Solved

DNS: I can ping any IP address including various DNS servers. Why can't I resolve IP addresses from hostnames?

Posted on 2003-11-12
19
1,670 Views
Last Modified: 2010-04-14
I have a computer running Windows 2000 Professional. I can browse by IP and ping any IP address but I cannot use nslookup to resolve IP addresses from hostnames. I've tried using my own DNS server and several others. Any suggestions?
0
Comment
Question by:njcalugar
  • 6
  • 4
  • 4
  • +2
19 Comments
 
LVL 2

Expert Comment

by:PaulHieb
Comment Utility
If you have 2000 pro only, (no 2000 server on the LAN) you don't have you're own DNS server. One other thing -- nslookup only looks for DNS host names, not netbios hostnames common to a workgroup.

You might try pinging to hostnames and see what happens. I'm assuming that you're trying to get to shared drives and printers in a workgroup?
0
 

Author Comment

by:njcalugar
Comment Utility
As stated above, I tried using my own DNS Server on my LAN (running on Windows 2000 Advanced Server - but who cares what the DNS Server is running) and other DNS servers outside of the LAN to resolve IP addresses from Fully Qualified DNS hostnames.

I can ping any valid IP address (LAN or Internet) including the DNS Servers outside of the LAN.

If I issue the command "nslookup www.google.com" it responds with:
DNS request timed out.
       timeout was 2 seconds.
*** Can't find server name for address 192.168.1.2: Timed out
DNS request timed out.
       timeout was 2 seconds.
*** Can't find server name for address 68.6.16.30: Timed out
DNS request timed out.
       timeout was 2 seconds.
*** Can't find server name for address 68.2.16.30: Timed out
*** Default servers are not available

The first IP address is the DNS server on my LAN, the other two belong to COX Internet Services.

I've replicated the error with two different NICs.

Thanks,

Nick
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Is your firewall blocking DNS responses?

Does your router have a helper address so that DNS can pass?

Advise.
0
 

Author Comment

by:njcalugar
Comment Utility
I have other clients of various flavors on the LAN using the same DNS Servers.

Thanks,

Nick
0
 
LVL 12

Expert Comment

by:mburdick
Comment Utility
njcalugar,

Your last response didn't answer Netman66's question.

What do you have between you and the Internet, and is it blocking DNS requests from your machine?

Also, have you checked the setting in IE to make sure that no proxy is configured (assuming you don't need one)? Don't even use the "Auto detect".
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Try this:

ipconfig /flushdns

then

ipconfig /registerdns

Advise.
0
 

Author Comment

by:njcalugar
Comment Utility
No firewall blocking on DNS portnumbers...

I am not sure what Netman66 means by a router having a helper address for DNS to pass...i haven't configured the router to do anything special with DNS.

The point of my previous comment was that other clients on the same network segment can resolve IP addresses from Hostnames using any DNS Server.

I'm not bringing IE into the picture yet...just using nslookup.

I will follow Netman66 suggestion in the morning and post the results.

Thanks,

Nick
0
 
LVL 2

Expert Comment

by:PaulHieb
Comment Utility
"The point of my previous comment was that other clients on the same network segment can resolve IP addresses from Hostnames using any DNS Server. "

You can do this on any client via nslookup, pointed at any DNS server? That shouldn't be possible unless all of your clients are registering themselves to an authoritative DNS zone/server on the internet, which is possible, just not that common. And it would be hard to accomplish without strictly configured client machines. (the've got to be pointed to that one, authoritative name server.)

Also, just to point out, the autodetect feature in IE is for proxy settings and yes, don't use it, just wastes time looking for a proxy server.

Also, I think what netman66 was trying to figure out is if your router (still don't know the model) is doing DNS forwarding/proxying, though this isn't a common feature on basic routers. Still for this to hold true as a problem the router would have to be sniffing for DNS traffic from the LAN to ANY server and redirecting it to the server it was configured for. (haven't ever seen this as a feature on any router, and I've worked on most all of them).

Now then, I think we should stop and see what the score here is. What's still working/not working as of all this tinkering and gossip?
0
 
LVL 5

Expert Comment

by:ralonso
Comment Utility
If other machines in the network are able to get DNS responses, obviously there is no problem with your router.
Probably you will have a corrupted dll in your machine.

