Solved

How do I identify DNS resolves correctley?

Posted on 2008-10-03
11
506 Views
Last Modified: 2009-09-22
Why each time i am getting same DNS resolved IP Address:  67.18.199.2
I tried to debug from CMD got this message.
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 1,  additional = 0

    QUESTIONS:
        84.236.225.220.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  84.236.225.220.in-addr.arpa
        name = MBMUMBXXXXD001DNS001
        ttl = 86400 (1 day)
    AUTHORITY RECORDS:
    ->  236.225.220.in-addr.arpa
        nameserver = MBMUMBXXXXD001DNS002
        ttl = 86400 (1 day)

------------
Default Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84

> sify.com
Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        sify.com.reliancebroadband.co.in, type = A, class = IN
    AUTHORITY RECORDS:
    ->  reliancebroadband.co.in
        ttl = 8929 (2 hours 28 mins 49 secs)
        primary name server = ns1.exchangenext.net
        responsible mail addr = admin.exchangenext.net
        serial  = 2005011921
        refresh = 86400 (1 day)
        retry   = 3600 (1 hour)
        expire  = 604800 (7 days)
        default TTL = 21600 (6 hours)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 2,  additional = 2

    QUESTIONS:
        sify.com.co.in, type = A, class = IN
    ANSWERS:
    ->  sify.com.co.in
        canonical name = com.co.in
        ttl = 10139 (2 hours 48 mins 59 secs)
    ->  com.co.in
        internet address = 67.18.199.2
        ttl = 13912 (3 hours 51 mins 52 secs)
    AUTHORITY RECORDS:
    ->  com.co.in
        nameserver = ns39.hostgator.com
        ttl = 13912 (3 hours 51 mins 52 secs)
    ->  com.co.in
        nameserver = ns40.hostgator.com
        ttl = 13912 (3 hours 51 mins 52 secs)
    ADDITIONAL RECORDS:
    ->  ns39.hostgator.com
        internet address = 67.18.199.2
        ttl = 13804 (3 hours 50 mins 4 secs)
    ->  ns40.hostgator.com
        internet address = 67.18.199.3
        ttl = 13378 (3 hours 42 mins 58 secs)

------------
Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  sify.com.co.in
0
Comment
Question by:amita_amita
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 2
11 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 22637450
Not sure what your question is.  The answer you're getting indicates that "sify.com.co.in" is an alias (CNAME or canonical name) for "com.co.in".  The IP address for "com.co.in" is 67.18.199.2.  The odd thing is that 67.18.199.2 is also the IP address of the DNS server named ns39.hostgator.com.  Unless the site you're trying to locate is actually running on that server, the DNS record for that site is incorrectly configured.
0
 

Author Comment

by:amita_amita
ID: 22637711
My question is when i am doing nslookup for any web site it is giving the same response and resolve with same ip address 67.18.199.2.
For example nslookup hotmail.com - it is not giving me the correct ip address for hotmail, instead i am getting 67.18.199.2.
0
 
LVL 38

Expert Comment

by:Hypercat (Deb)
ID: 22638023
Well, I am not getting that result, but what I am getting is a "Bad Error Value" response on anything I try to resolve from either of those two servers.  If you are using those servers (ns39.hostgator.com and ns40.hostgator.com) as your DNS resolvers or forwarders, then you need to find some other servers to use.  Obviously, they are configured in some way as to prevent response to external queries.  I read something about this having to do with zone transfers, but of course I assume that's not what you're trying to do.  
0
Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22638631
What address do you have in your DNS forwarders? Make sure you have your ISP's DNS servers listed. Can you ping  the websites?
0
 

Author Comment

by:amita_amita
ID: 22641902
Yes i am able to ping www.yahoo.com , but it is giving me diffrent IP 87.248.113.14 but when i do nslookup it gives me always 67.18.199.2 . my simple question why it is resolving some other ip which is not the yahoo server ip, and i am able to ping 67.18.199.2. what is this ip means?
Ex:
C:\>ping www.yahoo.com
Pinging www.yahoo-ht3.akadns.net [87.248.113.14] with 32 bytes of data:
Reply from 87.248.113.14: bytes=32 time=176ms TTL=52
Reply from 87.248.113.14: bytes=32 time=174ms TTL=52

Ping statistics for 87.248.113.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 174ms, Maximum = 176ms, Average = 175ms
^C
C:\>nslookup www.yahoo.com
Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84
Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  www.yahoo.com.co.in
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22642639
I also get this IP address when looking up this www.yahoo.com.co.in. Do you know this site http://www.com.co.in/home.html which seems to be the holder of the Aliase for www.yahoo.com.co.in.
0
 

Author Comment

by:amita_amita
ID: 22679994
Sorry for delay,
whatever site address(hotmail,google,usa.net,experts-exchange) lookup gives the same vlaue 67.18.199.2. one more observation if it is ZZZ.com then why reply is comming as ZZZ.com.co.in
I am not able to understand why it is so. is my PC is infected, because every lookup queries gives same result.
can any body explain where is the problem ?

C:\>nslookup www.experts-exchange.com
Server:  MBMUMBXXXXD001DNS002
Address:  220.225.236.85

Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  www.experts-exchange.com.co.in
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22680065
If you look in DNS do you have wildcard * listed?
0
 

Author Comment

by:amita_amita
ID: 22893963
how will i be able to check wildcard *listed
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22894898
Look through your DNS console to see if you have an A record listed for this.
0
 

Accepted Solution

by:
amita_amita earned 0 total points
ID: 23705912
Kindly close this question.
Not able to understand resolutio.
now  getting correct resolution automatically.
C:\>nslookup www.yahoo.com
Server:  MBMUMXXXXD001DNS006
Address:  124.124.5.141

Non-authoritative answer:
Name:    www-real.wa1.b.yahoo.com
Address:  87.248.113.14
Aliases:  www.yahoo.com, www.wa1.b.yahoo.com
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question