Solved

NSLOOKUP Output

Posted on 2013-01-27
11
932 Views
Last Modified: 2013-01-29
I am trying  the NSLOOKUP, but it gives me the same result either with hostname or IP address:

H:\>nslookup 10.10.10.10
Server:  UnKnown
Address:  10.10.10.11

Name:aaaa.bbb.com
Address: 10.10.10.10

H:\>nslookup 10.10.10.11
Server:  UnKnown
Address:  10.10.10.11

*** UnKnown can't find 10.10.10.11: Non-existent domain
===============
I am not sure the meaning of "Unknow" keyword. I believe it refers to DNS server name that resolved the address, but why it is not showing its name.

Thank you
0
Comment
Question by:jskfan
11 Comments
 
LVL 17

Assisted Solution

by:Lior Karasenti
Lior Karasenti earned 84 total points
ID: 38825869
If reverse DNS for that IP address is not setup correctly, then NSLOOKUP cannot determine the name associated with the IP address.
On Windows Vista/2008, it then says "Default Server: UnKnown".
On earlier Windows versions, it displays the error message "*** Can't find server name for address ...".



http://www.simpledns.com/kb.aspx?kbid=1159
0
 

Author Comment

by:jskfan
ID: 38825875
it resolved the name:
Name:aaaa.bbb.com
Address: 10.10.10.10


But, the server that has resolved it , is Unknown.
why is it showing Unknow ??
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38825889
What is not resolving to a name is the DNS server IP (10.10.10.11) and NOT the name next to the nslookup command.

To confirm type:
nslookup 10.10.10.11

The second nslookup proves this.
0
 

Author Comment

by:jskfan
ID: 38825925
That s what I was asking ...why the DNS server name is showin as Unknow ?
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38825988
Simply because the client - from where you are running the nslookup - is not able to resolve the name.
This can be because of several reasons:
1. It is not available in the resolver cache (on the client)
2. The DNS server does not have an A record for itself (or for the IP 10.10.10.11 if it has several IPs).

The solution can be by ensuring the DNS server has an A record for the IP 10.10.10.11, or the entry is added manually to the hosts file on the machine you are running the nslookup from.
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 39

Assisted Solution

by:footech
footech earned 83 total points
ID: 38826003
See the first response that liorkr gave.  Again, because you don't have a reverse DNS (PTR) record set up for the IP.
0
 

Author Comment

by:jskfan
ID: 38826271
if I ping with -a switch I get the hostname

ping -a 10.10.10.10

Pinging aaaa.bbb.com [10.10.10.10] with 32 bytes of data:
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57

Ping statistics for 10.10.10.10:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms


======================

it is just the DNS server name that does not show up ....
As Msallam said above:
<<2. The DNS server does not have an A record for itself (or for the IP 10.10.10.11 if it has several IPs).
>>

the company does not use Windows DNS, it uses infoblox.
something must have been changed, because I used to get the DNS server name when I run Nslookup against any host in the network
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38826376
On Infoblox (as with most other DNS servers) the A record for the DNS server is auto-created with any DNS zone created (under a view - if you are using DNS views-).

Just to rule out the possibility that the auto-created record is not the one for the IP (10.10.10.11) - assuming that you your Infoblox is configured to listen on more than one IP -; can you add an A record in the hosts file of the affected machine?

You can check - if it is a local issue or not - by replicating the scenario from another machine (preferably on the same subnet) to know if the problem is from the machine itself or is it a common thing.

Let us know about the results.
0
 
LVL 16

Accepted Solution

by:
PaciB earned 83 total points
ID: 38826474
Hi,

It's not about a "A" record... it's about a "PTR" record, of if you prefer a reverse DNS record, that sort of record that associate a name to an IP address (a "A" record associates an IP address to a name).

What NSLOOKUP tries to do before launching your DNS request is just to give your the fqdn name of the dns server it will interrogate. So it takes the IP address of the DNS server and makes a reverse DNS query for this address.
So the first lines in the result that say
"Server:  UnKnown
Address:  10.10.10.11"
just mean that there is no PTR (reverse DNS) record for this IP address 10.10.10.11 and that NSLOOKUP is unable to give you the name of the DNS server... It's not a big deal anyway because PTR records are not a requirement.
The PTR record as nothing to do with the A record as you can have a A record but no PTR...

So even if your DNS server has its own A records in the DNS zone the NSLOOKUP won't be able to resolve 10.10.10.11 to a name because to do that it needs a reverse DNS record (PTR).
As I said, this is not really important. What is important is that NSLOOKUP is able to resolve the query you asked him. The first 2 lines of the NSLOOKUP answer is not important.
0
 
LVL 5

Expert Comment

by:msallam
ID: 38826722
It is as liorkr, footech and Pac1B stated. Thx for pointing it out.

It is the PTR record is the one that maps an IP to a name.
It is a mistake from my end that I stated and built on it what was stated later. I was a bit busy with other stuff.

This (PTR record) is Auto-created too when you create the relevant reverse-lookup zone on Infoblox.

Check if it the same case for other machines as I proposed in the last post.
0
 

Author Closing Comment

by:jskfan
ID: 38834133
Thank you guys
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now