Options
Problem with internal DNS resolving internet names
Alif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
Ok, so I'm trying to complete the practice lab in the MSPressbook page 6-13. When I attempt to perform an nslookup on MSN.com I get the following returned:
*** Can't find server name for address 192.168.1.100: Non-existent domain
Server: UnKnown
Address: 192.168.1.100 (This is the address I statically assigned to my server)
Non-authoritative answer:
Name: us.port.msn.com.nsatc.net
Address: 207.68.173.76
Aliases: MSN.com
Now, since I'm still learning all of this, I could be completely wrong in saying that there is a problem with recursion. For all I know, it could be something entirely different. Here's the troubleshooting I've done already:
Obviously, I'm still able to resolve MSN.com because I configured my server's NIC properties to use my internal DNS server of 192.168.1.100 and two of my ISPs DNS servers. Based on the information returned in nslookup, it's safe to say that my DNS server did not do any of the resolution right? Just to be sure, I went back and deleted my ISP's DNS servers from my NIC's properties and, as expected, I wasn't able to resolve any internet names. Unable to browse the web or ping by web address. Nothing.
I looked at the properties of my DNS server and I see that recursion has not been disabled. I made sure that my server was not a root server by checking for a zone labled "." (nothing like that in my forward lookup zones), and I ran the test under the Monitoring tab in my DNS server's properties. Simple Query and Recursive Query tests came back as "pass".
All the root hints servers are there. I've never touched these so it's assumed to be ok.
What am I doing wrong? I want my internal DNS server to resolve internet names. I'm still learning all this, so my apologies if this is a really stupid question. Maybe I'm just not understanding any of this...
Thanks for your guys' help in advance!
*** Can't find server name for address 192.168.1.100: Non-existent domain
Server: UnKnown
Address: 192.168.1.100 (This is the address I statically assigned to my server)
Non-authoritative answer:
Name: us.port.msn.com.nsatc.net
Address: 207.68.173.76
Aliases: MSN.com
Now, since I'm still learning all of this, I could be completely wrong in saying that there is a problem with recursion. For all I know, it could be something entirely different. Here's the troubleshooting I've done already:
Obviously, I'm still able to resolve MSN.com because I configured my server's NIC properties to use my internal DNS server of 192.168.1.100 and two of my ISPs DNS servers. Based on the information returned in nslookup, it's safe to say that my DNS server did not do any of the resolution right? Just to be sure, I went back and deleted my ISP's DNS servers from my NIC's properties and, as expected, I wasn't able to resolve any internet names. Unable to browse the web or ping by web address. Nothing.
I looked at the properties of my DNS server and I see that recursion has not been disabled. I made sure that my server was not a root server by checking for a zone labled "." (nothing like that in my forward lookup zones), and I ran the test under the Monitoring tab in my DNS server's properties. Simple Query and Recursive Query tests came back as "pass".
All the root hints servers are there. I've never touched these so it's assumed to be ok.
What am I doing wrong? I want my internal DNS server to resolve internet names. I'm still learning all this, so my apologies if this is a really stupid question. Maybe I'm just not understanding any of this...
Thanks for your guys' help in advance!
AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology
BS, Information Technology
Comments
-
Options
blargoe
Member Posts: 4,174 ■■■■■■■■■□
*** Can't find server name for address 192.168.1.100: Non-existent domain
Server: UnKnown
Address: 192.168.1.100 (This is the address I statically assigned to my server)
You'll get this error when you don't have a reverse-lookup zone for your 192.168.1.x. That wouldn't affect your ability to resolve names on the Internet though.
One time I messed up a DNS installation and ended up with the . (root) zone on my DNS server. Since it thought it was authorative for the entire DNS heirarchy, I couldn't resolve anything that wasn't on my server directly. Check that.
Try putting your ISP's DNS servers in the Forwarders tab in your DNS server's properties in the DNS admin tool. Maybe your ISP is blocking you from using DNS servers (the ones in root hints) because they aren't the ISP's DNS servers.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
OptionsAlif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
Yeah, I had already checked to see if my server had a . (root) zone. It doesn't. I tried adding my ISP's DNS servers to the forwarders tab. Still nothing.AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology -
Optionsblargoe
Member Posts: 4,174 ■■■■■■■■■□
Oh sorry, I missed that part about already checking for ".".IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
Optionsblargoe
Member Posts: 4,174 ■■■■■■■■■□
I wonder if your DNS is resolving anything at all. Do you have any other hosts in your internal DNS that you could try to query? Maybe, throw an A record in there, then try to ping that host's name. Even if the host didn't really exist or was offline, when you ping it it would show that it resolved to an IP address, then time out on the ping.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
OptionsAlif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
I wonder if your DNS is resolving anything at all. Do you have any other hosts in your internal DNS that you could try to query? Maybe, throw an A record in there, then try to ping that host's name. Even if the host didn't really exist or was offline, when you ping it it would show that it resolved to an IP address, then time out on the ping.
Yes, through previous labs I had set up a subdomain and delegated it to my secondary DNS server. I've tested the setup by pinging the servers with each other. Internally, everything seems fine and I'm able to resolve internal names.
Oh, I really appreciate your help. I just know that posting here, I'll be able to resolve this eventually
AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology -
Optionsblargoe
Member Posts: 4,174 ■■■■■■■■■□
Physical box or VM?IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
OptionsAlif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
my primary DC and DNS server is on a physical box. My secondary server is on a VM. I also have a client machine running xp pro that's on another physical box.AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology -
OptionsAlif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
I got it working!
Ok, i feel extremely stupid right now. Somehow when I entered the command- netsh interface ip set dns "MyISP" static 192.168.1.100, it erased my Default Gateway....How in the world does that happen?!
I went back to my NIC's properties and manually entered everything again, minus my ISP's DNS servers and viola! Now, my only question is how was I able to browse the internet before, when I had my ISP's DNS servers statically assigned? Maybe I had the default gateway setup at that time. I know I was going back and forth alot between the above command and manually entering my NIC's settings. Either way, I just proved I screwed up somewhere.
I found this out when I just happened to run ipconfig /all and saw that my Default Gateway was blank... What are the chances? Anyway, thanks for helping blargoe. I feel like I just wasted webspace with this thread. BLAH! Back to studying...AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology -
OptionsAlif_Sadida_Ekin
Member Posts: 341 ■■■■□□□□□□
Oh, I also fixed this whole thing:
*** Can't find server name for address 192.168.1.100: Non-existent domain
Server: UnKnown
Address: 192.168.1.100
For some reason I was missing a PTR record for my server in my reverse lookup zone. Just incase anyone was wondering AWS: Solutions Architect Associate, MCSA, MCTS, CIW Professional, A+, Network+, Security+, Project+
BS, Information Technology -
Optionsblargoe
Member Posts: 4,174 ■■■■■■■■■□
Not a waste of space at all. That's the kind of thing I would have completely missed, always a good reminder to go back to the building blocks and check everything. Glad you got it working.IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
