pmoronessbmnh
asked on
Win2k DNS does not resolve one particular external domain
I have had this particular DNS server set up for quite a few years now. Recently, I got some complaints that we could not email one particular external domain. I tried an nslookup on this domain and it will not resolve. I then tried hitting their website and obviously that doesn't work. I went to the DNStools website and tried to resolve the domain name from there. It worked. I have no problem with any other websites or email addresses that I am aware of. Any suggestions on how to resolve this issue?
Hi!
Clear cache on your DNS server, enable Secure Cache against polution option on your server. Go to command prompt and run "ipconfig /flushdns", then run "nslookup" again.
HTH
Toni
Clear cache on your DNS server, enable Secure Cache against polution option on your server. Go to command prompt and run "ipconfig /flushdns", then run "nslookup" again.
HTH
Toni
ASKER
Thank you for your responses. However, I tried doing the dnscmd /clearcache then ipconfig /flushdns at the command prompt on the server. I still cannot resolve the particular domain. The DNS server is not forwarding and it does have the root hints listed and they are correct. Any other suggestions would be greatly appreciated.
If you ping IP address - what is the answer?
If you ping hostname - what is the answer?
If you nslookup hostname - what is the answer?
If you ping hostname - what is the answer?
If you nslookup hostname - what is the answer?
ASKER
When I ping the IP address I get Request timed out.
When I ping the hostname I get Unknown host.
When I nslookup the domain I get DNS request timed out.
timeout was 2 seconds
When I ping the hostname I get Unknown host.
When I nslookup the domain I get DNS request timed out.
timeout was 2 seconds
OK, this is a major problem. You should be at least able to ping IP. This part has nothing to do with hostname resolution.
Another check: go to www.dnsstuff.com scrool down and perform name lookup for this record.
Does it resolve successfuly?
Another check: go to www.dnsstuff.com scrool down and perform name lookup for this record.
Does it resolve successfuly?
When you do the nslookup, what server are you using as the target?
Have you tried an nslookup using your ISP's DNS server and with what results?
In your earlier post you noted that this DNS server is not forwarding, does that mean it has not forwarders and/or does not do recursive lookups?
Have you tried to actually examine the contents of the cache to confirm it has in fact been cleared?
Have you tried an nslookup using your ISP's DNS server and with what results?
In your earlier post you noted that this DNS server is not forwarding, does that mean it has not forwarders and/or does not do recursive lookups?
Have you tried to actually examine the contents of the cache to confirm it has in fact been cleared?
ASKER
When I go to DNS stuff and perform a lookup, it does resolve. That is how I was able to find the ip of the domain.
Let's perform few very simple tests.
Enter IP and hostname in hosts file (%systemroot%\system32\dri vers\etc). Ping again.
Another test: nslookup hostname anotherDNSserver
Enter IP and hostname in hosts file (%systemroot%\system32\dri
Another test: nslookup hostname anotherDNSserver
ASKER
I am using my local server as the target.
If I try using the server 192.55.87.207 which is a root server, I also get a DNS request timed out
timeout was 2 seconds
Forwarding is not enabled.
My DNS.cache file is only 2kb and only contains the root servers and their corresponding ips.
If I try using the server 192.55.87.207 which is a root server, I also get a DNS request timed out
timeout was 2 seconds
Forwarding is not enabled.
My DNS.cache file is only 2kb and only contains the root servers and their corresponding ips.
If it is not a secret can you post this particular FQDN?
Did you try to use forwaders?
Did you try to use forwaders?
ASKER
Sure, it is sandiego.edu
I have not tried using forwarders. I figure if it has worked for the last few years, there must be something else wrong.
Possible routing issue with my ISP?
I have not tried using forwarders. I figure if it has worked for the last few years, there must be something else wrong.
Possible routing issue with my ISP?
I can not say that this is routing issue.
Another two steps tha can be easily performed. Right click your DNS server, select Properties, go to Monitoring tab and perform both test.
Configure your DNS to use forwaders, enter IP of your ISP's DNS servers, clear DNS server cache, clear local cache and try again.
Another two steps tha can be easily performed. Right click your DNS server, select Properties, go to Monitoring tab and perform both test.
Configure your DNS to use forwaders, enter IP of your ISP's DNS servers, clear DNS server cache, clear local cache and try again.
Your DNS server should have been using forwarders all along.
Just to be sure, before you cange the forwarding configuration, can you resolve address for other hostnames/domains outside your network?
Just to be sure, before you cange the forwarding configuration, can you resolve address for other hostnames/domains outside your network?
ASKER
I can resolve many hostnames outside of my netowrk. Everyone that I try is fine. Just this one in particular.
ASKER
It looks like this issue goes deeper than DNS.
If I add in my ISP's (cox) DNS servers under forwarders I can resolve the hostname with nslookup but still cannot ping it.
I am going to check with the ISP on this one. I will post whatever they tell me.
If I add in my ISP's (cox) DNS servers under forwarders I can resolve the hostname with nslookup but still cannot ping it.
I am going to check with the ISP on this one. I will post whatever they tell me.
When I ping sandiego.edu Iam pining the IP 192.55.87.130 and I get replies.
Is that same IP you are trying?
Is that the IP you get when you resolve through your ISP's DNS servers?
Is that same IP you are trying?
Is that the IP you get when you resolve through your ISP's DNS servers?
ASKER
that is the ip that I get when I do a lookup and I cannot ping the address.
Cox is looking into it.
Cox is looking into it.
It looks that something is interfering with ICMP traffic.
Can you telnet to port 25 for this particular server? If yes, dirty quick around would be to actualy set up primary zone for this domain.
Can you telnet to port 25 for this particular server? If yes, dirty quick around would be to actualy set up primary zone for this domain.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Try purging the cache on your local server and to confirm that it is not your ISP, try resolving the domain in question (or the hostname of their e-mail server) against the ISPs primary and secondary DNS servers.