DNS Issue. Not able to resolve to one particular domain

Hi Experts,
I have a Windows AD 2012R2 with DNS setup.
When I performed a lookup of the domain formosatwn.com.tw, the result did not lookup to the domain I query for . Instead it lookup to another domain tw.com.sg. Any idea what is the problem? You can try on your 2012R2 DNS and let me know your results


> set type=ns
> formosatwn.com.tw
Server:  oblu-ad.oblu.com.sg
Address:  192.168.2.212

tw.com.sg
        primary name server = bill.ns.cloudflare.com
        responsible mail addr = dns.cloudflare.com
        serial  = 2021821083
        refresh = 10000 (2 hours 46 mins 40 secs)
        retry   = 2400 (40 mins)
        expire  = 604800 (7 days)
        default TTL = 3600 (1 hour)

Dnack
Thanks
>
LVL 1
dnackAsked:
Who is Participating?
 
footechConnect With a Mentor Commented:
I think the results you are seeing are likely because of DNS suffixes that are being appended.  You can see the srchlist in nslookup if you type
set all
If you use set debug you can see the more information on the queries being made.  If you just put a dot at the end of the name you're querying, it won't try appending any suffixes.  For example:
formosatwn.com.tw.
0
 
Sushil SonawaneCommented:
Restart your DNS server service and check.

"formosatwn.com.tw" domain name server pointed to tw.com.sg domain hence showing you above mention result.
0
 
Dave BaldwinFixer of ProblemsCommented:
I get 59.124.65.142 as the public IP address for formosatwn.com.tw.  There is something wrong with your lookup because 192.168.2.212 is not a public IP address, just a local private LAN address.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
dnackAuthor Commented:
Hi footech,

You are right. Currently formosatwn.com.tw. and formosatwn.com.tw without the dot give me a different result. When i lookup a public dns 8.8.8.8 (google) it gave me the same result with or without the dot.
Anything wrong i set on this AD dns what caused this? Pls assist

Hi Dave Baldwin, the 192.168.2.212 is the internal DNS ip.
0
 
dnackAuthor Commented:
Hi Footech,
usually we lookup with dot or without dot ?
0
 
Sushil SonawaneCommented:
you have to perform with out dot
0
 
dnackAuthor Commented:
I will paste the 2 output with dot and without dot

Default Server:  UnKnown
Address:  192.168.2.212

> set debug
> set type=ns
> formosatwn.com.tw
Server:  UnKnown
Address:  192.168.2.212

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        formosatwn.com.tw.contoso.com.sg, type = NS, class = IN
    AUTHORITY RECORDS:
    ->  contoso.com.sg
        ttl = 3600 (1 hour)
        primary name server = ad.contoso.com.sg
        responsible mail addr = hostmaster.contoso.com.sg
        serial  = 27109
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        formosatwn.com.tw.com.sg, type = NS, class = IN
    AUTHORITY RECORDS:
    ->  tw.com.sg
        ttl = 900 (15 mins)
        primary name server = bill.ns.cloudflare.com
        responsible mail addr = dns.cloudflare.com
        serial  = 2021821083
        refresh = 10000 (2 hours 46 mins 40 secs)
        retry   = 2400 (40 mins)
        expire  = 604800 (7 days)
        default TTL = 3600 (1 hour)

------------
tw.com.sg
        ttl = 900 (15 mins)
        primary name server = bill.ns.cloudflare.com
        responsible mail addr = dns.cloudflare.com
        serial  = 2021821083
        refresh = 10000 (2 hours 46 mins 40 secs)
        retry   = 2400 (40 mins)
        expire  = 604800 (7 days)
        default TTL = 3600 (1 hour)
0
 
dnackAuthor Commented:
NSLookup with a Dot

Microsoft Windows [Version 6.2.9200]
(c) 2012 Microsoft Corporation. All rights reserved.

