I have a user on Windows 7 that is trying to access a local server with a DNS name of windows.cs. We have two internal DNS servers. The DHCP server assigns users the two internal DNS servers as primary and secondary and then our ISPs DNS as a tertiary DNS server.
Every now and then, the user can't access the website at windows.cs. If I ping it, it says it can't resolve the host name. I flush the DNS cache, and then when I display the dns cache it has the following:
windows.cs - Name does not exist
Yet if I use nslookup, which by default queries the primary DNS server (our internal one) and I query windows.cs, it returns the correct IP address.
So why can't Windows resolve the hostname using ping, but it can when using the nslookup tool? And how do I fix this?
It appears from what you're saying that the request for windows.cs is going to the ISPs DNS server now and again. The nxdomain result is then cached by Windows' DNS client, and thus used for any retries with a web browser, ping etc. Clearing the cache (ipconfig /flushdns) should force the Windows DNS client to retry the query, but there's no guarantee it won't go to the ISP DNS server again.
The reason ping can't resolve the hostname but nslookup can is because nslookup a low-level tool that bypasses the Windows DNS client. It uses whatever DNS server you tell it to (the first one by default), and does the query on the fly. You can change the DNS server it queries by typing
server <host>
from the nslookup prompt, where host is the IP or FQDN.The Windows DNS client however will only do queries for entries that are not in its cache (or have expired). Otherwise it returns the cached result.
It's not immediately apparent why the Windows client is using the ISP DNS server. Perhaps it could not resolve the local server recently (due perhaps to being on another network), perhaps the local server was returning errors. Or, perhaps it is not ordered correctly under Advanced TCP/IP settings > DNS.
Personally I prefer to only use local DNS server addresses on workstations (propagated by DHCP), to simplify configuration and avoid issues like this. I'd be curious to know the rationale behind setting the ISPs DNS server on desktops. I can't imagine there being any valid performance reasons, and as far as redundancy goes two is enough on most networks (if not add a third).
The results of
nslookup
differ from that ofping
because ofnslookup
idiosyncracies and bugs. They are not really relevant to your main problem, however, which is that you've violated the rule that your fallback proxy DNS servers must provide the same view of the DNS namespace as your principal one. Your ISP's proxy DNS server doesn't provide the same view of the DNS namespace as your own proxy DNS servers on your LAN.It would seem that yet another system administrator has fallen foul of the My ISP provides and documents it, so I must use it. fallacy. ☺
TL;DR version: IPv6 caused the DNS query problem in my case, deactivating it solved the DNS query problem.
I had the same problem on my development machine. Whenever I logged in into our company network, I was not able to resolve the internal host names, all external host names/URIs could be resolved. I did check the DNS servers that had been assigned on the VPN connection and they showed the company DNS servers were configured as primary and secondary. I could also use
nslookup
but had to manually change the server viaserver X.X.X.X
to get DNS resolution.In the end I found that IPv6 was causing the problems with the name resolution: on each DNS query the IPv6 DNS was queried rather than the IPv4 company DNS servers. After deactivating IPv6, you have to
ipconfig /flushdns
otherwise previously queried addresses may still not be resolved.I was able to resolve the issue simple by deleting the DNS record and run the flushdns and registerdns commands and that fixes it. the reason why is the agein on DNS itself. The DNS did not delete the record after the lease has been expired and didn't get renewed which couldn't resolve the name because it'sold for it. i hope that help you fixing your problems.