mig1980MemberMay 4, 2017 at 11:04 am #166995
Good day everyone. A have a question. My DNS seems to be working correctly but I noticed an issue that I can’t seem to find an answer to.
If I run nslookup from any of my servers in the environment attaching an external DNS server to the lookup, it resolves the non-authoritative answer by appending my internal domain to the name and giving 127.0.53.53 as the address.
C:>nslookup http://www.google.com 220.127.116.11
Name: google.com.internal.domain (where internal.domain is my internal domain)
The above nslookup resolves correctly if I do not enter a DNS server IP. It also doesn’t matter what external DNS IP I use in the lookup. They all resolve the same as above.
Any ideas what the issue could be here?
I setup Forwarders on both of my DNS (Domain Controller) servers leveraging my ISP external DNS servers and Google’s public DNS (18.104.22.168) as a third option. I also have all of my clients pointing DNS to my internal DNS servers.May 4, 2017 at 12:39 pm #271481
nslookup will automatically append the DNS suffix list to the queries and will return the first response. If you want it to not use the suffix you can either specify a dot ( . ) at the end of the DNS name or use the -nosearch parameter. e.g.
nslookup http://www.google.com. 22.214.171.124
nslookup -nosearch http://www.google.com 126.96.36.199
kuvainMemberMay 4, 2017 at 3:35 pm #385494
Interesting. So this is common and isn’t actually showing signs of something being wrong in our DNS configuration?
joeqwertyModeratorMay 5, 2017 at 8:31 pm #304601
nslookup does this when you submit a query that isn’t fully qualified. If you submit a query that is fully qualified than you won’t experience this behavior.
Fully qualified query = http://www.google.com.
Not fully qualified query = http://www.google.com
Notice the . at the end? That’s what makes it a fully qualified query. We don’t usually consider or think about the . at the end because most DNS resolvers take care of it for us without needing us to actually type it. Nslookup doesn’t take care of this for us and expects us to type it.May 8, 2017 at 9:07 am #271483joeqwerty;n510516 wrote:Nslookup doesn’t take care of this for us and expects us to type it.
Not exactly true. nslookup does take care of this for us and that is why we get results when running the command without specifying the root. The issue comes when there is a result from the search list that you don’t necessarily want. The list gets quired first before appending the root so if there is an answer returned to one in the list (like a wildcard record) then it stops the searching and returns the results, never getting to the actual query you wanted to make.
You must be logged in to reply to this topic.