Win2k DNS does not resolve one particular external domain

I have had this particular DNS server set up for quite a few years now. Recently, I got some complaints that we could not email one particular external domain. I tried an nslookup on this domain and it will not resolve. I then tried hitting their website and obviously that doesn't work. I went to the DNStools website and tried to resolve the domain name from there. It worked. I have no problem with any other websites or email addresses that I am aware of. Any suggestions on how to resolve this issue?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

It sounds like your local DNS server (assuming you run one internally) or that of your ISP might have a corrupted or invalid cached entry.

Try purging the cache on your local server and to confirm that it is not your ISP, try resolving the domain in question (or the hostname of their e-mail server) against the ISPs primary and secondary DNS servers.

Toni UranjekConsultant/TrainerCommented:

Clear cache on your DNS server, enable Secure Cache against polution option on your server. Go to command prompt and run "ipconfig /flushdns", then run "nslookup" again.


pmoronessbmnhAuthor Commented:
Thank you for your responses. However, I tried doing the dnscmd /clearcache then ipconfig /flushdns at the command prompt on the server. I still cannot resolve the particular domain. The DNS server is not forwarding and it does have the root hints listed and they are correct. Any other suggestions would be greatly appreciated.
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Toni UranjekConsultant/TrainerCommented:
If you ping IP address - what is the answer?
If you ping hostname - what is the answer?
If you nslookup hostname - what is the answer?
pmoronessbmnhAuthor Commented:
When I ping the IP address I get Request timed out.
When I ping the hostname I get Unknown host.
When I nslookup the domain I get DNS request timed out.
                                 timeout was 2 seconds
Toni UranjekConsultant/TrainerCommented:
OK, this is a major problem. You should be at least able to ping IP. This part has nothing to do with hostname resolution.

Another check: go to scrool down and perform name lookup for this record.

Does it resolve successfuly?

When you do the nslookup, what server are you using as the target?
Have you tried an nslookup using your ISP's DNS server and with what results?
In your earlier post you noted that this DNS server is not forwarding, does that mean it has not forwarders and/or does not do recursive lookups?
Have you tried to actually examine the contents of the cache to confirm it has in fact been cleared?

pmoronessbmnhAuthor Commented:
When I go to DNS stuff and perform a lookup, it does resolve. That is how I was able to find the ip of the domain.
Toni UranjekConsultant/TrainerCommented:
Let's perform few very simple tests.

Enter IP and hostname in hosts file (%systemroot%\system32\drivers\etc). Ping again.

Another test: nslookup hostname anotherDNSserver

pmoronessbmnhAuthor Commented:
I am using my local server as the target.
If I try using the server which is a root server, I also get a DNS request timed out
                                                                                                                        timeout was 2 seconds

Forwarding is not enabled.

My DNS.cache file is only 2kb and only contains the root servers and their corresponding ips.

Toni UranjekConsultant/TrainerCommented:
If it is not a secret can you post this particular FQDN?

Did you try to use forwaders?

pmoronessbmnhAuthor Commented:
Sure, it is

I have not tried using forwarders. I figure if it has worked for the last few years, there must be something else wrong.

Possible routing issue with my ISP?
Toni UranjekConsultant/TrainerCommented:
I can not say that this is routing issue.

Another two steps tha can be easily performed. Right click your DNS server, select Properties, go to Monitoring tab and perform both test.

Configure your DNS to use forwaders, enter IP of your ISP's DNS servers, clear DNS server cache, clear local cache and try again.
Your DNS server should have been using forwarders all along.

Just to be sure, before you cange the forwarding configuration, can you resolve address for other hostnames/domains outside your network?
pmoronessbmnhAuthor Commented:
I can resolve many hostnames outside of my netowrk. Everyone that I try is fine. Just this one in particular.
pmoronessbmnhAuthor Commented:
It looks like this issue goes deeper than DNS.
If I add in my ISP's (cox) DNS servers under forwarders I can resolve the hostname with nslookup but still cannot ping it.
I am going to check with the ISP on this one. I will post whatever they tell me.
When I ping Iam pining the IP and I get replies.

Is that same IP you are trying?
Is that the IP you get when you resolve through your ISP's DNS servers?
pmoronessbmnhAuthor Commented:
that is the ip that I get when I do a lookup and I cannot ping the address.

Cox is looking into it.
Toni UranjekConsultant/TrainerCommented:
It looks that something is interfering with ICMP traffic.

Can you telnet to port 25 for this particular server? If yes, dirty quick around would be to actualy set up primary zone for this domain.
pmoronessbmnhAuthor Commented:
Well, thank you for all of your help in trying to track this one down.

It looks like the ISP was having some routing issues. Everything is working fine now.
They were able to find the issue and get it resolved. I am hoping to get a more detailed answer from their technical team.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.