Whah
asked on
Everything 209.62.20.200
It looks like my DNS is being redirected. Anything that is not in my internal DNS pings with this address: 209.62.20.200 All machines except Windows 7.
I've run a virus and malware scan.
I've run a virus and malware scan.
Matt V
Check the hosts file on the machines affected. Also stop the DNS client service on the affected machines.
ASKER
No modifications to the local host file.
I've restarted the DNS Client, no luck.
I've restarted the DNS Client, no luck.
STOP the DNS Client, do not restart it and then try.
ASKER
No luck with stopping the DNS Client.
ASKER
I bounced my DNS server and now the pings don't go out so it must be something on the primary DNS, however, I can't find that IPs reference anywhere.
Pings to domain names or to IPs are not working?
If you ping 4.2.2.2 does it work? If so then it might be DNS.. if that does not work there is another problem.
If you ping 4.2.2.2 does it work? If so then it might be DNS.. if that does not work there is another problem.
ASKER
If I ping anything in my DNS by friendly name I get a valid response. If I ping anything not in my DNS I get the 209.62.20.200 reply.
For example:
ping exchange
Reply from 192.168.150.20: bytes=32 time<1ms TTL=128
ping f
Reply from 209.62.20.200: bytes=32 time=51ms TTL=50
Ping to 4.2.2.2 successful.
Now that the DNS server is up the problem is back.
For example:
ping exchange
Reply from 192.168.150.20: bytes=32 time<1ms TTL=128
ping f
Reply from 209.62.20.200: bytes=32 time=51ms TTL=50
Ping to 4.2.2.2 successful.
Now that the DNS server is up the problem is back.
ASKER
There has to be something in my DNS referencing that IP but I can't find it.
Are You in an NT domain? If Yes, what is it's name? I suspect, Your domain's name is an existing one in sonewhere else...
ASKER
We are in an Active Directory but my sense is that it is poorly set up.
The whois for my domain is correct.
The whois for my domain is correct.
I mean this:
ping x.sedlaw.com
ping anything.sedlaw.com
If Your NT domain would be 'sedlaw.com', and the "append primary and connection specific suffices" is checked (as it is by default), then any DNS name, that You don't qualify with FQDN, gets appended with Your default domain name. If Your DNS server doesn't answer this query, it forwards to it's registered DNS server, and if the DNS zone in question defines the wildchar name (*), then all queries will answer the IP of the zone. In the example, of sedlaw.com.
Check out this URL for potential domain names:
http://www.robtex.com/ip/209.62.20.200.html
ping x.sedlaw.com
ping anything.sedlaw.com
If Your NT domain would be 'sedlaw.com', and the "append primary and connection specific suffices" is checked (as it is by default), then any DNS name, that You don't qualify with FQDN, gets appended with Your default domain name. If Your DNS server doesn't answer this query, it forwards to it's registered DNS server, and if the DNS zone in question defines the wildchar name (*), then all queries will answer the IP of the zone. In the example, of sedlaw.com.
Check out this URL for potential domain names:
http://www.robtex.com/ip/209.62.20.200.html
ASKER
I hope I understand your post correctly.
If I ping f.mydomain.com it resolved to the 209 IP. If I ping mypcname.mydomain.com I get a valid response.
My domain is not on the robtex list.
If I ping f.mydomain.com it resolved to the 209 IP. If I ping mypcname.mydomain.com I get a valid response.
My domain is not on the robtex list.
What is the actual name of Your domain?
Do You get the 209 IP response only for host names not existing in Your domain?
Do You get the 209 IP response only for host names not existing in Your domain?
ASKER
Domain: peelle.com
Internally: dellnt.peelle.com
Yes, I only get the 209 response for host names not on my domain.
Internally: dellnt.peelle.com
Yes, I only get the 209 response for host names not on my domain.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I see it now. THANKS.