Solved

DNS Issue

Posted on 2011-02-21
20
1,069 Views
Last Modified: 2012-05-11
Hey all,

 Having an issue with internal DNS at a client site. Well, I suspect it is a DNS issue.

 SBS 2008 Domain

 Attempting to get to a website 'control.symform.com' - I just get a 404 error. From outside of our network, it works fine with no issues. I have run a dcdiag /fix, all tests passed. I cannot seem to find an issue,

 Anyone have any ideas?

Thanks!
0
Comment
Question by:LindsayCole
20 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34943743

Run this and verify the IP Address you get back is correct (and matches the IP you get when used from outside your network):

NsLookup control.symform.com

If that happens to be your AD / SBS domain name then things get tricky.

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34943816
C:\Users\lcole>nslookup control.symform.com
Server:  spartansbs.spartan.local
Address:  192.168.1.2

Non-authoritative answer:
Name:    control-208587495.us-east-1.elb.amazonaws.com
Address:  184.72.95.238
Aliases:  control.symform.com

---------------

I get the same response when I do it from outside the network..
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34943839

Something is going a bit wrong there then. The 404 response has to come from a web server, and unless you use a Proxy server it's come from the web server for that domain.

Do you use a Proxy?

If not, we're a bit stuck, you could attempt to prove the response comes from there with a packet sniffer, but unless you have some degree of administrative control over the site there's little you can do beyond that.

Chris
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 5

Expert Comment

by:zazagor
ID: 34944000
Have you tried to flush DNS cache:
ipconfig /flushdns

//zaZagor
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944297
Okay, so we do not use a proxy (I'm the Network Admin here).

It isn't a 404 we get, my mistake in saying that.

We get; (in firefox)

Problem Loading Page

Connection Timed Out

The server at control.symform.com is taking too long to respond.
0
 
LVL 24

Expert Comment

by:Mike Thomas
ID: 34944348
So what is happening why you try http://184.72.95.238/ ? load? same error?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34944357

Then perhaps try:

telnet control.symform.com 80

If that doesn't connect, and I suspect it won't there's a networking problem somewhere along the path. That may be local to you, or somewhere in between you and them.

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944399
Mojo: Same error.
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944408
C:\Users\lcole>telnet control.symform.com 80
Connecting To control.symform.com...Could not open connection to the host, on port 80: Connect failed
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944414
What is the best way for me to ascertain if the problem is my network or not?
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34944430

Watch traffic on the borders of your network and see if the request is allowed out.

If it is, you could always try tracert, relies on ICMP, but it may be allowed, and if it is, it may give an indication of where it's breaking down.

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944456
ICMP is blocked on their server. Cannot ping them from anywheres.

How would you watch the borders?
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944473
C:\Users\lcole>tracert control.symform.com

Tracing route to control-208587495.us-east-1.elb.amazonaws.com [184.72.95.238]
over a maximum of 30 hops:

  1    <1 ms     6 ms     9 ms  192.168.1.1
  2    12 ms    10 ms    11 ms  loop0-wda.83w.ba12.hlfx.ns.aliant.net [142.176.50.78]
  3    11 ms    11 ms    12 ms  te-0-2-2-0-301.cr01.hlfx.ns.aliant.net [142.176.53.163]
  4    17 ms    13 ms    11 ms  xe-2-0-0.cr02.drmo.ns.aliant.net [142.166.181.142]
  5     *        *        *     Request timed out.

My ISP is Aliant. Looks like I cannot get out of the ISP's network.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34944480

Your firewalls / routers, do you have logging capabilities there?

You could watch it on the client, but it won't tell you anything that you don't know (i.e. it doesn't work). And since the routers / firewalls will be the last point you get to handle the traffic it would be nice to ensure all is well there.

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34944512
My edge router is unfortunately only a Cisco/Linksys RV042. Not much in the way of logging.
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 34945551

Hmm that does make it a bit tricky.

Well I recommend you run the Tracert command from both sites anyway. Even if the final hop doesn't respond to ICMP it should show you much of the path and that may highlight a problem.

The result from NsLookup proves it's not DNS at fault, so it's either your own network, or a network between you and them. It's not entirely common, but it's far from being unheard of, that the problem might be one of the intermediate service providers.

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34946113
Chris, when you say both sites, you mean from the server that control.symform.com sits on?
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 34949497

On-site and off-site, sorry.

Do you actually manage the web-service at all? Or is it completely unaffiliated with you?

Chris
0
 
LVL 2

Author Comment

by:LindsayCole
ID: 34952194
Offsite:
C:\Windows\system32>tracert control.symform.com

Tracing route to control-208587495.us-east-1.elb.amazonaws.com [184.72.95.238]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  192.168.1.1
  2    49 ms    49 ms    49 ms  142.166.100.89
  3    51 ms    50 ms    91 ms  te-0-4-0-0-200.cr01.stjh.nb.aliant.net [142.166.
211.129]
  4    47 ms    15 ms     7 ms  xe-2-0-0.cr02.stjh.nb.aliant.net [142.166.181.11
0]
  5    51 ms    50 ms    51 ms  te-0-4-1-0.cr01.hlfx.ns.aliant.net [142.166.181.
149]
  6    37 ms    18 ms    51 ms  xe-2-0-0.cr02.drmo.ns.aliant.net [142.166.181.14
2]
  7    71 ms    64 ms    71 ms  xe-2-0-0.bx01.asbn.va.aliant.net [207.231.227.10
]
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed -SNIP-

Onsite:

C:\Users\lcole>tracert control.symform.com

Tracing route to control-208587495.us-east-1.elb.amazonaws.com [184.72.95.238]
over a maximum of 30 hops:

  1     2 ms    <1 ms    <1 ms  192.168.1.1
  2   151 ms    11 ms    11 ms  loop0-wda.83w.ba12.hlfx.ns.aliant.net [142.176.5
0.78]
  3    12 ms    11 ms    11 ms  te-0-2-2-0-301.cr01.hlfx.ns.aliant.net [142.176.
53.163]
  4    15 ms    12 ms    19 ms  xe-2-0-0.cr02.drmo.ns.aliant.net [142.166.181.14
2]
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out. -SNIP-

They are completely unaffiliated with us. A potential offsite backup solution.

I called the ISP today, Bell, and they were completely useless just as I expected them to be. Wouldn't even work with me on this issue.
0
 
LVL 2

Author Closing Comment

by:LindsayCole
ID: 35192281
We never found the solution. However you were very helpful in trying :)
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question