Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, May 22, 2016 11:38 AM
Hi All,
having an issue with the NSlookup.
For client PC, first two lookup always time out before getting an ip. However, on the DC, it does not have any timeout when looking up for the same address.
Anyone can shed any light?
On Client PC -->
C:\nslookup companyABC.com
Server: nyoDC1.companyABC.com
Address: xx.xxx.xxx.xxx
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: companyABC.com
Addresses: xx.xxx.xxx.xxx
xx.xxx.xxx.xxx
xx.xxx.xxx.xxx
On DC (nyoDC1)-->
C:\nslookup company.com
Server: nyoDC1.company.com
C:\nslookup companyABC.com
Server: localhost
Address: ::1
Name: companyABC.com
Addresses: xx.xxx.xxx.xxx
xx.xxx.xxx.xxx
xx.xxx.xxx.xxx
All replies (6)
Thursday, May 26, 2016 6:26 AM âś…Answered
Hi wdwdwad,
Yes, you're debug shows the client's checking for the authority records for each configured domain suffix, which is expected behaviour.
If you try running the same nslookup command but with a trailing period after the domain name - which is technically the correct format of a fully qualified domain name, you should find the alternate search domains specified are in fact not searched at all. You'll likely also find that the failed lookups (timeouts) will also disappear, as the final authority record indicates the hostname lookup ultimately succeeded.
You might want to check from the client that it can actually reach the nominated DNS servers (indicated in the nslookup -debug results) for the dev domains as the timeouts indicate they're not responding for one reason or another. As a side note, while it could just be the product of the search-and-replace you've done, it does look like you have the same development domain listed twice as a search order suffix.
In any case, if the FQDN format (again, this includes the trailing period) resolves straight away then you don't have any serious issues. That said, the DNS configuration is rather messy:
- The DNS servers should never feature the loopback addresses as DNS server entries (taken from the server ipconfig). Remove the 127.0.0.1 and ::1 entries from the IPv4 and IPv6 DNS settings respectively.
- There's not much value in using more than two or three DNS server IPs in the IPv4 configuration as the time taken to iterate through each means most client application requests will have given up well before the server has returned all results, meaning you're generating extra load for no good reason. Ideally, cut it down to pointing to itself and one other domain controller.
Cheers,
Lain
Sunday, May 22, 2016 1:59 PM
Hi,
Some more diagnostic information might prove useful, though if you're going to blank the IP addresses out (unless they're public IP addresses, I'm not sure what you're hoping to gain from doing that), that's going to leave us in the dark.
The output from the following would help:
- "ipconfig /all" from both the client and the server.
- "dnslookup -debug companyABC.com" from the client.
Also:
- What operating systems are we talking about on the server and client sides?
- Have you checked that TCP port 53 and UDP port 53 are open on the domain controller?
- Have you ensured that you have created the reverse lookup zones for the server IPv4 and IPv6 zones?
One indicator that perhaps not all is set up as it should be is the local result from the domain controller, as once the dcpromo has ended, one of the first things that should be done is to change the loopback reference (127.0.0.1 and ::1) to the actual IPv4 and IPv6 addresses.
Also, if you're not going to set up IPv6 in a usable manner (at least with site-local address if not public) then you're better off disabling it. If your domain controller has a GUI, unbind the IPv6 protocol from the network interface. If you're running Server Core then you have a few options, some easier than others depending on the Windows Server version.
If the domain controller is running Server 2012 R2 Service Core then you can use the Get-NetAdapterBinding and Set-NetAdapterBinding to check and disable the IPv6 binding - which is the best option. If you're running a prior version then it starts getting ugly. You can still unbind IPv6 if you know what you're doing with regedit but most people will elect to choose one of the options covered in this KB article (i.e. either prioritise the IPv4 traffic or straight up disable IPv6).
Cheers,
Lain
Sunday, May 22, 2016 5:18 PM
On your DC, please remove ::1 from being your IPv6 DNS server and make the IP settings automatically configure for IPv6.
