Solved

Ping to FQDN resolves ok, but replies are from 127.0.0.1 (localhost)

Posted on 2004-07-30
8
880 Views
Last Modified: 2012-08-13
We had to renumber our Windows 2003 domain.  Exchange server was reregistered with new address in DNS.  All caches were flushed, no local HOSTS files anywhere.  DNS resolves OK, ping initially resolves OK, but echo replies are from localhost.  Eventually resolved by manually recreating the DNS entry, but I'd like to know what happened.  Here are some entries from the command prompt logs; these commands were run on the DNS server, but identical results were obtained from all clients (XP Pro) tested.

C:\>ipconfig /flushdns

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\>nslookup exchange.crec.ifas.ufl.edu
Server:  tangelo.lal.ufl.edu
Address:  10.230.48.200

Name:    exchange.crec.ifas.ufl.edu
Address:  127.227.177.78

C:\>ping exchange.crec.ifas.ufl.edu.

Pinging exchange.crec.ifas.ufl.edu [127.227.177.78] with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.227.177.78:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>ping 128.227.177.78

Pinging 128.227.177.78 with 32 bytes of data:

Reply from 128.227.177.78: bytes=32 time<1ms TTL=128
Reply from 128.227.177.78: bytes=32 time<1ms TTL=128
Reply from 128.227.177.78: bytes=32 time<1ms TTL=128
Reply from 128.227.177.78: bytes=32 time<1ms TTL=128

Ping statistics for 128.227.177.78:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

Needless to say, anyone trying to access Exchange failed.  My question is obvious, I guess -- Why, when DNS appears to resolve properly, does the echo reply come from localhost, rather than the echo target?  If I clear the cache, execute the ping, and immediately look at the DNS cache, I see:

C:\>ipconfig /displaydns

Windows IP Configuration

    1.0.0.127.in-addr.arpa
    ----------------------------------------
    Record Name . . . . . : 1.0.0.127.in-addr.arpa.
    Record Type . . . . . : 12
    Time To Live  . . . . : 0
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    PTR Record  . . . . . : localhost


    exchange.crec.ifas.ufl.edu
    ----------------------------------------
    Record Name . . . . . : exchange.crec.ifas.ufl.edu
    Record Type . . . . . : 1
    Time To Live  . . . . : 3563
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.227.177.78


    localhost
    ----------------------------------------
    Record Name . . . . . : localhost
    Record Type . . . . . : 1
    Time To Live  . . . . : 0
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1

As I said earlier, we made the problem go away by manually deleting and recreating the A record in DNS for Exchange, but making the problem go away isn't really the same as solving it; it's worth 250 points to me to understand what happened.
0
Comment
Question by:mfa073198
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
8 Comments
 
LVL 41

Accepted Solution

by:
stevenlewis earned 250 total points
ID: 11687938
why are you using the loopback address as the ip address? 127.x.x.x is reserverd for loopback
use one of the reservered private ip schemes
Three range of private IP addresses has been selected for the three network class.

For Class A network, 10.0.0.0 - 10.255.255.255 (10/8 prefix) range (For big network that requires a huge pool of 16 million private IP addresses)

For Class B network, 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) range (For medium-sized network that requires 65000 private IP addresses)

For Class C network, 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) range (Commonly used IP range on smaller network for easier addressing of 254 IP addresses. May not necessarily be smaller network but network managed in smaller blocks.)

Beside these, there is Microsoft’s 169.254.0.0 range of default IP addresses that are allocated to systems when they are unable to obtain address from a DHCP server.
0
 
LVL 1

Author Comment

by:mfa073198
ID: 13334210
This question has not been answered by any stretch of the imagination.  I would ask that it be abandoned and no points awarded.
0
 
LVL 41

Expert Comment

by:stevenlewis
ID: 13334416
Personally, I don't care, but
let see here
my first post
08/01/2004 09:48AM EST
result
no feedback from questioner

first admin comment
Date: 01/25/2005 06:07PM EST
result
no feedback from questioner

second admin comment
02/13/2005 10:23AM EST
result
no feedback from questioner

force accept
02/17/2005 07:31AM EST
now we here from questioner
0
 
LVL 1

Author Comment

by:mfa073198
ID: 13335899
What's missing in the answer is an answer.  On 2/13, TheLearnedOne said I had 4 days (that works out to today) to post an objection, which I did.  At this point it's not worth my time to pursue it, so do whatever you want.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
The Need In an Active Directory enviroment, the PDC emulator provide time synchronization for the domain. This is important since Active Directory uses Kerberos for authentication.  By default, if the time difference between systems is off by more …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question