Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

NSLOOKUP works but pinging FQDN does not on WIndows 7 machines

Posted on 2013-10-31
6
Medium Priority
?
2,203 Views
Last Modified: 2013-12-03
Hi All

I have a few machines with strange DNS issues that are also intermittent

Issue

Accessing an internal system jira.mydomain.com normally works OK however on occasions some users reports it fails, if we then try and ping jira.mydomain.com from the users machine it says unable to resolve, if I do an nslookup it resolves fine. If you leave it a while it just starts working again.

My own machine has never had an issue yet we are on the same VLAN and have same DNS servers configured

Steps I have checked so far

DNS servers they get are correct
DNS search suffixes are configured
Firewall is disabled
No obvious errors on DNS servers ( AD integrated Zones )

iconfig /flushdns does not fix


Anyone got any ideas, I see a lot of people report the same issue but cant seem to find a conclusive post with a fix
0
Comment
Question by:ncomper
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 24

Expert Comment

by:Sandeshdubey
ID: 39614956
Ensure correct dns setting is set as this http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Check the health of DCs by dcdiag /q and repadmin /replsum.When the issue occur check the event log on workstation and server too for any errors and warning and post the same.

I you have antivirus installed disable the same temporarly.
0
 
LVL 41

Accepted Solution

by:
footech earned 2000 total points
ID: 39619311
For intermittent issues like this it is almost always due to different DNS servers being used (i.e. it works when one server is queried, but doesn't when another one is queried).  This can happen when a client is configured to use a DNS server inside the network as preferred, and an ISP's or other public DNS server as alternate.  Or if the client is using internal DNS servers for both preferred and alternate, if both servers don't have the same records because there is a problem with replication (assuming the use of AD integrated zones like you mentioned you have), or in different environments with zone transfers, etc.  A network capture when the problem is occurring could tell you exactly which DNS server is being queried.  When you did your nslookup queries, did you try multiple servers?
0
 
LVL 5

Author Comment

by:ncomper
ID: 39638687
Thanks

I have been doing some research and it appears that its a client side issue with the DNS resolver, when doing an nslookup the query is always sent to the DNS server (Which works)

When pinging by fqdn it uses the hosts local cache first and this is where I believe its failing and the request never makes it to the DNS server
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 41

Expert Comment

by:footech
ID: 39639147
It's true that nslookup uses its own resolver.
Did you do a network capture during a period when the name can't be resolved?
0
 
LVL 5

Author Comment

by:ncomper
ID: 39659698
No that's my next step thanks
0
 
LVL 5

Author Closing Comment

by:ncomper
ID: 39693879
Thanks, after all that it turned out there was a legacy efficient IP box that some users where querying that was missing some A records
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question