Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 512
  • Last Modified:

How do I identify DNS resolves correctley?

Why each time i am getting same DNS resolved IP Address:  67.18.199.2
I tried to debug from CMD got this message.
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 1,  additional = 0

    QUESTIONS:
        84.236.225.220.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  84.236.225.220.in-addr.arpa
        name = MBMUMBXXXXD001DNS001
        ttl = 86400 (1 day)
    AUTHORITY RECORDS:
    ->  236.225.220.in-addr.arpa
        nameserver = MBMUMBXXXXD001DNS002
        ttl = 86400 (1 day)

------------
Default Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84

> sify.com
Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        sify.com.reliancebroadband.co.in, type = A, class = IN
    AUTHORITY RECORDS:
    ->  reliancebroadband.co.in
        ttl = 8929 (2 hours 28 mins 49 secs)
        primary name server = ns1.exchangenext.net
        responsible mail addr = admin.exchangenext.net
        serial  = 2005011921
        refresh = 86400 (1 day)
        retry   = 3600 (1 hour)
        expire  = 604800 (7 days)
        default TTL = 21600 (6 hours)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 2,  additional = 2

    QUESTIONS:
        sify.com.co.in, type = A, class = IN
    ANSWERS:
    ->  sify.com.co.in
        canonical name = com.co.in
        ttl = 10139 (2 hours 48 mins 59 secs)
    ->  com.co.in
        internet address = 67.18.199.2
        ttl = 13912 (3 hours 51 mins 52 secs)
    AUTHORITY RECORDS:
    ->  com.co.in
        nameserver = ns39.hostgator.com
        ttl = 13912 (3 hours 51 mins 52 secs)
    ->  com.co.in
        nameserver = ns40.hostgator.com
        ttl = 13912 (3 hours 51 mins 52 secs)
    ADDITIONAL RECORDS:
    ->  ns39.hostgator.com
        internet address = 67.18.199.2
        ttl = 13804 (3 hours 50 mins 4 secs)
    ->  ns40.hostgator.com
        internet address = 67.18.199.3
        ttl = 13378 (3 hours 42 mins 58 secs)

------------
Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  sify.com.co.in
0
amita_amita
Asked:
amita_amita
  • 5
  • 4
  • 2
1 Solution
 
Hypercat (Deb)Commented:
Not sure what your question is.  The answer you're getting indicates that "sify.com.co.in" is an alias (CNAME or canonical name) for "com.co.in".  The IP address for "com.co.in" is 67.18.199.2.  The odd thing is that 67.18.199.2 is also the IP address of the DNS server named ns39.hostgator.com.  Unless the site you're trying to locate is actually running on that server, the DNS record for that site is incorrectly configured.
0
 
amita_amitaAuthor Commented:
My question is when i am doing nslookup for any web site it is giving the same response and resolve with same ip address 67.18.199.2.
For example nslookup hotmail.com - it is not giving me the correct ip address for hotmail, instead i am getting 67.18.199.2.
0
 
Hypercat (Deb)Commented:
Well, I am not getting that result, but what I am getting is a "Bad Error Value" response on anything I try to resolve from either of those two servers.  If you are using those servers (ns39.hostgator.com and ns40.hostgator.com) as your DNS resolvers or forwarders, then you need to find some other servers to use.  Obviously, they are configured in some way as to prevent response to external queries.  I read something about this having to do with zone transfers, but of course I assume that's not what you're trying to do.  
0
Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
Darius GhassemCommented:
What address do you have in your DNS forwarders? Make sure you have your ISP's DNS servers listed. Can you ping  the websites?
0
 
amita_amitaAuthor Commented:
Yes i am able to ping www.yahoo.com , but it is giving me diffrent IP 87.248.113.14 but when i do nslookup it gives me always 67.18.199.2 . my simple question why it is resolving some other ip which is not the yahoo server ip, and i am able to ping 67.18.199.2. what is this ip means?
Ex:
C:\>ping www.yahoo.com
Pinging www.yahoo-ht3.akadns.net [87.248.113.14] with 32 bytes of data:
Reply from 87.248.113.14: bytes=32 time=176ms TTL=52
Reply from 87.248.113.14: bytes=32 time=174ms TTL=52

Ping statistics for 87.248.113.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 174ms, Maximum = 176ms, Average = 175ms
^C
C:\>nslookup www.yahoo.com
Server:  MBMUMBXXXXD001DNS001
Address:  220.225.236.84
Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  www.yahoo.com.co.in
0
 
Darius GhassemCommented:
I also get this IP address when looking up this www.yahoo.com.co.in. Do you know this site http://www.com.co.in/home.html which seems to be the holder of the Aliase for www.yahoo.com.co.in.
0
 
amita_amitaAuthor Commented:
Sorry for delay,
whatever site address(hotmail,google,usa.net,experts-exchange) lookup gives the same vlaue 67.18.199.2. one more observation if it is ZZZ.com then why reply is comming as ZZZ.com.co.in
I am not able to understand why it is so. is my PC is infected, because every lookup queries gives same result.
can any body explain where is the problem ?

C:\>nslookup www.experts-exchange.com
Server:  MBMUMBXXXXD001DNS002
Address:  220.225.236.85

Non-authoritative answer:
Name:    com.co.in
Address:  67.18.199.2
Aliases:  www.experts-exchange.com.co.in
0
 
Darius GhassemCommented:
If you look in DNS do you have wildcard * listed?
0
 
amita_amitaAuthor Commented:
how will i be able to check wildcard *listed
0
 
Darius GhassemCommented:
Look through your DNS console to see if you have an A record listed for this.
0
 
amita_amitaAuthor Commented:
Kindly close this question.
Not able to understand resolutio.
now  getting correct resolution automatically.
C:\>nslookup www.yahoo.com
Server:  MBMUMXXXXD001DNS006
Address:  124.124.5.141

Non-authoritative answer:
Name:    www-real.wa1.b.yahoo.com
Address:  87.248.113.14
Aliases:  www.yahoo.com, www.wa1.b.yahoo.com
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now