Re: How is DNS resolution working?

From: Ohaya (ohaya_at_N_O_S_P_A_M_cox.net)
Date: 02/27/04 

Date: Thu, 26 Feb 2004 20:35:39 -0500

"Ace Fekay [MVP]" wrote:
>
> In news:O3osOZC$DHA.2432@TK2MSFTNGP09.phx.gbl,
> Ohaya <Ohaya@NO_SPAM.cox.net> posted their thoughts, then I offered mine
>
> > Ace,
> >
> > I should've mentioned this. When we did the ping, we used the FQDN
> > of the host on the external network (e.g., thehost.whatever.com).
> >
> > Since we were using the external host's FQDN, would the ping still
> > have caused the broadcast to the external network for the name?
>
> No, FQDN pings do NOT use broadcasts.
>
> >
> > Or, would it only do this broadcast if we had pinged using the
> > hostname (e.g., thehost)?
>
> Yes
>
> >
> >
> > I just thought about one other aspect about all of this that I'm
> > starting to wonder about that might have a bearing on all of this...
> >
> > This is going to get a bit complicated, so here's what the network
> > config looks like:
> >
> > |
> > |
> > +---- Machine A ---- Switch ----+----
> > | |
> > E | Machine B
> > x----+ [Domain Controller]
> > t |
> > |
> > +--- ExtDNS
> > |
> > |
> >
> > Machine B = Domain Controller (domain name "test.foo.com")
> > Machine A = Member (joined to Windows domain "test.foo.com")
> >
> > ExtDNS = a DNS server on external network, which does DNS for
> > "foo.com"
> > Ext = a machine on the external network (ExtDNS DNS
> > name=ext.test.foo.com)
> >
> > Machine A's IP address is registered in the ExtDNS DNS server, with
> > the name "whatever.test.foo.com".
> >
> > In other words, if you were on machine "Ext", and pinged
> > "whatever.test.foo.com", you would end up pinging the external
> > interface of machine A.
>
> That would make sense.
>
> >
> > Now, we installed Machine B first, and when we installed Win2K on
> > Machine B, we set the machine name as "data" and the domain name as
> > "test.foo.com". In other words the FQDN for machine B from the
> > internal network is "data.test.foo.com".
> >
> > I think, based on a thread i posted awhile ago, that we could've
> > picked just about anything for the domain name (e.g.,
> > joe.whatever.foo), but we just happened to pick "test.foo.com".
> >
> > We then installed Win2K on Machine A (the member server), and we set
> > the machine name as "web", and made it a member of (i.e., we joined
> > it to) domain "test.foo.com". In other words, the FQDN for machine A
> > from the internal network is "web.test.foo.com".
>
> I'm thinking you are providing both DNS addresses (internal and external) on
> the A machine in it's IP properties. Not a good thing. Need to keep it
> consistent.
>
> >
> > If you look in the DNS server on machine B, you'll see that both
> > "web.test.foo.com" and "data.test.foo.com" are registered, and have
> > "192.xx.xx.xx" IP addresses.
> >
> > If you ping "web.test.foo.com" from machine B, it resolves to the
> > internal ("192.xx.xx.xx") IP address of machine A.
> >
> > If you ping "data.test.foo.com" from machine A, it resolves to the IP
> > address of machine B.
> >
> >
> > Again, machine B is the Domain Controller, and also has DNS Server
> > running on it. Machine A is a member server, joined to the domain
> > "test.foo.com" (whose Domain Controller is machine B).
> >
> > Here's where this is going to begin sounding strange...
> >
> > It just happens that on the external network, there is a Windows
> > domain named "foo.com".
> >
> > But, remember, our machine A is joined to the domain for which
> > machine B is the domain controller, not that other Windows domain
> > that is on the external network.
> >
> >
> > I'm probably going to muddle this question, but what I'm wondering is
> > if there is something strange going on with the name resolution when
> > we ping from machine A because we just happen to pick the name of the
> > "internal" Windows domain such that that Windows domain's root
> > ("test.com") is the same as the name of the Windows domain on the
> > external network???
> >
> > Jim
>
> Let us see an ipconfig /all from both machines please.

