Re: nslookup - sometimes working, sometimes get a time out

From: Herb Martin (news_at_LearnQuick.com)
Date: 02/25/05 

Date: Fri, 25 Feb 2005 14:03:42 -0600

"aks" <aks@discussions.microsoft.com> wrote in message
news:8A2676DB-6679-4628-BBCB-397C22F94B30@microsoft.com...
> Hi Herb:
>
> Yeah I understand your hint. But increasing the timeout has same results,
> sometimes I get back a result for nslookup, sometimes don't.

It was NOT a solution but a technique for clarifying
the actual problem so you don't have a "timeout" issue
but a FAILURE issue on some server.

> Wanted to add, I have reverse lookup zone configured on only one
server/box
> - same behavior is observed on all 3 systems.

Reverse zones are irrelevant to forward zone problems
(except for the bogus nslookup error which should be
ignored.)

Ok, go through EACH DNS server your client has
configured trying the same request:

    nslookup -time=20 name.dom.com 192.168.50.1

    nslookup -time=20 name.dom.com 192.168.50.4

    nslookup -time=20 name.dom.com 192.168.50.9

Look at EACH one and see which one fails.

Also note: Internal machines must use ONLY the
internal DNS servers.

Some people mistakenly try to stick an external (ISP)
DNS server in the client NIC settings.

This is true for DNS servers and DCs ALSO. 

-- 
Herb Martin
> "Herb Martin" wrote:
>
> > "aks" <aks@discussions.microsoft.com> wrote in message
> > news:35C2EC11-374F-4E1E-9B24-528240663C53@microsoft.com...
> > > Can anyone help me understand this:
> > >
> > > At times nslookup <hostname>  or nslookup <ip of host> seems to work
fine,
> > > at other times it gives "dns request timed out" error ?
> >
> > A lot about the real problem depends on
> > whether you can GET the answer by changing
> > the timeout or if this is a complete failure:
> >
> >     nslookup -time=10 name.domain.com
> >
> > If long timeout settings fail then you have to
> > figure out why the DNS server is not answering
> > (or incorrectly set on the client).
> >
> > If the DNS server does answer but answers
> > slowly, then your troubleshooting is modified
> > somewhat.
> >
> > -- 
> > Herb Martin
> >
> >
> > >
> > > Thanks,
> > > aks
> >
> >
> >

Relevant Pages

  • Re: disabling aaaa queries
    ... The problem seems to be that when bind cannot resolve the ... timeout instantly on A records, but take 5 seconds to timeout on ... for a DNS server serving authoritative data for a LAN I ... ISPs DNS server, ...
    (comp.os.linux.networking)
  • Re: Changing Zone Types
    ... Just make sure you clients are ONLY pointed to the ... WORKING internal DNS server. ... Herb Martin, MCSE, MVP ... >>as it's DNS master so it can pull zone transfers. ...
    (microsoft.public.windows.server.dns)
  • Re: Stupidest Mistake in AD History - Its almost ingenious, almost EV
    ... Thanks for all your help Herb. ... Hmmm...I probably should get my MCSE ... I tried the "let AD install DNS on the fly" method. ... prefered DNS server to itself. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Spooky DNS problem
    ... > Herb, ... > the malicious response would come from the DNS server for EvilHackers.com? ... Is what I am describing referred to as "DNS>>> cache poisoning"? ...
    (microsoft.public.win2000.dns)
  • Re: Help - Config of forwarders
    ... Herb Martin ... > If I read in the same book "Delegate the child domain", ... > the name of the DNS server.. ... >> the name of the DNS server. ...
    (microsoft.public.win2000.dns)