Microsoft's nslookup Implementation Problems
Merton Campbell Crockett
m.c.crockett at roadrunner.com
Sun Jun 13 20:00:39 UTC 2010
Recently, I implemented an instance of BIND that provides a "tailored" name services for a private network connection between two organization. This instance of BIND returns responses for a limited portion of our internal name and address space that the other organization is permitted to access. For names and addresses that they are not permitted to access, they are returned responses similar to what our external name servers would return along with the NS records for our external name servers.
Using "dig" I have verified that the correct answers are being returned.
A problem occurs with our Service Desk personnel that have Windows XP based systems. If they use Microsoft's nslookup tool to verify what is being returned to the other organization, they do not get the correct response even when the use "server ns.azsd01.gd-ais.com" to set the default name server to be used. While nslookup claims that it is accessing the correct server, the response received is from the user's stub resolver cache or from our normal internal name servers.
Inspecting the query log on the name server indicates that BIND never services a request from the system running Microsoft's nslookup tool. In addition, using tcpdump in controlled tests, I find that Microsoft's nslookup implementation never sends any requests to any name server that is designated in a "server" command unless it is one of the default name servers that the system would normally use.
At one time, I thought that the following commands worked. However, in recent tests, I've discovered that they are failing as well.
nslookup alliance.gd-ais.com ns.azsd01.gd-ais.com
nslookup alliance.gd-ais.com 10.21.101.2
Obviously, this is going to create a problem when Service Desk personnel need to assist user's at the other organization as they will be unable to verify how domain names and addresses are being resolved for the user.
Microsoft's nslookup is broken. What alternative applications that can be installed and used in a Windows XP environment that will continue to work in a Windows 7 environment after a decision is made to upgrade Windows?
--
Merton Campbell Crockett
m.c.crockett at roadrunner.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100613/be322e28/attachment.html>
More information about the bind-users
mailing list