networking - what does it mean if nslookup and ping fail to resolve a host name but tracert does not?

07
2014-04
  • J Smith

    This problem concerns an internal DNS server that for some reason sometimes fails to resolve the host names of some machines on the network. When it fails to resolve a host name, and this can happen on any client machine, the following commands return the following:

    ipconfig /displaydns:
    vm1host.domain.local - Name does not exist.

    nslookup vm1host:
    dnsserver1.domain.local can't find vm1host: Non-existent domain

    ping vm1host:
    Ping request could not find host vm1host. Please check the name and try again.

    tracert vm1host:
    Unable to resolve target system name vm1host.

    nslookup vm1host.domain.local :
    dnsserver1.domain.local can't find vm1host.domain.local: Non-existent domain

    ping vm1host.domain.local:
    Ping request could not find host vm1host.domain.local Please check the name and try again.

    tracert vm1host.domain.local:
    Unable to resolve target system name vm1host.domain.local.

    nslookup <vm1-ip-address>:
    Works Ok...

    ping <vm1-ip-address>:
    Works Ok...

    tracert <vm1-ip-address>: Works Ok... (also displays vm1host.domain.local)

    Interestingly, tracert resolves the name appropriately using only 2 hops.

    Even if subsequently nslookup/ping the host name, I get the same error messages above.

    Flushing the dns does nothing, and even if it did it would not solve the underlying problem since it is experienced by all client machines.

    What does the failure of nslookup/ping but the success of tracert suggest about the underlying problem?

    • Answers
  • Brett Lykins

    Your tracert to the IP address is utilizing a reverse DNS lookup, that is to say it is querying the DNS server for the name to match the IP you entered. (As opposed to a regular forward DNS lookup where your computer queries the DNS server for an IP based on the name you entered.)

    If, as in your case, you're not getting responses for a forward DNS lookup, but ARE getting responses from a reverse DNS lookup, then the issue would most likely be that no A Record exists for that host on the DNS server.

    However, since you are getting the correct name for the host when your computer performs a reverse DNS lookup, it is likely that a PTR Record for the IP address does exists on the DNS server.

    For more information on this, I recommend checking out the Wikipedia page on DNS record types.


    • Related Question

    linux - ping does not resolve the host - always appends a domain
  • dma_k

    The problem seems to be relatively easy, but I can't find good solution.

    Configuration

    I have local DHCP and DNS server running on ADSL router. It assigns IP addresses to local hosts and also keeps DNS records for assigned IPs.

    This modem also registers itself via DynDNS services.

    Let's assume I have no control over this modem, as it serves several groups.

    Problem

    When I look the host via nslookup it works fine:

    $ nslookup vanja
Server:         192.168.1.1
Address:        192.168.1.1#53

Name:   vanja
Address: 192.168.1.12

    but with ping it fails:

    $ ping vanja
ping: unknown host vanja

    This happens, because ping appends the local domain to the host, but DNS server does not know this domain (and I have no ways to set it), see strace output:

    $ strace ping vanja
open("/lib/i686/cmov/libnss_dns.so.2", O_RDONLY) = 4
stat64("/etc/resolv.conf", {st_mode=S_IFREG|0644, st_size=23, ...}) = 0
socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, IPPROTO_IP) = 4
connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.1.1")}, 28) = 0
send(4, "\377N\1\0\0\1\0\0\0\0\0\0\5vanja\10dynalias\3com\0"..., 36, MSG_NOSIGNAL) = 36
recvfrom(4, "\377N\201\203\0\1\0\0\0\1\0\0\5vanja\10dynalias\3com\0"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("192.168.1.1")}, [16]) = 97

    Also note that nslookup vanja.dynalias.com will also fail on the same reason: DNS only maps dynamically assigned IPs to short PC names (which are passed from MS Windows workstations).

    When I set the hostname to name without domain (# hostname centurion) ping magically starts working, but I cannot leave hostname not in FQDN form, as otherwise it may confuse apache & postfix or break other things.

    Question: How can I make ping working together with having hostname in FQDN form?

    Note: My attempts to play with search and domain options of /etc/resolv.conf haven't succeeded. My goal was to force NSS library not to append domain name to the passed argument, or, better, make two tries: without and with domain appended.

    Relative settings

    $ hostname
centurion.dynalias.com
$ cat /etc/resolv.conf
nameserver 192.168.1.1
$ grep hosts /etc/nsswitch.conf
hosts:          files dns

    • Related Answers
  • dtmilano

    You may try

    search . domainname.ext

    to see if just adding the '.' works. Also

    $ ping vanja.

    would give you some clues.

  • Area 51

    Your resolver search path needs to be set.

    In /etc/resolv.conf, add the line:

    search domainname.ext

    (Of course, replace domainname.net above with your domain name).

    This will ensure that ping hostname also looks up hostname.domainname.ext. Note that, you can add multiple domain names to the search path if you want.