If you want the easy solution, reinstall the machine.

If you want the technical solution:
get hold of network monitor (or any simmilar software). Start a capture and analyze the traffic. You will see what is really happening.
Alternatively, get filemon and regmon from sysinternals.com. Capture file and registry access during your nslookup process. Try to find any possible problem and compare registry keys with those of a working machine. Copy files from a healthy computer.

good luck
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:njcalugar
Comment Utility
ralonso,

I ran the regmon and filemon utilities as suggested but everything looks fairly close to doing the same on a working machine. is there anything in particular i should look for?

Is there anyway to completely remove the networking components on Windows 2000 and reinstall?

thanks
0
 
LVL 2

Expert Comment

by:PaulHieb
Comment Utility
you can reinitialize the TCP/IP stack using the netsh utility:

http://support.microsoft.com/default.aspx?kbid=299357
0
 

Author Comment

by:njcalugar
Comment Utility
btw

I don't think I mentioned this before but I am able to get a valid IP address, Subnet Mask, Default Gateway, and DNS Servers via DHCP.

thanks
0
 
LVL 2

Expert Comment

by:PaulHieb
Comment Utility
You also might try setting a DNS domain name suffix so that a 'ping hostname' command defaults to hostname.domain.com
0
 
LVL 12

Accepted Solution

by:
mburdick earned 150 total points
Comment Utility
Any chance your machine is not using the router as its *sole* default gateway entry? Check the routing on the machine to be sure there aren't multiple default gateways and such. Also, double-check to be sure that the IP Address places the machine on the proper subnet, and verify that the mask is correct also.

You should also check the Advanced setting of your TCP/IP stack to see if any packet filtering or IPSEC policies have been implemented that might prevent DNS packets from exiting/entering the machine.

Any chance you have any firewall software loaded on this machine? If so, try disabling it...
0
 
LVL 5

Expert Comment

by:ralonso
Comment Utility
try the following command

nslookup <dns_name_of_a_machine_in_your_network> <ipaddress_of_your_dns_server>

If you are not able to connect even to your local dns to resolve names in its local zone just reinstall the protocol.

From network and dial-up connections, check the properties for your network card, remove the tcp/ip protocol from the list

restart the machine and add the protocol again from the same place.

(as mburdick said, make sure that you don't have any firewall software on your machine, and I would eventually scan it for viruses)

If you use regmon and filemon, the problems are usually "access denied", or you will be able to locate registry keys and dll's invoked by your nslookup command, so that you can copy them from a healthy computer.

0
 
LVL 12

Expert Comment

by:mburdick
Comment Utility
Speaking of viruses...

There is at least one known trojan that messes with your DNS settings, and will wreak havoc on your ability to browse many of the search sites. In addition, there are a few "helper" toolbars that folks tend to like to add to their systems that will mess up connectivity. Get yourself a copy of Search & Destroy ...


http://download.com.com/3000-2144-10122137.html?part=104443&subj=dlpage&tag=button

Install it and run it. You might find your problem with that. You may need to use a different machine to download the software if you can't browse correctly on this one.
0
 
LVL 12

Expert Comment

by:mburdick
Comment Utility
So, what was the fix?
0
 

Author Comment

by:njcalugar
Comment Utility
I would like to thank everyone for their help on this issue...

As suggested by mburdick, I looked into the Advanced TCP/IP Settings under the options tab: IP security. Someone had moved the radio button to "Use this IP security policy: Client (Respond Only)". I changed this to "Do not use IPSEC", restarted, and everything seems to be working fine.

Would anyone like to further enlighten me to what this setting does? I looked in Control Panel->Administrative Tools->Local Security Settings and found the description of this security policy to be "Communicate normally (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that server is secured". Why would this affect DNS Requests?

-Thanks
0
 
LVL 5

Expert Comment

by:ralonso
Comment Utility
maybe your server has an IPSec policy as well?

If it had a policy set as "server" (I can't remember the exact term but there is one setting to accept IPSec but not require it), if the client supports IPSec it would try to use it.

Getting the integrated IPSec to work properly has never been an easy task.


0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now