Windows Server 2003 Strange DNS issues

160 pts.
Tags:
DNS
DNS server
Exchange 2003
Exchange 2003 NDR
NDR
TCP/IP
Windows Server 2003
Windows Server 2003 Standard Edition
I have taken over an AD/DNS install (was not employeed when it was initially set up) and I am seeing things I think are strange to say the least. for example, if my FQDN was example.com - this is a typical nslookup/ping session:   C:>nslookup Default Server:  w2003server.example.com Address:  192.168.1.5 > google.com Server:  w23003server.example.com Address:  192.168.1.5 Non-authoritative answer: Name:    google.com.example.com Address:  67.215.65.132 > exit No idea why it added that example.com to end of google.com. And if jsut after the nslookup, I try and ping google.com: C:>ping google.com Pinging google.com [72.14.204.104] with 32 bytes of data: Reply from 72.14.204.104: bytes=32 time=58ms TTL=53 Reply from 72.14.204.104: bytes=32 time=57ms TTL=53 Reply from 72.14.204.104: bytes=32 time=58ms TTL=53 Reply from 72.14.204.104: bytes=32 time=59ms TTL=53 Ping statistics for 72.14.204.104:     Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:     Minimum = 57ms, Maximum = 59ms, Average = 58ms C:> It works without issue and pings the correct address not that weird 67.215.65.132. No idea where that address came from. Nevertheless, I am getting some NDR from my Exchange server, and I think it may be attributed to this weird stuff that is going on with my DNS server. Any thoughs of a place to be looking?

Software/Hardware used:
Windows 2003 R2 Std Server DNS

Answer Wiki

Thanks. We'll let you know when a new response is added.

I would take a look to see where your internal DNS servers are forwarding to. Within DNS Manager, go to the properties of one of your dns servers and go to the Forwarders tab. That strange IP you seeing may be listed here. This strange IP may have been an old ISP’s dns server.

Discuss This Question: 5  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • FrankTheTank
    NSlookup only pulls data from the DNS where ping first looks in the hosts file. Try doing a ipconfig /flushdns to see if you can reset the DNS on your end.
    1,200 pointsBadges:
    report
  • DAXQ
    Thanks for the responses: Aquacer0 - no entries of this weird IP in forwarders, root hints or hosts FrankTheTank - ipconfig /flushdns works successfully, but does not change the results. Even if ping first looks in the hosts file, if it fails to resolve the address there wouldn't it then look to DNS for help?
    160 pointsBadges:
    report
  • DAXQ
    Also - is it normal for the domain to get added to the end of the query domain like that? where google.com becomes google.com.example.com?
    160 pointsBadges:
    report
  • DAXQ
    Apparently 67.215.65.132 is some kind of open dns server hit-nxdomain.opendns.com, and when I did a search for it on DomainTools, it also came back with their dns servers listed as: 208.67.222.222 208.67.220.220. Those DNS server are whats entered in my Forwarders list. So it appears to me that the previous admin was using this open external DNS provider. Dont get why the address is coming back with its main address or why its adding my domain to the google domain. Maken my head hurt.
    160 pointsBadges:
    report
  • DAXQ
    Starting to think that while those DNS things are/were strange, they are not the issue. The primary thing that lead me to checking DNS was my Exchange server - and now I am thinking it is something in the Exchange server all by itself. I changed the DNS forwards to use Googles free DNS first and started getting correct IP addresses and the weird addition of the domain name was gone, so I was hoping it would resolve - but no luck. For one particular email address, if anyone in the domain try's to send to this address the System Undeliverable message pops back instantly. From a console on the same computer (outlook client) or the email server, or the DC, I can nslookup type=mx the recipient domain, I can even telent to the listed mail server and connect. Yet Exchange continues to instantly flag this domain as undeliverable. Head is hurting even more, need to move the whole works to cloud email!
    160 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following