Solved

NS Lookup - Can't find server - Non Existent domain - Win 2000 and Win XP

Posted on 2006-06-22
14
4,917 Views
Last Modified: 2012-06-27
Hello,
Server runnig windows 200
workstaton win xp
Have internet access
all pc's point to internal domain controller 172.10.10.67 for dns
when running nslookup to an external server ice.polar.clearco.com
get error
Can't find server name for address 172.10.10.67: Non existant domain
Default servers are not available
Server: unknown
Address 172.10.10.67
Non- authoritatative answer
Name: ice.polar.clearco.com
Address: 207.162.225.162

I can access the ice.polar.clearco.com. server. I can get everywhere else on the net.
tracert to that server dies out after about 25 hops
0
Comment
Question by:BrooklynQ
  • 4
  • 4
  • 3
  • +1
14 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 16963230
Have you configured reverse lookup zone for your 172.10.10.x subnet.

Their should exist PTR record for 172.10.10.67.

Does your tracert dies after 25 hops for every host. e.g yahoo.com

Or does it happens with this site only.

It is normal for tracert die if it encounters a firewall in route.

try doing tracert to different domains.

0
 

Author Comment

by:BrooklynQ
ID: 16963359
Can you tell me more about the PTR record? How do I create one and why do I need it. What does it do?

nslookup error happens regardless of server.

Tracert is complete to other servers/domains.

This network has been up and running for over 5 years. As far as I know I hvae never seent his error before, but can't say I lkooked for it either.

We are trying to install a new financial app that uses the Ice.polar.clearco.com server for data feed.

Thanks.

Brooklyn
0
 
LVL 3

Expert Comment

by:Chris_Picciotto
ID: 16963387
Try using this site. It has plenty of DNS tools to help you trouble shoot the problem if it's a problem here then then there is nothing you can do about it. If it's fine then your ISP is next on the list if your DNS server is pointing to your ISPs DNS servers.

www.dnsstuff.com
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16963424
Reverse Lookup Zone resolves names for a given IP address.
It contains PTR records which contains the name of a server with its IP address.

>Can't find server name for address 172.10.10.67: Non existant domain

I sugessted you for it since you are getting the above error.
This is how you can configure it.
http://techrepublic.com.com/5100-10879_11-5860903.html#

As for the feeds from Ice.polar...... domain, it seems to be protected with some firewall, which deny ICMP.
This is very common and should not make any problem for you.

If you need to pull data from this site using HTTP only you can do it, even though you cannot reach it using ICMP.
TCP/80 will be open and can be reached.

You can use tracetcp to find out if you can reach it using TCP protocol.
http://heanet.dl.sourceforge.net/sourceforge/tracetcp/tracetcp-0.99.4beta.zip

syntax will be
tracetcp ice.polar.clearco.com:80 -m 30



0
 

Author Comment

by:BrooklynQ
ID: 16963715
Chris - Thanks for the  link- yes it had lots of tools - but which one would be of use?

Prashsax - Thanks for the link - I already created the Rverse lookup zone - but I have no idea what a PTR record is or how to create it or where to put it. Tech republic says...
'"After creating the zone, you need to add pointer resource (PTR) records to the zone. These records associate an IP address with a host name. You can create the PTR records explicitly in the reverse zone, or the DNS console can create the PTR records automatically when you create records in the forward lookup zone."

So do I need one for 172.10.10.67 and my company name dns.me.com?
And one for the ice.polar.clearco.com?

Thanks so much guys - this stuff is like a black hole to me.

0
 
LVL 3

Expert Comment

by:Chris_Picciotto
ID: 16963798
I would use the DNS Lookup tool on the top right to compare against the NSLOOKUP results on your local machine. I would also run the NSLOOKUP from the internal DNS Server as well.

If the DNS Lookup tool on this site can't find the server than it is an External DNS a Resource record problem perhaps.

I don't see firewalls being the issue since DNS servers for the most part are external. If this is supposed to be a publicly accessed site then the Host record would be kept on an external DNS server and not behind a firewall.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:BrooklynQ
ID: 16963867
Chris -  Thanks again, but I'm not following. what am I looking up in the DNS lookup? What type of record is it?
If I type in nslookup ice.polar.clearco.com I get the error messages I mentioned.
If I use the DNS lookup on dnsstuff and use a  A record because it 's the default  0 I get thre responses. And something called DHS transversal. '
But I don't know what I'm looking at - if the answer is there it could hit me on the chin and I wouldn't know it.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16963913
No you do not need to create any record for ice.polar.clearco.com.

It is a external site, and I thought you were able to resolve its IP address.
>Server: unknown
>Address 172.10.10.67
>Non- authoritatative answer
>Name: ice.polar.clearco.com
>Address: 207.162.225.162

All, you had was that nslookup could not resolve the Name of your DNS server.(This is not so serious).

As for tracert, I have already mentioned that it won't be a problem if ICMP is not allowed on it.



0
 

Author Comment

by:BrooklynQ
ID: 16964228
I guess I'm not making myself understood, or I just don't undertand what you guys are telling me.

Network has existed for at least 5 years.
We can get everywhere on the internet.
So we thought.
We are trying to install a financial app from Bear that would feed live data into an Excel spreadsheet.
To do this the PC needs to access ice.polar.clearco.com
It's not doing that.
No messages in the event log.
Server runnig windows 200
workstaton win xp
all pc's point to internal domain controller 172.10.10.67 for dns
when running nslookup to an external server ice.polar.clearco.com
get error
Can't find server name for address 172.10.10.67: Non existant domain
Default servers are not available
Server: unknown
Address 172.10.10.67
Non- authoritatative answer
Name: ice.polar.clearco.com
Address: 207.162.225.162

Nothing odd that we can find, except for the error messages about Server unknown and Non-authoritative answer - which happens on every PC here.
Can I ping, tracert, to ice.polar.clearco.com - yup.
But I can't get this app to work, and Bear blames the error messages you see above. (server unknown and Non-authoritative answer) They claim that the network is improperly configured.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 250 total points
ID: 16964258
Ok.
Now this is a good explanation.

Here is what you need to do.

Most certainly, this application of yours is using some port which is being blocked on firewall.

Firstly, what you can do is to allow access on all port from this machine where application is installed.

Now, if this works then we will try to find out which port exactly it is using and then create appropriate firewall rule.

But, for now try and provide access on all ports for the application.

As, for the error of unknown server, if you have create a reverse lookup zone, just create a PTR record in your DNS server to DNS IP and the error will go away.
0
 
LVL 3

Assisted Solution

by:Chris_Picciotto
Chris_Picciotto earned 250 total points
ID: 16964814
Use the DNS Lookup tool by entering ice.polar.clearco.com and then click lookup. I got the following IP address which means that all looks good on the outside

207.162.225.162
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16965702
Did not read the entire post so sorry if I'm repeating

You only need reverse lookup zone and pointers for your domain.

Create pointers by right clicking on your revers lookup zone and selecting new pointer.

A pointer is the reverse of a host in DNS (IE you have host A with IP 192.168.0.1, your pointer would be 192.168.0.1 is HOST A)


You also need to create forwarders in your DNS so that it can forward external requests to your ISP DNS servers
Create forwarders to your ISP DNS, or 4.2.2.2 (this is a Verizon DNS server that is very up to date and reliable, I would use this one if I were you)

to configure forwarders
http://www.petri.co.il/configure_dns_forwarding.htm

good luck
eb
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now