Solved

NSLOOKUP Output

Posted on 2013-01-27
11
934 Views
Last Modified: 2013-01-29
I am trying  the NSLOOKUP, but it gives me the same result either with hostname or IP address:

H:\>nslookup 10.10.10.10
Server:  UnKnown
Address:  10.10.10.11

Name:aaaa.bbb.com
Address: 10.10.10.10

H:\>nslookup 10.10.10.11
Server:  UnKnown
Address:  10.10.10.11

*** UnKnown can't find 10.10.10.11: Non-existent domain
===============
I am not sure the meaning of "Unknow" keyword. I believe it refers to DNS server name that resolved the address, but why it is not showing its name.

Thank you
0
Comment
Question by:jskfan
11 Comments
 
LVL 17

Assisted Solution

by:Lior Karasenti
Lior Karasenti earned 84 total points
ID: 38825869
If reverse DNS for that IP address is not setup correctly, then NSLOOKUP cannot determine the name associated with the IP address.
On Windows Vista/2008, it then says "Default Server: UnKnown".
On earlier Windows versions, it displays the error message "*** Can't find server name for address ...".



http://www.simpledns.com/kb.aspx?kbid=1159
0
 

Author Comment

by:jskfan
ID: 38825875
it resolved the name:
Name:aaaa.bbb.com
Address: 10.10.10.10


But, the server that has resolved it , is Unknown.
why is it showing Unknow ??
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38825889
What is not resolving to a name is the DNS server IP (10.10.10.11) and NOT the name next to the nslookup command.

To confirm type:
nslookup 10.10.10.11

The second nslookup proves this.
0
 

Author Comment

by:jskfan
ID: 38825925
That s what I was asking ...why the DNS server name is showin as Unknow ?
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38825988
Simply because the client - from where you are running the nslookup - is not able to resolve the name.
This can be because of several reasons:
1. It is not available in the resolver cache (on the client)
2. The DNS server does not have an A record for itself (or for the IP 10.10.10.11 if it has several IPs).

The solution can be by ensuring the DNS server has an A record for the IP 10.10.10.11, or the entry is added manually to the hosts file on the machine you are running the nslookup from.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 39

Assisted Solution

by:footech
footech earned 83 total points
ID: 38826003
See the first response that liorkr gave.  Again, because you don't have a reverse DNS (PTR) record set up for the IP.
0
 

Author Comment

by:jskfan
ID: 38826271
if I ping with -a switch I get the hostname

ping -a 10.10.10.10

Pinging aaaa.bbb.com [10.10.10.10] with 32 bytes of data:
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57
Reply from 10.10.10.10: bytes=32 time=1ms TTL=57

Ping statistics for 10.10.10.10:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms


======================

it is just the DNS server name that does not show up ....
As Msallam said above:
<<2. The DNS server does not have an A record for itself (or for the IP 10.10.10.11 if it has several IPs).
>>

the company does not use Windows DNS, it uses infoblox.
something must have been changed, because I used to get the DNS server name when I run Nslookup against any host in the network
0
 
LVL 5

Assisted Solution

by:msallam
msallam earned 250 total points
ID: 38826376
On Infoblox (as with most other DNS servers) the A record for the DNS server is auto-created with any DNS zone created (under a view - if you are using DNS views-).

Just to rule out the possibility that the auto-created record is not the one for the IP (10.10.10.11) - assuming that you your Infoblox is configured to listen on more than one IP -; can you add an A record in the hosts file of the affected machine?

You can check - if it is a local issue or not - by replicating the scenario from another machine (preferably on the same subnet) to know if the problem is from the machine itself or is it a common thing.

Let us know about the results.
0
 
LVL 16

Accepted Solution

by:
PaciB earned 83 total points
ID: 38826474
Hi,

It's not about a "A" record... it's about a "PTR" record, of if you prefer a reverse DNS record, that sort of record that associate a name to an IP address (a "A" record associates an IP address to a name).

What NSLOOKUP tries to do before launching your DNS request is just to give your the fqdn name of the dns server it will interrogate. So it takes the IP address of the DNS server and makes a reverse DNS query for this address.
So the first lines in the result that say
"Server:  UnKnown
Address:  10.10.10.11"
just mean that there is no PTR (reverse DNS) record for this IP address 10.10.10.11 and that NSLOOKUP is unable to give you the name of the DNS server... It's not a big deal anyway because PTR records are not a requirement.
The PTR record as nothing to do with the A record as you can have a A record but no PTR...

So even if your DNS server has its own A records in the DNS zone the NSLOOKUP won't be able to resolve 10.10.10.11 to a name because to do that it needs a reverse DNS record (PTR).
As I said, this is not really important. What is important is that NSLOOKUP is able to resolve the query you asked him. The first 2 lines of the NSLOOKUP answer is not important.
0
 
LVL 5

Expert Comment

by:msallam
ID: 38826722
It is as liorkr, footech and Pac1B stated. Thx for pointing it out.

It is the PTR record is the one that maps an IP to a name.
It is a mistake from my end that I stated and built on it what was stated later. I was a bit busy with other stuff.

This (PTR record) is Auto-created too when you create the relevant reverse-lookup zone on Infoblox.

Check if it the same case for other machines as I proposed in the last post.
0
 

Author Closing Comment

by:jskfan
ID: 38834133
Thank you guys
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now