Comments on: Transferring Domains – The joy of bad IT practice. http://g33q.co.za/2008/10/14/transferring-domains-the-joy-of-bad-it-practice/ The New Look Tech Blog Tue, 15 May 2012 17:00:25 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Jaco Kroon http://g33q.co.za/2008/10/14/transferring-domains-the-joy-of-bad-it-practice/comment-page-1/#comment-126 Jaco Kroon Tue, 14 Oct 2008 16:17:51 +0000 http://blog.g33q.co.za/?p=83#comment-126 Imho the firewall part isn't the problem here, it's the fact that by the sounds of it there was a rather insane amount of port-forwarding going on. Again, you could query the "rogue" DNS server, which probably was the previous primary by using the host command, something like: host -l domain.com. 196.1.1.3 _SHOULD_ give you all the DNS information that was previously available. If that fails then the admin did the job proper and closed off zone transfers (many hot-shots seems to miss this one). In this case you're going to need to query one by one record, eg: host -t mx domain.com. 196.1.1.3 host -t a www.domain.com 196.1.1.3 host -t a sslvpn.domain.com 196.1.1.3 And so forth. As for the internal website, exchange and SBS in general is braindead when it comes to domain and dns handling. Don't ask me why I say so, it just is. On the LAN you probably just need to find the internal DNS server, and also update the www records on that server to the correct external addresses. Don't ask. The problem is legit, but once again, too many hotshots that doesn't use the recommended .local zone for internal domains. Or a sub-zone of their public domain, eg, I use local.uls.co.za for my local LAN, I own uls.co.za, guaranteed that it won't ever clash with anything. Imho the firewall part isn’t the problem here, it’s the fact that by the sounds of it there was a rather insane amount of port-forwarding going on. Again, you could query the “rogue” DNS server, which probably was the previous primary by using the host command, something like:

host -l domain.com. 196.1.1.3

_SHOULD_ give you all the DNS information that was previously available. If that fails then the admin did the job proper and closed off zone transfers (many hot-shots seems to miss this one). In this case you’re going to need to query one by one record, eg:

host -t mx domain.com. 196.1.1.3
host -t a http://www.domain.com 196.1.1.3
host -t a sslvpn.domain.com 196.1.1.3

And so forth. As for the internal website, exchange and SBS in general is braindead when it comes to domain and dns handling. Don’t ask me why I say so, it just is. On the LAN you probably just need to find the internal DNS server, and also update the www records on that server to the correct external addresses. Don’t ask. The problem is legit, but once again, too many hotshots that doesn’t use the recommended .local zone for internal domains. Or a sub-zone of their public domain, eg, I use local.uls.co.za for my local LAN, I own uls.co.za, guaranteed that it won’t ever clash with anything.

]]>