networking - Strange DNS makes bogus addresses reach my internet providers IIS server
2014-04
When I type an address that doesn't exist in web-browser "aidjaoihahg" and press enter I come to my Internet Providers IIS server. It is an IIS 8 default website with IIS8 logo etc. "aidjaoihahg.universal.se" Say WHAT?
looking at "ping aidjaoihahg" shows ip: xx.xx.xx.xx and "tracert xx.xx.xx.xx" shows up with a server http://dilbert.uvtc.net The uvtc.net is a shortform of my internet provider Universal Telecom.
I have checked ipconfig /all and computer, picks up this entries:
DNS Suffix Search List. . . . . . : universal.se
Connection-specific DNS Suffix . : universal.se
From reading, these entries are supposed to apply to unqualified names, but Windows DNS is applying them to all DNS lookups and triggering extra DNS lookups on bogus addresses. I think.
I am not setting that DNS suffix and search list anywhere. And would think it is picked up from my internet provider? I have tried to pull out the DNS Suffix Search List from group policies. Not sure this is applied correctly.
Local Group Policy Editor->Computer->Administration Templates->Network->DNS Client->DNS Suffix search list->Disabled.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters show SearchList empty
How can I make the computer from applying the "*.universal.se" to all bogus DNS lookups?
On the Network Connections "Ethernet adapter vEthernet" I have the default settings on TCP/IP DNS tab:
-Append primary and connection specific DNS suffixes [checked]
-Append parent suffixes of the primary DNS suffix [unchecked]
-DNS suffix for this connection: [empty]
-Register this connection's addesses in DNS [unchecked]
-Use this connection's DNS suffix in DNS registration [unchecked]
ipconfig /all output:
C:\Windows\system32>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : myComputer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : universal.se
Ethernet adapter vEthernet (Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Control
ler Virtual Switch):
Connection-specific DNS Suffix . : universal.se
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
Physical Address. . . . . . . . . : 20-CF-30-39-XX-XX
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.199(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : den 17 december 2013 17:24:56
Lease Expires . . . . . . . . . . : den 18 december 2013 17:24:55
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : XXXX:X:XXXX:6ab8:487:1242:ac2e:XXXX(Prefe
rred)
Link-local IPv6 Address . . . . . : XXXX::487:XXXX:ac2e:XXXX%5(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 83886080
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-04-XX-50-20-CF-30-39-XX-XX
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.universal.se:
Connection-specific DNS Suffix . : universal.se
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-XX-00-XX-00-00-00-XX
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : XXXX::5efe:192.168.0.199%11(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 184549376
DHCPv6 Client DUID. . . . . . . . : 00-XX-00-01-XX-04-XX-50-20-CF-XX-39-3A-8B
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled
C:\Windows\system32>
Note I am using Hyper-V server on this computer so my "Ethernet adapter vEthernet" is where I set DNS settings.
Hyper-V Virtual Ethernet Adapter is using "Ethernet" connection "Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller", the Marvell one only have one Hyper-V Extensible Virtual Switch item on properties so I cant set "DNS on TCP/IPv4" there.
I have some problem with my DNS server configuration or my Router i guess.
In the browser, i can't open any pages. i can't ping www.google.com but i can ping the ipadress.
nslookup www.google.com yelds
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
ipconfig /all yelds:
IP Configuration for Windows
Computer name. . . . . . . . . : Asus-PC
The main DNS-suffix. . . . . . :
Node Type. . . . . . . . . . . . . : Hybrid
IP-routing is enabled. . . . : No
WINS-proxy enabled. . . . . . . : No
Wireless LAN adapter Wireless Network Connection:
DNS-suffix for this connection. . . . . :
Description. . . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-06-C6-4C
DHCP is enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled. . . . . . : Yes
Local IPv6-address channel. . . : Fe80:: 3d91: 1dce: a561: d209% 11 (main)
IPv4-address. . . . . . . . . . . . : 192.168.1.101 (primary)
Subnet mask. . . . . . . . . . : 255.255.255.0
Rent received. . . . . . . . . . : May 9, 2011 12:06:42
The lease term expires. . . . . . . . . . : May 9, 2011 14:06:41
Default Gateway. . . . . . . . . : 192.168.1.1
DHCP-server. . . . . . . . . . . : 192.168.1.1
DNS-servers. . . . . . . . . . . : 192.168.1.1
NetBios over TCP / IP. . . . . . . . : Enabled
Tunnel adapter Local Area Connection * 2:
Media State. . . . . . . . : Media disconnected
DNS-suffix for this connection. . . . . :
Description. . . . . . . . . . . . . : Isatap. {CFA53C79-5BEB-445C-A626-772598C5F
CA4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP is enabled. . . . . . . . . . . : No
Autoconfiguration Enabled. . . . . . : Yes
Tunnel adapter Local Area Connection * 6:
Media State. . . . . . . . : Media disconnected
DNS-suffix for this connection. . . . . :
Description. . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP is enabled. . . . . . . . . . . : No
Autoconfiguration Enabled. . . . . . : Yes
any idea what could be the problem? if i login to my router, two dns entries are set.
Change your router DNS entries to something more reliable. They're probably pointing to your ISP DNS servers.
Google DNS: 8.8.8.8 and 8.8.4.4
Open DNS: 208.67.222.222 and 208.67.220.220
Alternatively, you could just change the DNS entries on your computer.
Your DNS servers are wrong.
Go first into the router's control panel (probably at 192.168.1.1) and ensure that the DNS servers are as communicated by your ISP (or choose among Google Public DNS or OpenDNS or DNS Advantage).
Go into the Properties of the Wireless LAN adapter, then into the Properties of TCP/iPv4 (or/and 6), and select "Obtain an IP address automatically", do the same for the DNS server, then OK.