C:\Users\Administrator>nslookup
Default Server:  UnKnown
Address:  192.168.2.212      

> set debug
> set type=ns
> formosatwn.com.tw.
Server:  UnKnown
Address:  192.168.2.212

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 0,  additional = 2

    QUESTIONS:
        formosatwn.com.tw, type = NS, class = IN
    ANSWERS:
    ->  formosatwn.com.tw
        nameserver = dns1.admintec.com.tw
        ttl = 59973 (16 hours 39 mins 33 secs)
    ->  formosatwn.com.tw
        nameserver = dns.formosatwn.com.tw
        ttl = 59973 (16 hours 39 mins 33 secs)
    ADDITIONAL RECORDS:
    ->  dns1.admintec.com.tw
        internet address = 61.222.198.237
        ttl = 59973 (16 hours 39 mins 33 secs)
    ->  dns.formosatwn.com.tw
        internet address = 59.124.65.142
        ttl = 59973 (16 hours 39 mins 33 secs)

------------
Non-authoritative answer:
formosatwn.com.tw
        nameserver = dns1.admintec.com.tw
        ttl = 59973 (16 hours 39 mins 33 secs)
formosatwn.com.tw
        nameserver = dns.formosatwn.com.tw
        ttl = 59973 (16 hours 39 mins 33 secs)

dns1.admintec.com.tw
        internet address = 61.222.198.237
        ttl = 59973 (16 hours 39 mins 33 secs)
dns.formosatwn.com.tw
        internet address = 59.124.65.142
        ttl = 59973 (16 hours 39 mins 33 secs)
>
0
 
footechConnect With a Mentor Commented:
It's not really a question of whether you should usually use a trailing dot or not, because it depends on what you're trying to query.
If you don't want any suffixes appended then you supply the fully qualified domain name (FQDN) with the trailing dot.  I'd say use this when you know the exact record that you want to look up.
If you want to try appending suffixes (usually to just a hostname, which is unqualified) then don't supply a trailing dot.  DNS suffixes are used to essentially make educated guesses about what the FQDN should be.

You should look at your environment and determine whether the suffixes you have configured are appropriate.  You can have connection-specific suffixes which can be set through a NIC's properties or set as a DHCP option, or you can configure them with Group Policy.  Another piece that comes into play is DNS suffix devolution.
An example of this is with the suffix "contoso.com.sg".  It could first try appending "contoso.com.sg", and if no match found, then "com.sg".  The devolution level can also be set with Group Policy.
GP settings can be found under Computer Configuration > Administrative Templates > Network > DNS Client.  Check out the explanations for:
Allow DNS suffix appending to unqualified multi-label names
Primary DNS suffix devolution
Primary DNS suffix devolution level
0
 
dnackAuthor Commented:
Hi Footech.

Actually, my mail server is looking up this dns server to send out emails. It does not return a correct mx record for the domain formosatwn.com.tw. The dot or without dot problem only happen to this domain formosatwn.com.tw. This DNS can resolve other domain and mx record without any problem.

 if it is a suffix issue then i suppose it will have the same problem for other domains. But the screnario is not like this :(
0
 
footechCommented:
Whether it happens for another domain(s) would depend on what records are available.  You saw the nslookup results when querying without a dot that it tried other domains first.  If it hadn't found a match for tw.com.sg it would have kept trying different suffixes.

Tell me what you see when you try to run ping formosatwn.com.tw
I bet you see an incorrect IP, don't you?  Like 104.27.128.55 or 104.27.129.55.

Is your mail server Exchange?
0
 
DrDave242Commented:
Actually, my mail server is looking up this dns server to send out emails. It does not return a correct mx record for the domain formosatwn.com.tw.
What MX record or records does your mail server obtain for formosatwn.com.tw? From here, I get mx.formosatwn.com.tw (118.163.13.37) and mail.formosatwn.com.tw (59.124.65.142).
0
 
DrDave242Commented:
Auto-closing due to inactivity.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.