• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 920
  • Last Modified:

How does ping resolve a hostname but nslookup fails?

I remote into a clients PC at his office.  I can ping the hostname of a device and it returns an IP.  If I do an NSLOOKUP it fails (contacting the local DNS server).  How is this possible?
0
GDavis193
Asked:
GDavis193
  • 5
  • 4
  • 3
  • +1
2 Solutions
 
woolmilkporcCommented:
The hostname is in your local hosts file but not in DNS.

wmp
0
 
emilgasCommented:
is it on the local LAN, because local LAN doesn't really need DNS, it all happens on layer 2 (well some layer 3 too), but once you get out of your local LAN you need some sort of a DNS service. So NSLOOKUP specifically looks up the DNS records and finds the ip. Ping uses arp which is Layer 2. And if your local LAN doesn't have it then default gateway gets involved and so on.

So which is it?
0
 
GDavis193Author Commented:
The host name is NOT in the local HOSTS file.
0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
americanpie3Commented:
try ping -a IP address and see if it returns the host name.

If it is different, go into the DNS server and look in the reverse lookup which hold PTR records.
0
 
GDavis193Author Commented:
@emilgas

So how does this work?  I ping a hostname, it goes out on the wire and the switch broadcasts "which port / IP has the hostname XXXX".  The device then replies back with its IP and hostname confirmation?  

So no DNS query at all?

Yes, this all occures on the local LAN.

0
 
emilgasCommented:
you are right, any time there is a ping your local NIC sends a broadcast arp request, the switch sees it and says who has this mac address by sending the request (as a broadcast) to all the switchports, and finally the NIC that has that IP says hey, that mac address is mine and here is the ip. and responds to the original NIC that send out the request. No DNS involved.

0
 
GDavis193Author Commented:
Ok but how did it resolve the hostname is my question?  I understand the IP to MAC (layer 2 resolution) but not hostname to IP resolution.  
0
 
woolmilkporcCommented:
Does "nslookup hostname" or "nslookup ipaddress" fail?

If only looking up the IP fails this IP is missing in the reverse lookup tables but not in the direct lookup tables.
0
 
emilgasCommented:
Oh... LOL
Hostname resolves because your windows has a built-in Mini DNS that looks at local LAN for computers around it. It would only work on the local LAN and this is a windows feature that's built-in.
I'm not 100% what it's called if it has a specific name for it. But I know it has to do with the Local Service called "DNS Client" that's running on PC.
0
 
GDavis193Author Commented:
Ah cool.. LLMNR seems like the answer.  I wonder why DNS never updated though....

Im about to split up the points but if anyone can chime in on why maybe  LLMNR worked but the DNS server didn't know about this device...

0
 
woolmilkporcCommented:
Why the DNS server didn't know?

Because no one updated it ... ?!?

wmp
0
 
GDavis193Author Commented:
Could be?  I have no idea.  Points for helping with the correct answer... docked some points for being a smart ass :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now