Ace et al,

My apologies that I couldn't post back earlier. It's been a really long
day :(.

Also, I can't provide the "ipconfig /all" directly, as the systems
involved are on a private lan (i.e., what I termed the "external"
network is really our private corporate network (which in turn is
connected to the open Internet), but I can provide the info from an
"ipconfig /all" that I wrote down today:

Machine A:

NIC1: This is the NIC on Machine A that is physically connected to our
corporate network

IP: 10.5.1.211
Subnet: 255.255.0.0
GWY: 10.5.2.254
DNS: 192.168.1.10
BINDING ORDER: This NIC is at the top of the binding order

NIC2: This is the NIC on Machine A that is physically connected to the
"internal" Ethernet switch

IP: 192.1.1.10
Subnet: 255.255.255.0
GWY: NONE (left empty in Network/TCP properties)
DNS: 192.1.1.11
BINDING ORDER*: BOTTOM

Machine B:

NIC1: This is the NIC on Machine B that is also physically connected to
the "internet" Ethernet switch

IP: 192.1.1.11
Subnet: 255.255.255.0
GWY: NONE (left empty in Network/TCP properties)
DNS: 192.1.1.11

I went and specifically tested today, and from Machine A, I can
successfully ping both Machine A (machine name resolves to 192.1.1.10)
and Machine B (machine name resolves to 192.1.1.11). I think this name
resolution is being properly handled by the DNS server on Machine B
(192.1.1.11).

On this same machine, when I ping any other machine (i.e., name
resolves) on the external network (i.e., our corporate network). In
fact, I can ping (name resolves) any machine on the open Internet (e.g.,
www.yahoo.com resolves).

Having done this testing, contrary to what I was theorizing earlier, I
seriously doubt that the name resolution of machines on the open
Internet is happening via broadcast (I'm pretty sure my company's router
or firewall would've blocked any broadcasts out to the open Internet),
so I'm assuming that name resolution of machines on our corporate
network isn't occurring via broadcast either.

So now, I am STILL very puzzled (maybe even more puzzled than before)
about how this name resolution is occurring at all????

Consider the following:

1) Per your posts, since we are pinging by FQDN, NetBIOS name resolution
(e.g., WINS server, broadcast, and LMHOST) should not be occurring, so

2) The only remaining possibilities are either a DNS server or HOSTS
file.

3) I checked the HOSTS file on Machine A, and there are no entries other
than the default "localhost".

Based on the above, the name resolution when I ping from Machine A using
a FQDN should fail, right?

Jim

Relevant Pages

  • Re: cant configure networking for static IP address
    ... I test the network configuration: ... before doing this first ping the first hop - the default gateway from ... I can't ping the DNS server ... they might only allow dns packets to these ...
    (Debian-User)
  • Re: How is DNS resolution working?
    ... When we did the ping, we used the FQDN ... >> This is going to get a bit complicated, so here's what the network ... >> If you look in the DNS server on machine B, ...
    (microsoft.public.win2000.dns)
  • Re: Cannot get IP address from Router DHCP
    ... > - I can ping both the preferred and alternate DNS servers from the ... > Ethernet adapter Wireless Network Connection: ... > the router by typing its address on a browser but I cannot get to the ... >> What DNS server did you assign? ...
    (microsoft.public.win2000.networking)
  • Re: Ping IP OK, Ping Name Not OK, Internet OK, Internetwork not
    ... >>conected via the network to the switch. ... >>*It can IP ping all other computers OK ... >>computer, either manually in the properties of TCP/IP, or by automatic ... If DNS server addresses are listed when you type the ipconfig ...
    (microsoft.public.windowsxp.network_web)
  • Re: How is DNS resolution working?
    ... When we did the ping, we used the FQDN ... > have caused the broadcast to the external network for the name? ... > Machine A's IP address is registered in the ExtDNS DNS server, ...
    (microsoft.public.win2000.dns)
Loading