For the troubleshooting of your issue, please refer to this thread about similar one where you can find good suggestions: https://social.technet.microsoft.com/Forums/windowsserver/en-US/f8da7378-db99-4e25-a8f9-c6103dd809d4/nslookup-dns-request-timed-out-timeout-was-2-seconds-cant-find-server-name-for-address?forum=winserverDS
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
Monday, May 23, 2016 5:32 AM
Hi wdwdwad,
This kb may help:
"DNS Request Timed Out" Error Message When You Start Nslookup From a Command Line
https://support.microsoft.com/en-us/kb/242906
________________________________________
Best Regards,
Cartman
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected].
Tuesday, May 24, 2016 10:16 AM
hihi
Thanks for the reply:
OS for client is WIn 7.
OS for server is 2012 R2.
How do I know if reverse lookup zones for IPv4 and v6 are created?
client.ipconfig
=========================
Windows IP Configuration
Host Name . . . . . . . . . . . . : ClientPC1
Primary Dns Suffix . . . . . . . : companyABC.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : companyABC.com
dev.domain1
dev.domain1
Wireless LAN adapter Wireless Network Connection 3:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : nyc.rr.com
Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6250 AGN
Physical Address. . . . . . . . . : 64-80-99-76-DB-C0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection 4:
Connection-specific DNS Suffix . : companyABC.com
Description . . . . . . . . . . . : Intel(R) 82579LM Gigabit Network Connection #4
Physical Address. . . . . . . . . : B8-CA-3A-D8-28-5D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.224.3.180(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, April 23, 2016 2:35:56 PM
Lease Expires . . . . . . . . . . : Sunday, May 29, 2016 3:06:40 PM
Default Gateway . . . . . . . . . : 10.224.3.1
DHCP Server . . . . . . . . . . . : 10.224.33.26
DNS Servers . . . . . . . . . . . : 10.224.33.211
10.224.33.21
Primary WINS Server . . . . . . . : 10.224.33.212
Secondary WINS Server . . . . . . : 10.224.33.22
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Citrix Virtual Adapter
Physical Address. . . . . . . . . : 02-50-F2-00-00-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
client.nslookup
=========================
nslookup companyABC.com
Server: DCServer1.companyABC.com
Address: 10.224.33.211
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: companyABC.com
Addresses: 10.88.164.236
10.224.33.211
10.224.46.11
10.88.85.53
10.225.41.31
10.225.41.80
10.225.46.11
10.1.46.11
10.88.168.227
10.224.33.21
10.99.2.222
10.88.172.234
10.88.33.146
10.88.62.234
10.88.33.136
10.63.2.10
10.200.4.233
10.200.4.232
10.1.20.102
10.2.20.26
client.NSlookupDebug
=========================
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
211.33.224.10.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 211.33.224.10.in-addr.arpa
name = DCServer1.companyABC.com
ttl = 1200 (20 mins)
Server: DCServer1.companyABC.com
Address: 10.224.33.211
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.companyABC.com, type = A, class = IN
AUTHORITY RECORDS:
-> companyABC.com
ttl = 3600 (1 hour)
primary name server = DCServer1.companyABC.com
responsible mail addr = admin
serial = 3661565
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 900 (15 mins)
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NXDOMAIN
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.companyABC.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> companyABC.com
ttl = 3600 (1 hour)
primary name server = DCServer1.companyABC.com
responsible mail addr = admin
serial = 3661565
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 900 (15 mins)
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.dev.domain1, type = A, class = IN
AUTHORITY RECORDS:
-> dev.domain1
ttl = 38 (38 secs)
primary name server = testServer1.dev.domain1
responsible mail addr = hostmaster
serial = 46177
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.dev.domain1, type = AAAA, class = IN
AUTHORITY RECORDS:
-> dev.domain1
ttl = 38 (38 secs)
primary name server = testServer1.dev.domain1
responsible mail addr = hostmaster
serial = 46177
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
Got answer:
HEADER:
opcode = QUERY, id = 6, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.dev.domain1, type = A, class = IN
