Hi everyone! I am encountering an issue with DNS I have never experienced before. I am hopeful someone can think of something I have missed, or maybe has encountered something similar and has an answer. I switched DNS to a Windows server so I can re-build a server. Everything seemed fine at first, then caches cleared and our domains we manage on the server for the network were no longer accessible. I tossed this up to an error on my part. I checked my A name entries and everything. It all was correct. I then proceeded to use ping and nslookup. The DNS server responded quickly with the proper IP address and I could ping -a and get the name back from the IP. The network has all 3com switches, but is 99% Mac's. I thought perhaps there is a protocol or such that isn't playing nice with windows. The OS X server used BIND, I am sure a modified version. So, on another server I setup Ubuntu Linux and installed BIND 9. I set everything up on there and testing things again. This time I used dig on that server, nslookup from my workstation. Same, server responded yet I can not access the domain via a browser. So I ventured onto IRC, where some helpful people told me to telnet from the DNS server to the webservers domain (telnet <a href="http://npelem.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> npelem.com</a> 80). I did this and it connected, they then told me to type "GET / HTTP/1.0" (may have the slash wrong) and press enter twice. I did that, and low and behold it returned the HTML code of the index.php. At this point they told me DNS is doing its job and it is the browser. I quit for the day. Today I came in and decided it can't be 3 new systems, 2 servers, and 3 different operating systems. I am on Vista with FireFox and IE 7, the Windows server was not updated to IE 7, so it just has the secured IE with I took down to low security, and Ubuntu Linux 7.04 using FireFox. Both the Windows 2003 server and the Ubuntu system have DNS running. So instead of just explaining more and more I will just list some information and link to the BIND file I pasted at <a href="http://pastebin.ca/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> pastebin.ca</a>. Windows Server 2003, ip <a href="http://192.168.168.6/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.6</a> static, running DHCP and DNS, no Active Directory / Domain integration, just a plain DHCP/DNS server. DHCP points it for DNS DHCP supplies: IP, Gateway, Subnet, DNS, TimeServer, and LDAP Ubuntu: IP <a href="http://192.168.168.7/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.7</a> DNS using BIND9 only. Setup for itself and my Vista system only as DNS server My System: I installed wireshark to watch the network today, I use DHCP via wired connecting, but set the DNS manually to <a href="http://192.168.168.7/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.7</a> Old Server: OS X Server 10.3.9 running AFP, DNS, DHCP, NFS, Open Directory, Print Sharing. IP <a href="http://192.168.168.203/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.203</a> (don't ask...I am changing it when I re-do the server) Webserver/MailServer: OS X Server 10.3.9, IP <a href="http://192.168.112.2/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.112.2</a> Network Devices: Barracuda Spyware Firewall ( <a href="http://192.168.168.2/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.2</a>) and Watchguard Firebox Edge X50 ( <a href="http://192.168.168.1/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.168.1</a> -Gateway) Note: Firebox was the former filter, it now just does NAT routing to direct traffic to our off network webserver, it allows passthrough between the networks with no restrictions atm..defeating the purpose of the segmentation I know). The two new servers are Dell Power Edge 860's. My system is an HP Pavillion Notebook, and the old server is an Xserver. BIND9 Files: (all zones and zone config) <a href="http://www.pastebin.ca/733070" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> http://www.pastebin.ca/733070 </a> (just the named.conf main file) <a href="http://www.pastebin.ca/733077" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://www.pastebin.ca/733077</a> Seperated the first paste's files with equals signs Our domains: <a href="http://npelem.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">npelem.com </a> and <a href="http://nationalpark.k12.nj.us/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">nationalpark.k12.nj.us</a> (they just need to redirect to servers, nothing like active directory where it is integrated into every system) Here is the really strange thing that has me baffled. While running wire shark, I can see BIND requests as DNS, while most request to Microsoft show as MDNS. As I watched my system, when I go to say <a href="http://www.google.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">www.google.com</a> with FireFox I see the request and the response with the DNS protocol. When I go to one of the two domains the server manages, I never see the request or a response on wireshark. I tried this on the server, but wireshark can't see the looping on the server, as it never goes across the network and is handled internally. Anyone have a clue why the local command line testing say the DNS on both server is working fine, yet applications like FireFox can't ever get to the webserver via name but by IP? If you need more information please let me know. I am going nuts, because I can't track this down yet. Thanks, Shane Sammons National Park Elementary