Networking
Showing results for 
Search instead for 
Do you mean 

Would really like some help with DNS and NSLOOKUP

Regular Advisor

Would really like some help with DNS and NSLOOKUP

Hi All,

I hope you ppl might be able to help me out here.

I've just done the first phase of our new Windows 2003 server install (new box and new OS). It has Active Directory, DHCP and DNS all running.

My windows 2000 client can log in to the domain, is able to access shared resources, can browse the network, can ping internal machines by name and access the internet...

So far seems ok, I enabled DNS forwarding on he 2003 server to point to our external ISP DNS server to handle queries it can't resolve.

However, when I issue a NSLOOKUP from the client I get this...

C:\>nslookup
*** Can't find server name for address 89.0.3.1: Non-existent domain
*** Default servers are not available
Default Server: UnKnown
Address: 89.0.3.1

The address is the fixed IP address of my windows 2003 server on our network.

When I issue a NSLOOKUP with an external name I get this...

*** Can't find server name for address 89.0.3.1: Non-existent domain
*** Default servers are not available
Server: UnKnown
Address: 89.0.3.1

Non-authoritative answer:
Name: www.google.akadns.net
Address: 216.239.57.99
Aliases: www.google.com.au

Have I stuffed things up royally? Are all my PC DNS queries going out over the Net?

I'm not putting this server into production until I can get this sorted out...

Any ideas appreciated.

-John
2 REPLIES
Honored Contributor

Re: Would really like some help with DNS and NSLOOKUP

Hi,

Have you added a PTR record for the name server's IP address? In other words, have you added the hostname of the Windows 2003 as an entry in the DNS.

You may refer to
http://support.microsoft.com/default.aspx?scid=kb;en-us;200525
for more details.

Regards.
what you do not see does not mean you should not believe
Honored Contributor

Re: Would really like some help with DNS and NSLOOKUP

Do an
IPCONFIG /ALL
on both the 2003 DNS server and the 2000 client.

The client should have the 2003 DNS server configured as it's DNS server in the TCP/IP properties.

The 2003 DNS server's TCP/IP properties should point to itself as DNS server if it is the primary one (AD-integrated can have several "primary" servers, but choose one as your main server).

"Non-Primary" internal 2003 or 2000 DNS servers should have their TCP/IP properties set to point to your main one.

Every client and non-DNS server should point to one of your internal DNS servers.

Only your main DNS server(s) should have forwarding enabled to external server(s).

Prior to doing NSLOOKUP tests, also do a
IPCONFIG /FLUSHDNS
to clear the client cache
If the machine you're doing NSLOOKUP on is also a DNS server do a "Clear Cache" in the DNS admin as the DNS server cache and Windows DNS client cache are two separate things.

This is to ensure that NSLOOKUP does not use a cached entry which the "Non authorative" answer indicates. A client cached entry or DNS cached entry will always get returned first. Then Hosts file, then DNS query.

Also make sure you are not running a software firewall or similar with DNS caching - if so clear that cache also.

The DNS Admin, Properties of the server, Monitor tab, both simple and recursive tests should respond quickly or there is usually a configuration problem.

Inside NSLOOKUP using "set debug" first will return more information.


Cheers,
Rune
//Add this to "OnDomLoad" event