Announcement

Collapse
No announcement yet.

funny nslookup in AD environment clients

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • funny nslookup in AD environment clients

    Hi everyone
    we have windows 2003 server acting as DNS and DC serving few clients.
    the windows 2003 DNS is only for local network for internet stuff we have Bind as our main DNS server.
    so here the ipconfig /all result of windows 2003 server
    Windows IP Configuration

    Host Name . . . . . . . . . . . . : fadserver
    Primary Dns Suffix . . . . . . . : fadcom.pkr
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : fadcom.pkr

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ether
    net NIC
    Physical Address. . . . . . . . . : 00-1B-B9-98-D5-E8
    DHCP Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 172.17.100.206
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 172.17.100.1
    DNS Servers . . . . . . . . . . . : 119.2.61.20
    208.67.222.222
    the nslookup www.google.com on DC displays the following
    Server: UnKnown
    Address: 119.2.61.20
    DNS request timed out.
    timeout was 2 seconds.
    Non-authoritative answer:
    Name: www.l.google.com
    Addresses: 74.125.19.147, 74.125.19.99, 74.125.19.103, 74.125.19.104
    Aliases: www.google.com
    Up to here everything is fine but now when i do nslookup in client the out put as follows
    C:\>nslookup www.google.com
    DNS request timed out.
    timeout was 2 seconds.
    *** Can't find server name for address 172.17.100.206: Timed out
    *** Can't find server name for address 119.2.61.20: Non-existent domain
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Non-authoritative answer:
    Name: www.google.com.fadcom.pkr
    Address: 208.67.216.132
    and below is the ipconfig /all out put of the client
    Windows IP Configuration

    Host Name . . . . . . . . . . . . : support0
    Primary Dns Suffix . . . . . . . : fadcom.pkr
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : fadcom.pkr

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
    Physical Address. . . . . . . . . : 00-E0-4D-32-F0-F4
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 172.17.100.35
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 172.17.100.1
    DNS Servers . . . . . . . . . . . : 172.17.100.206
    119.2.61.20
    208.67.222.222
    i also have configured the server as forwarders
    Any ideas and suggestions to resolve this situation is greatly appreciated
    Thankyou very much

  • #2
    Re: funny nslookup in AD environment clients

    Not entirely sure what you mean.
    BIND is your primary DNS? Is it the latest version or an old one, if this is primary then why do you have the Microsoft one at all?
    It is best to have all servers and clients pointing to either the BIND or the Windows DNS. If they need to forward to the internet then both have areas to set forwarders. I'm confused why you have both?
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: funny nslookup in AD environment clients

      Both DNS servers (119.2.61.20 & 208.67.222.222) are public DNS servers.
      You should use internal DNS servers and configure forwarders to the other addresses.
      Marcel
      Technical Consultant
      Netherlands
      http://www.phetios.com
      http://blog.nessus.nl

      MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
      "No matter how secure, there is always the human factor."

      "Enjoy life today, tomorrow may never come."
      "If you're going through hell, keep going. ~Winston Churchill"

      Comment


      • #4
        Re: funny nslookup in AD environment clients

        If the BIND server is resolving all your external queries then configure all your clients with the MS DNS server, add a forwarder in there to the BIND server.
        Clear both caches just in case, Client and server.
        If the problem still persists, try another forwarder if possible instead of the BIND or enable Root Hints to rule out any possible problem with the BIND server itself.

        Ta
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: funny nslookup in AD environment clients

          The problem is you're mixing up internal and external DNS servers. Here's how I would set it up:

          The DC should point to itself for DNS.

          The clients should point to the DC for DNS.

          The DC should use the BIND server as a forwarder or use the root hint servers.

          The BIND server should use an external DNS server as a forwarder or use the root hint servers.

          Comment


          • #6
            Re: funny nslookup in AD environment clients

            Thankyou everyone
            Originally posted by AndyJG247 View Post
            Not entirely sure what you

            mean.
            BIND is your primary DNS? Is it the latest version

            or an old one, if this is primary then why do you

            have the Microsoft one at all?
            It is best to have all servers and clients pointing

            to either the BIND or the Windows DNS. If they need

            to forward to the internet then both have areas to

            set forwarders. I'm confused why you have

            both?
            Well AndyJG247 BIND DNS is handling request for

            internet address and Windows 2003 DNS is for Domain

            Controller only and i have no idea how to configure

            BIND DNS and windows domain controller without

            windows DNS server. we're using latest BIND

            Originally posted by Dumber
            Both DNS servers (119.2.61.20 & 208.67.222.222) are

            public DNS servers.
            You should use internal DNS servers and configure

            forwarders to the other addresses.
            i have configured forwarder to use 119.2.61.20
            is this what you mean?

            Originally posted by joeqwerty
            The problem is you're mixing up internal and external DNS servers. Here's how I would set it up:

            The DC should point to itself for DNS.

            The clients should point to the DC for DNS.

            The DC should use the BIND server as a forwarder or use the root hint servers.

            The BIND server should use an external DNS server as a forwarder or use the root hint servers.
            okay joeqwerty i'll do as mentioned by you and let you know the result
            Thanks

            Comment

            Working...
            X