Solved

nslookup can't find my domain or server.

Posted on 2009-06-30
10
1,578 Views
Last Modified: 2012-05-07
Exchange cannot deliver mail to servers that do nslookup.

When I try to do a nslookup it fails on finding the domain.

Up til now, i have had the server  (Wk3) up front directly connected to the internet with 2 nc inside. One receivning DHCP network address xx.xxx.xxx.20 and the other one as 192.168.3.1. running iis, exchange DC1, DNS, DHCP for lan  and internetgateway. Some months ago the servers ARP cache started to mess things up. I think it might have started after installing an update - but I am not sure. After trying to re-install, look for solutions on the internet and so on, I finally decided to put a router between as DHCP and gateway to the internet. I disabled one of the NC on the server and stopped RAS. Now the server is stabile but it will not answer to nslookups from other servers checking for spam. As You can see below, the server is found, but as xxx.local and not the correct xxx.dk. I have tried to put enter a new zone called xxx.dk with the public and the internal ip as hosts creating prt records. The records is created, also the reverse zone for the public domain. Still no answer doing nslookup. Does anyone know how to enter the correct data in DNS and also which services that must be forwarded from the router? And further more do I have to enter another IP (an extra one) on the netcard?

Hope someone can help me.
nslookup xx.xxx.xxx.20

*** Can't find server name for address 192.168.3.1: No response from server

Server:  xxx.local

Address:  192.168.3.10
 

*** xxx.local can't find xx.xxx.xxx.20: Non-existent domain

Open in new window

0
Comment
Question by:xhal99104
  • 5
  • 5
10 Comments
 
LVL 6

Expert Comment

by:danf0x
ID: 24745080
If the router took over for DHCP then it also needs to point to your DNS server as its first lookup.  If you have your ISP's DNS information they will never know about your internal network and it will never do the lookups correctly.
0
 

Author Comment

by:xhal99104
ID: 24796798
How can I do that when my IP is a fixed dhcp given IP address from my ISP? DNS address is also supplied there
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24797138
If you have a router that you can access then you can make the change for your network.  If you have a modem that the ISP supplied then I can understand why you wouldn't be able to change anything.
  If your router is setup to accept dhcp from your ISP that is only for the WAN connection.  Below that section should be for your LAN and you will get to specify the scope and settings for your DHCP and DNS.  If you tell me the type of router you have I can tell you exactly what to do.
0
 

Author Comment

by:xhal99104
ID: 24798432
Thanks - my modem/first router is a ZyXEL P2602HW-D1A in bridge mode - bridging to the second one a linksys wrt54gl with dd-wrt firmware. I have already set the lan settings to use local DNS on the 2k3 server and all lan computers uses the server as first DNS as well as the server it selv.

How does nslookup works? Is it possible to open a port so that nslookup - when trying to nslookup public ip - will be forwarded to the server and have the server answer the request?
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24807758
If you type nslookup in your dos prompt, what does it say your default server is?  From what you are explaining now it seems different than what I was thinking.
  http://support.microsoft.com/kb/200525 is a pretty standard article on how it actually works.
You have three things you need to do in order to get your names working again
 1 you go into your own dns records and create an a record for that IP address, this will allow all the people in your company to resolve to it without a problem.
2 ask your ISP to create a reverse A record for the IP going to the name
3 go to the place you registered your domain name (ex. network solutions) and create an a record for your IP address.
  And just for clarification, Public IP's get their forwarding DNS information from the people that are listed as your domain servers and get there reverse information by the people that own the IP's.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:xhal99104
ID: 24808330
This is what is returned typing nslookup:
nslookup xxx.xxx.xxx.20
*** Can't find server name for address 192.168.3.1: No response from server
Server:  xxx.local
Address:  192.168.3.10
 
*** xxx.local can't find xx.xxx.xxx.20: Non-existent domain

The IP 192.168.3.10 is the server and the 192.168.3.1 is the router.

My ISP is not hosting the DNS hotel for my domain, but do I still have to ask my ISP to create a reverse A record? If so what is supposed to be created? My ISP does not have anything to do with my domain. My DNS hotel automatically creates reverse records on any domain or child domain hosted.
0
 
LVL 6

Accepted Solution

by:
danf0x earned 500 total points
ID: 24813495
The ISP will need to create the reverse for the IP's they own unless you look at arin.net and it shows that your company owns the IP's.
Port 53 is what DNS talks on so if you can't run this command
telnet 192.168.3.1 53
Then that machine is not listening on that NIC for dns queries.
I didn't say that the ISP was hosting the DNS, but the DNS registrar should tell you who makes the public DNS records for your domain.
0
 

Author Comment

by:xhal99104
ID: 24813538
Thanks a lot.

I think you are right about the ISP and I will try to contact them It seems that nslookup on the public net gets my ISP DHCP server as its answer. I will try that before I accept the solution in the first comming days. once again thank you for your time.

Rgds
Michael
0
 
LVL 6

Expert Comment

by:danf0x
ID: 24813586
no problem,
 hope it all works out
0
 

Author Closing Comment

by:xhal99104
ID: 31598313
Thank you for your time. Finally it works, and it was excactly as you described. ISP has now set up reverse DNS for my IP address.

Rgds
Michael
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now