Prev: Considering Virtualization
Next: Thin Client in Home
From: shank on 20 Apr 2010 18:26
I submitted my domain to a popular test site and got the below failures. I
googled and tried setting up Open DNS servers, but no joy. How do I go about
resolving the below issues?
thanks

FAILED:
TCP allowed
Checks that all nameservers respond to queries over TCP.
No nameservers respond to queries via TCP. If no nameservers respond to TCP
connections, this means that standard zone transfers (usually for slave DNS
server replication) and most DNSSEC functions will not work. This can cause
difficult to diagnose issues with those protocols. The nameservers that
failed TCP queries are:

FAILED:
Open DNS servers
Ensures that none of the responding nameservers allow open recursion.
Some or all nameservers responded to recursive queries. This should be
addressed as soon as possible. Open DNS servers (i.e. externally facing DNS
servers that answer recursively) increase the chances of cache poisoning,
can degrade performance of your DNS, and can cause your DNS servers to be
used in an attack (read RFC5358 section 4 for recommended nameserver
configuration). The nameservers that responded to recursive queries are:


From: Ace Fekay [MVP - Directory Services, MCT] on 20 Apr 2010 23:32
On Tue, 20 Apr 2010 18:26:05 -0400, "shank" <shank(a)tampabay.rr.com>
wrote:

>I submitted my domain to a popular test site and got the below failures. I
>googled and tried setting up Open DNS servers, but no joy. How do I go about
>resolving the below issues?
>thanks
>
>FAILED:
>TCP allowed
>Checks that all nameservers respond to queries over TCP.
>No nameservers respond to queries via TCP. If no nameservers respond to TCP
>connections, this means that standard zone transfers (usually for slave DNS
>server replication) and most DNSSEC functions will not work. This can cause
>difficult to diagnose issues with those protocols. The nameservers that
>failed TCP queries are:
>
>FAILED:
>Open DNS servers
>Ensures that none of the responding nameservers allow open recursion.
>Some or all nameservers responded to recursive queries. This should be
>addressed as soon as possible. Open DNS servers (i.e. externally facing DNS
>servers that answer recursively) increase the chances of cache poisoning,
>can degrade performance of your DNS, and can cause your DNS servers to be
>used in an attack (read RFC5358 section 4 for recommended nameserver
>configuration). The nameservers that responded to recursive queries are:
>

Are you using OpenDNS, which is a publicly available DNS system
designed to help with spam, or you are just setting up a public DNS
server that you are referring to it as "Open DNS" from your internal
network?

It may also be more beneficial to post your actual domain name to
better help.


Ace

This posting is provided "AS-IS" with no warranties or guarantees and confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
 | 
Pages: 1
Prev: Considering Virtualization
Next: Thin Client in Home