nslookup can't but browser can !

Quadri, Jay Jay.Quadri at gmk.cwplc.com
Wed Aug 23 11:12:56 UTC 2000 

I have a similar problem, my DNS box (A) only resolves internal names, and
forwards Internet request to an internet DNS box (B), also forwards to other
extranet domestic nameservers (C).  my intranet DNS server has its own hints
file (not the Internic's, I wrote it, only includes my Intranet DNS boxes as
root servers).  ping works at all times, nslookup does not depending on the
forward, if the forwarding is set to:

forward     first ;   I can use nslookup or dig to resolve Domestic names
but not Internet names (C) .
(forward first Checks the cache first before forwarding).

forward   only ;   I can resolve Internet names with nslookup or dig, but
can't resolve other domestic names (C) (forward all request).

Any ideas?

 

-----Original Message-----
From: Kevin Darcy [mailto:kcd at daimlerchrysler.com]
Sent: Wednesday, August 23, 2000 4:52 AM
To: bind-users at isc.org
Subject: Re: nslookup can't but browser can !



1. Does your box use its own hints file, or is it forwarding to your ISP's
nameserver for Internet names?
2. Is your box running BIND?
3. It seems unlikely that "unknown host" would ever be returned legitimately
for
www.yahoo.com. Try setting debug in nslookup, or, if there are better
DNS lookup/troubleshooting tools on NT than nslookup (which is to say,
ANYTHING ELSE), try using them instead. What's the *real* response (RCODE
and
section counts)?



- Kevin
Prashant Ranade wrote:

> hello,
> thanks for taking so much interest
> the setup is as follows :
> the internal network has 192.168.x.x IPs with an NT DNS which has many
> entries in its domain. we have a cisco router with access lists and NAT
> running on it and converting all our internal addresses to the registered
> addresses before they leave the box, and everything is working fine. we
are
> able to browse, send mails, receive mails...
> now on this nt box in its DNS tab in network protocol we have a IP address
of
> our ISPs nameserver. if I run nslookup on this box and point it to itself
by
> saying "server ntbox" (assuming ntbox the name of this nt machine which is
> running DNS) and try to resolve www.yahoo.com I get an answer which I know
is
> from its cache.
> so I then pointed the nslookup to the ISPs nameserver for the same query
> expecting that it will give an non-authoritative answer but it returned
> saying "unknown host"
> if the ISPs dns dosn't know where www.yahoo.com is then where is my dns
> getting the resolution from(other than cache)...
> this confused me totally... all my theries about DNS and browsing have
beed
> proved wrong...
> I did check in browsers preference, advanced, proxies... and there the
radio
> button for "direct connection to internet" is checked.
> so my worry is if sometime the cache of this NT domain nameserver is wiped
> out and if my ISPs nameserver is not able to resolve www.yahoo.com then
the
> whole company will not be able to resolve anything.
> fyi : I checked with the ISP and made it sure that the nameserver address
> which we are using is indeed the name server.
>
> any help in this matter will be appreciated.
> TIA
> Prashant
>
> Joseph S D Yao wrote:
>
> > On Tue, Aug 22, 2000 at 05:26:28PM -0700, Prashant Ranade wrote:
> > > ok..
> > > let me explain somethings first I think my post was not very clear.
> > > I don't have a proxy server at all. we are using NAT so that the
> > > machines can go out on there on and get the content from the web
sites.
> > > so now, without a proxy if nslookup can't resolve the name where the
> > > browser is getting the IP address from
> > > I was haiving a cache for some addresses in the NT DNS. but I tried
> > > browsing the site whos IP address was not there in the cache, I could
> > > browse the site and the record got added to the cache
> > > this is what confused me the most !
> > >
> > > TIA
> > > Prashant
> >
> > How are you using NAT without a proxy?
> >
> > Open up Navigator, go to Edit->Preferences->Advanced->Proxies.  Tell me
> > what you see.  If manual, press View... and tell me what you see in all
> > of the blanks.
> >
> > --
> > Joe Yao                         jsdy at cospo.osis.gov - Joseph S. D. Yao
> > COSPO/OSIS Computer Support                                     EMT-B
> > -----------------------------------------------------------------------
> > This message is not an official statement of COSPO policies.

More information about the bind-users mailing list