Welcome to Sign in | Join | Help
in
Home Blog Forums

The Lazy Admin

DNS Tips #18 - Troubleshoot DNS with NSLookup

Sponsor


 NSLookup is a powerful troubleshooting tool that administrators can use to determine DNS related problems. I am often asked about errors that occur when using NSLookup. Seeing as troubleshooting the troubleshooting tool will only extend the time it takes to resolve the problem I have documented so of the errors you may encounter with NSLookup and the resolution.

Looking for a record that doesn't exist can cause an odd issue to pop up.

C:\> nslookup Default Server: dns.thelazyadmin.lab Address: 10.0.0.10

> thelazyadmin.lab.

Name: thelazyadmin.lab

This weird output can appear if there are no A records for thelazyadmin.lab. To determine what records do exist use the set=any command to list all the records available.

C:\>nslookup
> set type=any
> thelazyadmin.lab.
Server: dns.thelazyadmin.lab
Address: 10.0.0.10

thelazyadmin.lab nameserver = ns1.thelazyadmin.lab
thelazyadmin.lab nameserver = ns2.thelazyadmin.lab
thelazyadmin.lab
primary name server = ns1.thelazyadmin.lab
responsible mail addr = mail.thelazyadmin.lab
serial = 178
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
thelazyadmin.lab MX preference = 10, mail exchanger = mail.thelazyadmin.lab

Another error that can occur looks like this.

C:\> nslookup
*** Can't find server name for address 10.0.0.10: Non-existent domain
Default Server: UnKnown
Address: 10.0.0.10

When you see this error it means that there is no PTR record for 10.0.0.10.in-addr.arpa. Without a reverse lookup zone configured you will see this error. To resolve it, create a reverse lookup zone on your DNS server(s).

Timeouts occur when you query a host that cannot be reached. This can occur because the hosts IP has changed and the DNS record has not been updated. If you do not have aging and scavenging set up on your DNS servers the possibilty of this error occuring increases.

C:\> nslookup
DNS request timed out.
timeout was 2 seconds.
*** Can't find server name for address 10.0.0.10: Timed out
Default Server: UnKnown
Address: 10.0.0.10

In this example the resolver is using the nameserver located at 10.0.0.10 but that nameserver is unavailable.

Another error that occurs is when a query is refused. This error occurs when you attempt a zone transfer but securtiy settings on the primary DNS server is prevented from sending the zone data due to security settings.

C:\> nslookup
Default Server: ns1.thelazyadmin.lab
Address: 10.0.0.10

> ls thelazyadmin.lab
[ns1.thelazyadmin.lab]
*** Can't list domain thelazyadmin.lab.: Query refused






Published Thursday, November 24, 2005 6:45 AM by rodney.buike
Filed under:

Comments

No Comments
Anonymous comments are disabled

This Blog

Powered By

 

Syndication

Sponsors

 
 
Get a free 5GB e-mail account @isalazyadmin.com

Affiliates

Canadian IT Professionals

Canadian IT Managers

Certifications & Awards


All postings are provided "AS IS" with no warranties, and confer no rights.
Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation.
Copyright TheLazyAdmin Inc. All Rights Reserved 2004-2008