Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How does ping resolve a hostname but nslookup fails?

Posted on 2011-09-22
13
Medium Priority
?
911 Views
Last Modified: 2012-06-27
I remote into a clients PC at his office.  I can ping the hostname of a device and it returns an IP.  If I do an NSLOOKUP it fails (contacting the local DNS server).  How is this possible?
0
Comment
Question by:GDavis193
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +1
13 Comments
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 36582567
The hostname is in your local hosts file but not in DNS.

wmp
0
 
LVL 11

Expert Comment

by:emilgas
ID: 36582606
is it on the local LAN, because local LAN doesn't really need DNS, it all happens on layer 2 (well some layer 3 too), but once you get out of your local LAN you need some sort of a DNS service. So NSLOOKUP specifically looks up the DNS records and finds the ip. Ping uses arp which is Layer 2. And if your local LAN doesn't have it then default gateway gets involved and so on.

So which is it?
0
 

Author Comment

by:GDavis193
ID: 36582607
The host name is NOT in the local HOSTS file.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 1

Expert Comment

by:americanpie3
ID: 36582618
try ping -a IP address and see if it returns the host name.

If it is different, go into the DNS server and look in the reverse lookup which hold PTR records.
0
 

Author Comment

by:GDavis193
ID: 36582623
@emilgas

So how does this work?  I ping a hostname, it goes out on the wire and the switch broadcasts "which port / IP has the hostname XXXX".  The device then replies back with its IP and hostname confirmation?  

So no DNS query at all?

Yes, this all occures on the local LAN.

0
 
LVL 11

Expert Comment

by:emilgas
ID: 36582712
you are right, any time there is a ping your local NIC sends a broadcast arp request, the switch sees it and says who has this mac address by sending the request (as a broadcast) to all the switchports, and finally the NIC that has that IP says hey, that mac address is mine and here is the ip. and responds to the original NIC that send out the request. No DNS involved.

0
 

Author Comment

by:GDavis193
ID: 36582894
Ok but how did it resolve the hostname is my question?  I understand the IP to MAC (layer 2 resolution) but not hostname to IP resolution.  
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 36582975
Does "nslookup hostname" or "nslookup ipaddress" fail?

If only looking up the IP fails this IP is missing in the reverse lookup tables but not in the direct lookup tables.
0
 
LVL 11

Accepted Solution

by:
emilgas earned 1600 total points
ID: 36583037
Oh... LOL
Hostname resolves because your windows has a built-in Mini DNS that looks at local LAN for computers around it. It would only work on the local LAN and this is a windows feature that's built-in.
I'm not 100% what it's called if it has a specific name for it. But I know it has to do with the Local Service called "DNS Client" that's running on PC.
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 400 total points
ID: 36583106
0
 

Author Comment

by:GDavis193
ID: 36583135
Ah cool.. LLMNR seems like the answer.  I wonder why DNS never updated though....

Im about to split up the points but if anyone can chime in on why maybe  LLMNR worked but the DNS server didn't know about this device...

0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 36583146
Why the DNS server didn't know?

Because no one updated it ... ?!?

wmp
0
 

Author Comment

by:GDavis193
ID: 36583157
Could be?  I have no idea.  Points for helping with the correct answer... docked some points for being a smart ass :)
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question