AUTHORITY RECORDS:
-> (root)
ttl = 38 (38 secs)
primary name server = a.root-servers.net
responsible mail addr = nstld.verisign-grs.com
serial = 2016052400
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
Got answer:
HEADER:
opcode = QUERY, id = 7, rcode = NXDOMAIN
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com.dev.domain1, type = AAAA, class = IN
AUTHORITY RECORDS:
-> (root)
ttl = 38 (38 secs)
primary name server = a.root-servers.net
responsible mail addr = nstld.verisign-grs.com
serial = 2016052400
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
Got answer:
HEADER:
opcode = QUERY, id = 8, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 20, authority records = 0, additional = 0
QUESTIONS:
companyABC.com, type = A, class = IN
ANSWERS:
-> companyABC.com
internet address = 10.200.4.233
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.200.4.232
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.1.20.102
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.2.20.26
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.164.236
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.224.33.211
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.224.46.11
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.85.53
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.225.41.31
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.225.41.80
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.225.46.11
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.1.46.11
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.168.227
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.224.33.21
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.99.2.222
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.172.234
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.33.146
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.62.234
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.88.33.136
ttl = 600 (10 mins)
-> companyABC.com
internet address = 10.63.2.10
ttl = 600 (10 mins)
Got answer:
HEADER:
opcode = QUERY, id = 9, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 1, additional = 0
QUESTIONS:
companyABC.com, type = AAAA, class = IN
AUTHORITY RECORDS:
-> companyABC.com
ttl = 3600 (1 hour)
primary name server = DCServer1.companyABC.com
responsible mail addr = admin
serial = 3661565
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 900 (15 mins)
Name: companyABC.com
Addresses: 10.200.4.233
10.200.4.232
10.1.20.102
10.2.20.26
10.88.164.236
10.224.33.211
10.224.46.11
10.88.85.53
10.225.41.31
10.225.41.80
10.225.46.11
10.1.46.11
10.88.168.227
10.224.33.21
10.99.2.222
10.88.172.234
10.88.33.146
10.88.62.234
10.88.33.136
10.63.2.10
server.ipconfig
=========================
Windows IP Configuration
Host Name . . . . . . . . . . . . : DCServer1
Primary Dns Suffix . . . . . . . : companyABC.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sin.companyABC.com
companyABC.com
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . : companyABC.com
Description . . . . . . . . . . . : vmxnet3 Ethernet Adapter
Physical Address. . . . . . . . . : 00-50-56-89-2A-75
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e532:d4c3:e196:855%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.224.33.211(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.224.33.1
DHCPv6 IAID . . . . . . . . . . . : 352342102
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-D2-47-1F-00-50-56-89-2A-75
DNS Servers . . . . . . . . . . . : ::1
10.224.33.211
10.224.33.21
10.88.33.136
10.63.2.10
10.88.33.146
127.0.0.1
Primary WINS Server . . . . . . . : 10.224.33.212
Secondary WINS Server . . . . . . : 10.224.33.22
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.companyABC.com:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : companyABC.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
server.nslookup
=========================
Server: localhost
Address: ::1
Name: companyABC.com
Addresses: 10.88.62.234
10.88.33.136
10.63.2.10
10.200.4.233
10.200.4.232
10.1.20.102
10.2.20.26
10.88.164.236
10.224.33.211
10.224.46.11
10.88.85.53
10.225.41.31
10.225.41.80
10.225.46.11
10.1.46.11
10.88.168.227
10.224.33.21
10.99.2.222
10.88.172.234
10.88.33.146
Thursday, May 26, 2016 5:35 AM
Hi Lain
I have furnished new info in my earlier post.
Any idea from the NSlookup debug?
/wd