?
Solved

nslookup does not work correctly across vlans

Posted on 2008-11-03
3
Medium Priority
?
1,593 Views
Last Modified: 2012-05-05
We are having some issues with DNS but I am not sure where the problem is. We noticed it while doing nslookups. We have multiple vlans. Our servers reside on the 10.3.x.x subnet. Our desktops are on 10.8.x.x. Here is the scenario:

1) When doing an nslookup to resolve dns name to IP address it works everytime from every subnet. For example: nslookup "servername" returns the correct IP address. This works from a server on the 10.3.x.x trying to resolve a 10.3.x.x or a 10.8.x.x. It also works from a desktop on the 10.8.x.x trying to resolve a 10.3.x.x. or a 10.8.x.x.
2) When doing an nslookup to do a reverse lookup (give it an IP and return a dns name) it works going from a 10.3.x.x to a 10.3.x.x or a 10.8.x.x to a 10.3.x.x. For example: nslookup 10.3.1.254 returns "servername.domain.com"
3) When doing an nslookup to do a reverse lookup it does NOT work going from a 10.3.x.x to a 10.8.x.x or from a 10.8.x.x to a 10.8.x.x. When we type nslookup 10.8.99.101 for example we get this response:

*** <one of our DNS servers>.domain.com can't find 10.8.99.101: Non-existent domain

So to summarize doing dns to IP works across all vlans. Doing IP to dns only works when the dns name you are looking for resides on the vlan on which our dns servers reside. Doing IP to dns does not work when the dns name you are looking for resides on a vlan other than the one that the DNS servers reside on.

Any ideas as to what could be going on and how to resolve it? Thanks!
0
Comment
Question by:neptuneit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 23

Accepted Solution

by:
Erik Bjers earned 1000 total points
ID: 22869307
Make sure all your vlans can route properly to your server vlan, then make sure all your computers (INCLUDING SERVERS) are looking at your internal DNS servers and only your internal DNS servers for DNS lookups.  Your DNS servers should then be configured with forwarders or root hints to handle lookups of outside hosts.

After that is verified check your reverse lookup zones.

eb
0
 
LVL 1

Author Comment

by:neptuneit
ID: 22869854
Ok, it looks like there may be an issue with the reverse lookup zones. I can see a bunch of entries but they are all from before we did the vlan implementation. Forgive my inexperience with DNS but I don't quite follow the directory structure. Under the Reverse Lookup Zones I see an entry for 3.10.in-addr.arpa. Underneath this are some numbers (0,1,20,20,220,3,4,5) All of our PCs used to be in the 10.3.3.x, 10.3.4.x, or 10.3.5.x subnets. Under the 3,4,and 5 subfolder I find pointers for all the PCs with what is I assume the last octet of their old IP address. For example We've got a PC that i assume used to have the IP address 10.3.4.11 and there is a pointer under the folder Reverse Lookup Zones -> 3.10.in-addr.arpa ->4->11. (the name of the pointer is 11).

There are no entries from our current infrastructure of 10.8.x.x for PCs.

Some records are updating however, we have a subnet of 10.5.1.x PCs and they are all correct. They have Pointers under the folder Reverse Lookup Zones -> 5.10.in-addr.arpa->1 and these records are being updated currently.
0
 
LVL 1

Author Comment

by:neptuneit
ID: 23099742
We added the 10.8.x.x subnet in our Reverse lookup zones and now it works
0

Featured Post

Video: Liquid Web Managed WordPress Comparisons

If you run run a WordPress, you understand the potential headaches you may face when updating your plugins and themes. Do you choose to update on the fly and risk taking down your site; or do you set up a staging, keep it in sync with your live site and use that to test updates?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
In this article, we’ll look at how to deploy ProxySQL.
This Micro Tutorial will give you a basic overview of Windows DVD Burner through its features and interface. This will be demonstrated using Windows 7 operating system.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question