Solved

NSLOOKUP on outlook common name results in unfamiliar public IP Address

Posted on 2013-10-22
17
438 Views
Last Modified: 2013-11-20
When I perform an nslookup on my common name: outlook.domain.com, I get the following.

Non-authoritative answer:
Name:    outlook.domain.com.internaldomain.com
Address:  82.98.86.178

domain.com is my public domain
internaldomain is my internal domain

I do not recognize that IP address.  It points to a SedoParking page.

It is my understanding, the IP address returned should match my 2013 exchange server, but it does not.

On a side note, if a laptop is taken out of the office and a browser is opened, it is redirected to http://sedoparking.com/

Thoughts on how to resolve this??
0
Comment
Question by:ohmErnie
  • 10
  • 5
  • 2
17 Comments
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39591491
Looks like your DNS isn't setup correctly and it is applying the internal DNS name to the FQDN. I presume that you don't own the internal domain?

If you do an nslookup of host.example.com. (note the dot on the end) then you will get the correct result.

If you don't own the internal domain then you should stop using it. Switch everything in Exchange across to the external name via a split DNS system.

http://semb.ee/hostnames

Simon.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39591819
I have created a new forward zone named domain.com

I have created the following records in this zone.

outlook = xxx.xxx.xxx.xxx (internal exhange server)
www = xxx.xxx.xxx.xxx (public ip)

My zones are now:

home.domain.com
domain.com

My nslookup results are the same.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 39592377
A single host name split DNS would probably have been sufficient for your needs.
Did you update Exchange?

Either way, you haven't actually fixed your DNS issue.
How do the clients get their DNS configuration? DHCP? By what? Windows or a router?

If you run ipconfig /all do you have a Connection-Specific DNS Suffix set?

Are you using ONLY AD integrated DNS servers for DNS resolution?

Simon.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39592399
I am currently coexistence 2007/2013.

DNS is provided by Windows DHCP.

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home.local-domain.com
   Description . . . . . . . . . . . : Dell Wireless 1601 802.11 a/g/n Adapter
   Physical Address. . . . . . . . . : 00-1A-6B-0D-51-FD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::11b7:7bb0:97d4:5f03%14(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.10.10.66(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, October 22, 2013 1:50:12 PM
   Lease Expires . . . . . . . . . . : Wednesday, October 30, 2013 1:50:12 PM
   Default Gateway . . . . . . . . . : 10.10.10.1
   DHCP Server . . . . . . . . . . . : 192.9.100.10
   DHCPv6 IAID . . . . . . . . . . . : 369105515
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-5C-9B-8F-F0-1F-AF-1E-09-9B

   DNS Servers . . . . . . . . . . . : 192.9.100.10
                                       192.9.100.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Yes, only AD integrated.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 39593967
Your problem is certainly caused by DNS suffixing.
To diagnose it: Add a trailing "." to your request:

nslookup outlook.domain.com.
instead
of outlook.domain.com

This way, you tell the DNS request NOT to add the DNS suffix.
If this works any better, you will then know that your DNS suffixing is not working as expected. You would then have to configure dns suffixes.
Check these pages
superuser.com/questions/71853/windows-7-not-appending-connection-specific-dns-suffix
http://technet.microsoft.com/en-us/library/cc959611.aspx
and more generally:
https://www.google.com/search?q=site%3Amicrosoft.com+dns+suffixes+%22Windows+7%22

and, to populate DNS suffixes via DHCP:
http://technet.microsoft.com/en-us/library/dd572752%28v=office.13%29.aspx


Some ISP have the (bad) habit to answer unresolved DNS request with a real IP address that works usually ONLY for web browsing. If you enter an incorrect host name in the address bar of a browser, you would then land on a page telling you that the name is incorrect. But this works ONLY for web, not for all protocols.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39594262
My fqdn is home.domain.com

Is this correct...

In Group Policy (Default Domain Policy)...I have under Network/DNS Clients:

Dynamic update - Enabled
Primary DNS suffix - home.domain.com

On DHCP servers...
Option 15 DNS Domain Name set to home.domain.com
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 39594340
Have you, at first, run the nslookup request with a trailing "." to validate the dns suffixes hypothesis?
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39594634
yes.  I added the trailing "." and the nslookup works correctly.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 16

Expert Comment

by:vivigatt
ID: 39594690
OK, so you have to fix your DNS suffixing.
Using DHCP options should be enough.
I personally have set option 15 only, and my hosts are configured to "append primary and connection specific DNS suffixes" only which I think is the default.
Do not set anything manually, do not set any suffix via group policy. You can set DNS suffixing behavior via group policy, but you should NOT use anything else.
Set dhcp option 15, and then disconnect and reconnect a host that gets its IP config via DHCP.
Also, try to find where "internaldomain.com" is set in the client's config and remove it.
Then check that it is working OK.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39594702
If I remove my DNS suffixing from Group Policy, I assume I will then need to add it manually to my servers that are not receiving dhcp request?
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 39594817
I think this will be the case. But you could do it in TCP/IP settings instead of using Group Policy.
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39601804
I removed the DNS suffixing in GP and there is no change.  NSLOOKUP still resolves the common name to the wrong IP unless I put "." at the end.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 39602785
There are other places where the DNS suffixing can be set.
In TCP/IP v4 properties for instance (advanced/DNS).
What do you have there?
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39604090
This is what my DNS settings look like.
Capture1.PNG
0
 
LVL 1

Author Comment

by:ohmErnie
ID: 39604284
A little more additional information.  I read where someone had a similar issue with nslookup resolving to the IP 82.98.86.178 which is sedoparking.com

Our internal domain is home.domain.com.  We used to own domain.com which was the same as our internal and external domain.  Our internal domain is the same (home.domain.com) but our public domain is now different.  The old domain.com is now owned or being held by sedoparking.com.

So my thought is that because our internal domain ends in a .com, it is trying to resolve to the internet.  A related issue is when a laptop user opens IE when not connected to our network, the Intranet page redirects to sedoparking.com

How do I resolve this?
0
 
LVL 1

Accepted Solution

by:
ohmErnie earned 0 total points
ID: 39604320
I resolved the issue by creating new forward lookup zone of domain.com and removed lookup zone home.domain.com.
0
 
LVL 1

Author Closing Comment

by:ohmErnie
ID: 39616210
Resolved issue myself.
0

Featured Post

Why do Marketing keep bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now