Skip to main content

nslookup request time out

More
17 years 2 months ago #23401 by monsky
hi to all!

I have a Windows 20003 domain controller. The PDC is
running DNS. DNS seems to be working properly, I can browse and ping
websites, but I just noticed today that when I do an NSLookup I receive
the following error.

C:\>nslookup
Server: server.com
Address: 10.1.2.2

DNS request timed out.
timeout was 2 seconds.
*** Request to server.com timed-out

But........If I try it again immediately, it works.

U:\>nslookup google.com
Server: server.com
Address: 10.1.2.2

Non-authoritative answer:
Name: google.com
Address: 64.233.167.99

This is the case from client machines and domain controllers.

DNS config:

Forwarders Tab:
Forwarders are enabled
Do not use recursion is selected

Advanced Tab:
Disable recursion is not selected.

I'm not sure, if this is actually a problem, how long nslookup has
not been working, and have no Idea why it has recently quit. Any
advice is greatly appreciated.


thnx
More
17 years 2 months ago #23402 by Smurf
Replied by Smurf on topic Re: nslookup request time out
your second query is running a query against an external site which is utilising the forwarder. The first one will query the DNS Server and do a reverse lookup. That all appears to be working because you are getting the ip address of the DNS Server but its not clear if you are getting the DNS name of the server.

What happens when you do a test from the dNS Server ? If you right click on the DNS Server, there is a tab for doing a test.

Cheers

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 2 months ago #23406 by monsky
when i right click on the dns server and run the launch nslookup the error "***can't find server name for address 10.1.2.2: Non-existent domain
Default Server: UnKnown
Address: 10.1.2.2
More
17 years 2 months ago #23407 by Smurf
Replied by Smurf on topic Re: nslookup request time out
Do you have a reverse lookup zone ? Have you tried to restart the DNS Service ? Also, on the DNS Server you can go into the Properties and there is a Tab that allows you to do two tests (think its the monitoring tab but cannot be 100% without looking on our servers at work).

Cheers

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 2 months ago #23410 by pfunix
smurf is correct.. the reason for the time-out is that it doesn't have a rdns: you can do this on MMC

right-click the DNS and create a Reverse-zone. put in the ip of your dns and you should be good. rdns is mostly used for MX, and NS-slaves.. so you should be ok all in all.

-pf
More
17 years 2 months ago #23428 by monsky
sorry i am totally lost. here is my network setup. i have a server 2003 and a Fedora firewall, i am dumb of the dumbest.

gateway.example.com - FC4 with 192.168.0.254
fs1.my2003server.com - DOMAIN NAME with 192.168.0.250

i noticed that when i nslookup from the server 2003, this error appears:

c:\nslookup yahoo.com

server: gateway.example.com
address: 192.168.0.254

DNS request timed out
time out was 2 seconds

at the third time or more
:\nslookup yahoo.com

server: gateway.example.com
address: 192.168.0.254

Non-authoritative answer:
Name: yahoo.com.fs1.my2003server.com
Address: 65.xxx.xx.xxx

i noticed that all of my queries, even yahoo.com, google.com got the same IP Address: 65.xxx.xx.xxx, THE IP ADDRESS of our registered domain! i realized that the domain name my2003server.com i have used to my AD domain is the same to our registered domain name. is there a solution to this or should i re-create my AD.

second thing. regarding the FC4, is it necessary to run the BIND or another DNS aside from the server 2003 DNS?

please enlighten me! :?
Time to create page: 0.133 seconds