Link to home
Start Free TrialLog in
Avatar of pmoronessbmnh
pmoronessbmnhFlag for United States of America

asked on

Win2k DNS does not resolve one particular external domain

I have had this particular DNS server set up for quite a few years now. Recently, I got some complaints that we could not email one particular external domain. I tried an nslookup on this domain and it will not resolve. I then tried hitting their website and obviously that doesn't work. I went to the DNStools website and tried to resolve the domain name from there. It worked. I have no problem with any other websites or email addresses that I am aware of. Any suggestions on how to resolve this issue?
Avatar of mdcsea
mdcsea

It sounds like your local DNS server (assuming you run one internally) or that of your ISP might have a corrupted or invalid cached entry.

Try purging the cache on your local server and to confirm that it is not your ISP, try resolving the domain in question (or the hostname of their e-mail server) against the ISPs primary and secondary DNS servers.

Hi!

Clear cache on your DNS server, enable Secure Cache against polution option on your server. Go to command prompt and run "ipconfig /flushdns", then run "nslookup" again.

HTH

Toni
Avatar of pmoronessbmnh

ASKER

Thank you for your responses. However, I tried doing the dnscmd /clearcache then ipconfig /flushdns at the command prompt on the server. I still cannot resolve the particular domain. The DNS server is not forwarding and it does have the root hints listed and they are correct. Any other suggestions would be greatly appreciated.
If you ping IP address - what is the answer?
If you ping hostname - what is the answer?
If you nslookup hostname - what is the answer?
When I ping the IP address I get Request timed out.
When I ping the hostname I get Unknown host.
When I nslookup the domain I get DNS request timed out.
                                 timeout was 2 seconds
                             
OK, this is a major problem. You should be at least able to ping IP. This part has nothing to do with hostname resolution.

Another check: go to www.dnsstuff.com scrool down and perform name lookup for this record.

Does it resolve successfuly?

When you do the nslookup, what server are you using as the target?
Have you tried an nslookup using your ISP's DNS server and with what results?
In your earlier post you noted that this DNS server is not forwarding, does that mean it has not forwarders and/or does not do recursive lookups?
Have you tried to actually examine the contents of the cache to confirm it has in fact been cleared?

When I go to DNS stuff and perform a lookup, it does resolve. That is how I was able to find the ip of the domain.
Let's perform few very simple tests.

Enter IP and hostname in hosts file (%systemroot%\system32\drivers\etc). Ping again.

Another test: nslookup hostname anotherDNSserver

I am using my local server as the target.
If I try using the server 192.55.87.207 which is a root server, I also get a DNS request timed out
                                                                                                                        timeout was 2 seconds

Forwarding is not enabled.

My DNS.cache file is only 2kb and only contains the root servers and their corresponding ips.

If it is not a secret can you post this particular FQDN?

Did you try to use forwaders?

Sure, it is sandiego.edu

I have not tried using forwarders. I figure if it has worked for the last few years, there must be something else wrong.

Possible routing issue with my ISP?
I can not say that this is routing issue.

Another two steps tha can be easily performed. Right click your DNS server, select Properties, go to Monitoring tab and perform both test.

Configure your DNS to use forwaders, enter IP of your ISP's DNS servers, clear DNS server cache, clear local cache and try again.
Your DNS server should have been using forwarders all along.

Just to be sure, before you cange the forwarding configuration, can you resolve address for other hostnames/domains outside your network?
I can resolve many hostnames outside of my netowrk. Everyone that I try is fine. Just this one in particular.
It looks like this issue goes deeper than DNS.
If I add in my ISP's (cox) DNS servers under forwarders I can resolve the hostname with nslookup but still cannot ping it.
I am going to check with the ISP on this one. I will post whatever they tell me.
When I ping sandiego.edu Iam pining the IP 192.55.87.130 and I get replies.

Is that same IP you are trying?
Is that the IP you get when you resolve through your ISP's DNS servers?
that is the ip that I get when I do a lookup and I cannot ping the address.

Cox is looking into it.
It looks that something is interfering with ICMP traffic.

Can you telnet to port 25 for this particular server? If yes, dirty quick around would be to actualy set up primary zone for this domain.
ASKER CERTIFIED SOLUTION
Avatar of pmoronessbmnh
pmoronessbmnh
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial