I am having some issues with my network and thought it may have something to
do with DNS as sometimes a machine will no longer ping the domain.
Running a NSlookup I have no issues with the host name only but seem to get
a 2 second time out when using the FQDN, however, all seems fine if I add a
"." at the end of the FQDN.
Checked other forums and they recomended checking PTRs they are all fine.
Just to be clear
NSlookup lcka-mg1
and
NSlookup lcka-mg1.all.edu.lcl.
have no issues
My problem arrises with
NSlookup lcka-mg1.all.edu.lcl (without the . at the end)
I get a DNS request timed out for 2 seconds then resolves????
All are on the same physical 2003 SP2 network.
Has anyone seen this before?
--
CK
Hello Captain,
Nslookup will use the search suffix to devlove the query, hence why the
period works. What is the Primary DNS Suffix and Search Suffix of the
machine you are running this set to? Can you post an ipconfig /all of the
machine you are running this from, please?
Thanks,
--
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCT
Microsoft Certified Trainer
ace...@mvps.RemoveThisPart.org
For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
I am running this IPConfig from the DNS Server itself
Windows IP Configuration
Host Name . . . . . . . . . . . . : LCKA-MG1
Primary Dns Suffix . . . . . . . : all.edu.lcl
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : all.edu.lcl
edu.lcl
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Accelerated AMD PCNet Adapter
Physical Address. . . . . . . . . : 00-50-56-B6-44-C7
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 10.222.4.18
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : 10.222.4.1
DNS Servers . . . . . . . . . . . : 10.222.4.18
10.255.20.20
Primary WINS Server . . . . . . . : 10.222.4.18
Hope this helps?
--
CK
Yes, thank you!
Look in the NIC properties, IP properties, Adv, DNS tab. Please describe
what is checked or selected.
Also, try unchecking " Append parent suffixes of the primary DNS suffix,"
and repeat the test.
Ace
DNS server addresses, in order of use:
10.222.4.18
10.255.20.20
Append primary and connection specific DNS suffixes is selected.
Append parent suffixes of the primary DNS suffix is checked
Register this connection's addresses in DNS is checked
all other options are not selected/checked
unchecked Append parent suffixes of the primary DNS suffix and applied
Tested-
nslookup lcka-mg1.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
DNS request timed out.
timeout was 2 seconds.
Name: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
nslookup lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
DNS request timed out.
timeout was 2 seconds.
Name: lcka-dc2.all.edu.lcl
Address: 10.222.4.13
No change.
This definitely has to do with your search suffix.
Click on "Append these DNS suffixes (in order):" and only put in edu.lcl,
then try it again, but please use nslookup in interactive mode instead of
batch mode the way you've been running it. To run it in interactive mode,
simply type in nslookup and hit <enter>. A bracket ">" prompt comes up. At
the prompt, type in your search string "lcka-dc2.all.edu.lcl" without the
period.
I also would like you to run nslookup with the diagnostic switch. To do
that, type in 'nslookup -d2" and hit enter. Then at the ">" prompt, type in
"lcka-dc2.all.edu.lcl" (without the period) and hit enter again. Post your
results please from when you first typed in "nslookup -d2" please.
You can also use nslookup telling it to not append any search string. Run it
in interactive mode by typing in nslookup, then enter, then type in "set
nodefname," enter, then "lcka-dc2.all.edu.lcl" (no period), and post the
results.
Thanks,
Ace
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Admin.ALL>nslookup
Default Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
> lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
DNS request timed out.
timeout was 2 seconds.
Name: lcka-dc2.all.edu.lcl
Address: 10.222.4.13
> exit
C:\Documents and Settings\Admin.ALL>nslookup -d2
------------
SendRequest(), len 42
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
18.4.222.10.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (79 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
18.4.222.10.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 18.4.222.10.in-addr.arpa
type = PTR, class = IN, dlen = 25
name = lcka-mg1.all.edu.lcl
ttl = 1200 (20 mins)
------------
Default Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
> lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
------------
SendRequest(), len 52
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl.edu.lcl, type = A, class = IN
------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
------------
SendRequest(), len 41
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl, type = A, class = IN
------------
------------
Got answer (57 bytes):
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl, type = A, class = IN
ANSWERS:
-> lcka-dc2.all.edu.lcl
type = A, class = IN, dlen = 4
internet address = 10.222.4.13
ttl = 1200 (20 mins)
------------
Name: lcka-dc2.all.edu.lcl
Address: 10.222.4.13
> set nodefname
> lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
------------
SendRequest(), len 52
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl.edu.lcl, type = A, class = IN
------------
DNS request timed out.
timeout was 2 seconds.
timeout (2 secs)
SendRequest failed
------------
SendRequest(), len 41
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl, type = A, class = IN
------------
------------
Got answer (57 bytes):
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl, type = A, class = IN
ANSWERS:
-> lcka-dc2.all.edu.lcl
type = A, class = IN, dlen = 4
internet address = 10.222.4.13
ttl = 1200 (20 mins)
------------
Name: lcka-dc2.all.edu.lcl
Address: 10.222.4.13
>
Nothing like a good problem to learn something new.
Thanks Ace
--
CK
Yes, an interesting issue. See the section below. You asked it to query "
lcka-dc2.all.edu.lcl", but it queried for "lcka-dc2.all.edu.lcl.edu.lcl"
(look at the 'Questions' section). Apparently it is appending the search
suffix.
> lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
------------
SendRequest(), len 52
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl.edu.lcl, type = A, class = IN
Uncheck append parent suffix again, and re-run nslookup with -d2.
Is there a GPO setting set somewhere to add a suffix?
Ace
However, I added just all.edu.lcl and this seems to have resolved the 2
second time out issue.
Just looking up how to deploy this to all the desktops.
Here is the contents of command window-
------------
SendRequest(), len 56
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl.all.edu.lcl, type = A, class = IN
------------
------------
Got answer (126 bytes):
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion
avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
lcka-dc2.all.edu.lcl.all.edu.lcl, type = A, class = IN
AUTHORITY RECORDS:
-> all.edu.lcl
type = SOA, class = IN, dlen = 44
ttl = 3600 (1 hour)
primary name server = lcka-mg1.all.edu.lcl
responsible mail addr = hostmaster.all.edu.lcl
serial = 419
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
------------
>
Not sure if this is the end of all my troubles or not as you noticed
previously it is still referencing "lcka-dc2.all.edu.lcl.all.edu.lcl"?
--
CK
> previously it is still referencing "lcka-dc2.all.edu.lcl.all.edu.lcl"?
Yea, I see that. Run it again without the -d2 and see how it works.
Ace
C:\Documents and Settings\Admin.ALL>nslookup
Default Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
> lcka-dc2.all.edu.lcl
Server: lcka-mg1.all.edu.lcl
Address: 10.222.4.18
Name: lcka-dc2.all.edu.lcl
Address: 10.222.4.13
>
Looks like my only way to get the clients the same is to use Group Policies
or a reghack.
--
CK
Captain,
See if these links help to guide you with a GPO. Test it in one OU. I'm not
sure if it will remove the current Search Suffix, so test it to make sure
you get the desired results.
How to configure a domain suffix search list on the Domain Name System
clients
http://support.microsoft.com/kb/275553
http://technet.microsoft.com/en-us/library/bb847901.aspx
How to Configure the DNS Suffix Search List for a Disjoint Namespace
Ace