server. DNS servers that don't have the
> brian.com zone usually cache negative and positive answers, until the
> answers have expired from cache, that DNS server will answer from what it
> has in cache. There is no way to hurry that process up, the time depends
> entirely on the remaining TTL of its cached answer. The remaining TTL
> depends on the TTL of the record on the server that holds authority, and
> the
> Maximum Cached TTL of the server the record is in cache on. The default
> Maximum cache TTL for MS DNS is one day, the default Maximum Cached TTL
> for
> BIND DNS is seven days.
> Negative answers are cached, too. The default maximum negative cached TTL
> on
> MS DNS is 1 hour, (IIRC) I'm not sure what the maximum negative cached TTL
> on BIND is, but it probably somewhere in line with MS DNS.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>

I have my primary server setup and has been running for years. My priamry
server is NS1.xyzdomain.com my second server located at a seperate location
on a seperate ISP for redundancy is NS2.xyzdomain.com (same domain just ns1
and ns2) I created a zone on my secondary server exactly like the xyzdomain
zone on the primary server with the exception of the host I created is ns2
with the correct public IP. Assuming all is well now everything should work
soon. One thing I did just trying things is I added a host record for NS2
on the primary (NS1) server with the correct Public IP of the secondary
server (NS2) and ns2 would then resolve from an external network - but this
does me no good since the secondary server is for when the primary server is
offline - will the host record I created in the primary server for NS2 still
be valid once the primary server is offline for maint? This is not how I
want to have things setup ...just a question on "will it work this way" and
for how long (TTL?? = 1 hour)
"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US> wrote in message
news:uSAEieP1GHA.3476@TK2MSFTNGP04.phx.gbl...
> Brian wrote:
>> Thank you for your response. I can ping the static IP successfully
>> however I recieve "Cannot find host" when I ping the FQDN
>> NS2.nameserver.com. I do not believe my DNS is being updated
>> throughout the inet. Everything works locally but will not resolve
>> externally. If I put in the IP in explorer in an external computer
>> the default test website I created resolves correctly. The hosted
>> domains I have on the server do not resolve and will not until I get
>> the NS2 resolving. IP is resolving FQDN is not and it seems like
>> the records of my DNS server are not propogating. Do I have to set
>> the DNS server to "push" the records out or does that happen
>> automatically. I am running Webserver 2003. Thanks
>
> If you are going to try hosting a public DNS server on your local machine,
> you should post the actual name.
>
> Name servers do not push records out to anything, they just sit there and
> wait for someone or another DNS server, to come asking for a name to
> resolve. The closest a name server comes to pushing is when it Notifies
> servers with Secondary zones that there is a newer version of the zone and
> it needs to ask for a zone transfer. Do not confuse a DNS Server with a
> Secondary zone with an Alternate DNS server, they are two totally
> different
> things.
> If a Server has a Secondary zone, it is its responsibly to go ask the
> Master
> (Primary) for a zone transfer, the primary's responsibility ends with
> deciding what servers can get a zone transfer (full copy of the zone), and
> which DNS servers can only get the record or records it asks for
> specifically by name and type.
>
> If you host a public name server, the first thing you must do is get the
> name server's name and IP address listed at the parent servers for a
> domain.
>
> Example, say you own brian.com, and you want to host a name server
> ns1.brian.com, before you name server can host ANY public domain, even
> brian.com, the .com (parent) servers must know the name and IP of
> ns1.brian.com.
> How do you do this?
> The answer varies from Registrar to Registrar, (the company that
> registered
> you as the owner brian.com). Some make it very easy and have a link on
> their
> website for adding DNS Host names, this is where you add NS1.brian.com to
> the parent (.com) servers.
>
> Even after you do this, your DNS server must be able to resolve
> ns1.brian.com, do this by creating a host named NS1, in the brian.com
> zone,
> then you have to add NS1.brian.com to the name servers tab as a name
> server.
> You must also add NS records for all DNS servers that host a brian.com
> zone
> and are listed on the public record for brian.com.
>
> As for how long it take for this to "propagate" depends on if a DNS server
> has been asked to resolve ns1.brian.com before ns1.brian.com existed and
> how
> much TTL is left to expire on that server. DNS servers that don't have the
> brian.com zone usually cache negative and positive answers, until the
> answers have expired from cache, that DNS server will answer from what it
> has in cache. There is no way to hurry that process up, the time depends
> entirely on the remaining TTL of its cached answer. The remaining TTL
> depends on the TTL of the record on the server that holds authority, and
> the
> Maximum Cached TTL of the server the record is in cache on. The default
> Maximum cache TTL for MS DNS is one day, the default Maximum Cached TTL
> for
> BIND DNS is seven days.
> Negative answers are cached, too. The default maximum negative cached TTL
> on
> MS DNS is 1 hour, (IIRC) I'm not sure what the maximum negative cached TTL
> on BIND is, but it probably somewhere in line with MS DNS.
>
> --
> Best regards,
> Kevin D. Goodknecht Sr. [MVP]
> Hope This s
> ===================================
> When responding to posts, please "Reply to Group"
> via your newsreader so that others may learn and
> benefit from your issue, to respond directly to
> me remove the nospam. from my email address.
> ===================================
> http://www.lonestaramerica.com/
> http://support.wftx.us/
> http://message.wftx.us/
> ===================================
> Use Outlook Express?... Get OE_Quotefix:
> It will strip signature out and more
> http://home.in.tum.de/~jain/software/oe-quotefix/
> ===================================
> Keep a back up of your OE settings and folders
> with OEBackup:
> http://www.oe.com/OEBackup/Default.aspx
> ===================================
>
>

Brian wrote:
> I have my primary server setup and has been running for years. My
> priamry server is NS1.xyzdomain.com my second server located at a
> seperate location on a seperate ISP for redundancy is
> NS2.xyzdomain.com (same domain just ns1 and ns2) I created a zone on
> my secondary server exactly like the xyzdomain zone on the primary
> server with the exception of the host I created is ns2 with the
> correct public IP. Assuming all is well now everything should work
> soon. One thing I did just trying things is I added a host record
> for NS2 on the primary (NS1) server with the correct Public IP of the
> secondary server (NS2) and ns2 would then resolve from an external
> network - but this does me no good since the secondary server is for
> when the primary server is offline
Explain to me your belief that NS2 is only for when NS1 is offline?
That should be the way it works, if both are on the public record, and are
listed at the parent (.com) servers as authoritative for your domain. When a
DNS server goes looking for your domain, it first stop in the root servers,
which send the server to the TLD (.com) servers, the TLD server will use
Round robin and send NS1 & NS2 one time and the next time NS2 & NS1, or if
you have three NS1, NS2 & NS3, then NS2, NS3 & NS1, then NS3, NS1 & NS2, it
keeps alternating like that on each subsequent query.

- will the host record I created
> in the primary server for NS2 still be valid once the primary server
> is offline for maint? This is not how I want to have things setup
> ...just a question on "will it work this way" and for how long (TTL??
> = 1 hour)

The parent servers (.com) have a TTL of 2 days (172800) on all NS records it
holds in its delegations. So even if you change the servers at the parent,
it could be two days before some DNS servers will know it, should it have
those NS records in cache.
What is important, is the Expire time on your zone's SOA record, the Expire
time is the amount of time that elapses before a Secondary server expires
the zone and quits answering. You need to have the Expire time set to a
sufficient amount of time so that if the Primary goes away, you have ample
time to revive it before the Secondary zone expires and resolution for the
domain stops. RFCs recommend 2 to 4 weeks on the Expire value.


--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This s
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oe.com/OEBackup/Default.aspx
===================================