NSLOOKUP Messed up DNS

[ftoddt]

Hello,
I was reading the thread950-663132
I am having logon problems with XP Pro to a Win2K Server LAN taking over 30 minutes. Win2k clients have no problem. I have two Domain Controllers and they both have DNS and they talk between them. When I do a nslookup in the cmd window on the XP computer, I get
Server: servername.edu (will use servername for domain)
Address: 169.254.1.101

*** servername.edu can't find nslookup: Non-existent domain.

I am also logged onto the XP locally because it takes so long to go via the LAN. I can ping the two domain controllers. Any ideas?
Thanks

 

[ftoddt]

Found out more that when I finally log onto the LAN and do nslookup that I get the normal window of:
Server: servername.edu
Address: 169.254.1.2 (other domian controller)

But if I do nslookup again: I get:

Server: servername.edu
Address: 169.254.1.2

*** servername.edu can't find nslookup: Non-existent domain.

Any ideas on that?
Thanks

 

[ricpinto]

You have either a DHCP or a network connection problem. Fix it. 169.254.1.2 - is from APIPA

http://compnetworking.about.com/cs/protocolsdhcp/g/bldef_apipa.htm

Slow login on XP is 99% DNS problem.

 

[wbg34]

You need to set up a reverse lookup zone on your Win2k server.

http://www.microsoft.com/windows200.../techinfo/reskit/en-us/cnet/cncf_imp_dewg.asp

 

[ftoddt]

rcpinto
Thanks for the response. I brought up the link you provided and am not sure what part of that site you are suggesting unless it is the general definitions of DHCP or DNS. I realize that Microsoft provided the 169.254.1.255 range for automatic ip addressing. It is what I inherited. Is there a problem with that addressing. I also need to try a lot of the netdiag/fix and other tests I saw on that earlier thread I mentioned.
wbg34
Thanks for the lead. I will check it out next time I go to the school as my partime job. I know there are reverse lookup zones and I believe my domain controllers are within it but will confirm. What I find strange is the first time I use nslookup, it comes up perfect and the second time on I get that non-existant domain error. I plugged into a hub/switch that both domain controllers plug into. I also feel that one of the domain controllers is dominant in this w-2k LAN because it was the one that was first upgraded from an NT server and the second domain controller was a clean install. I also have not tried the netdiag/fix and should do a lot of the dianostic stuff that both ricpinto and compgirlfhredi had suggested on the reference thread that I earlier mentioned.
Thanks to you both and I will let you know what I find.
I don't go back to the school for a week so there will be a little delay.

Todd

 

[wbg34]

ftoddt,
Also check out Bcastner's Faq on XP slow logons to win2k domains faq779-4017. If that doesn't help, then also post the problem in the winxp forum.

 

[ftoddt]

wbg34,
Thanks again. I was actually in that thread with Bill but never got it solved. Bill also pushed DNS and I believe that you both are right. Its just that I am too inexperienced to look at the various dns entries to know if they are right or wrong. I have used dns to set up and exchange server and that worked out ok but still am real weak.
Have you any good dns books on the market. I seem to deal with bookpool.com a lot.
odd

 

[wbg34]

ftoddt,
When I set up Win2k dns it set up the Reverse lookup zone for me, but it didn't add any ptr records in it. On you DNS server go to Start --> Admin tools --> DNS. Click on the plus next to your server name and the Click on the plus next to your Reverse lookup zone (it should be named something like 1.254.169 in-addra-arpa). Are there any ptr records listed there? If not right click on the reverse lookup zones name and click add --> then choose pointer record. Enter your dns servers name and ip in the appropriate fields.
As far as books go I used the win2k server resource kit for reference and google to find the right answers ; ).

 

[ricpinto]

Sorry to give you a wrong URL, this is the correct one

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q220874

I'm discouraging you to use APIPA because you can't control what ip address that will be supplied to your workstation like default gateway, DNS servers, WINS servers etc. Like the slow login, you must specify the correct DNS IP address to begin with. For a good network design, do not use APIPA, use DHCP or static ip if DHCP is not an option. Disable APIPA

http://www.jsiinc.com/SUBE/Tip2400/rh2437.htm

and redo your ip addressing first, use this private ip addressing scheme so that you'll not going to have a conflict when you connect your LAN to internet later on.

http://www.cis.ohio-state.edu/cgi-bin/rfc/rfc1918.html.

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Ex. Class C.

Server1 (Domain controller)with DNS1/DHCP - 192.168.0.1
Server2 (DC) with DNS2 - 192.168.0.2

Workstation1 - ip address - 192.168.0.51
Default gateway - 192.168.0.1
DHCP - 192.168.0.1
DNS - 192.168.0.1
192.168.0.2

If there's a router to connect to internet with address i.e. 192.168.0.3 then change gateway address from 192.168.0.1 to 192.168.0.3.

If you have questions, post here, there's a lot of people who can help you.

 

[ftoddt]

Thanks Ricpinto, I'll check those links. I do believe that DHCP is working just fine even assigning the APIPA numbers as long as I have the range for DHCP defined in DHCP or is there something else that I am missing. This is what I inherited from the last IT type. In DHCP, the range is defined as 169.254.1.50 to 169.254.1.255 for clients. The 1st 49 numbers are for static ip reservations to servers and printers. I did notice that you have the gateway as the same as your domain controller. In our Lan our gateway is a seperate server that is an ISA server with dual nic(one lan & one wan public ip) Router is still another seperate public IP.
Thanks again,
Todd

 

[GlenJohnson]

Turn off APIPA in the registry, this should help. Depending on the number of clients, you may want to assign ip addresses and not use dhcp.

Glen A. Johnson
"Fall seven times, stand up eight."
Proverb

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[ftoddt]

Hmmm, this is all very interesting. I did not think it would matter if the LAN was using the APIPA numbers or the other private addressing scheme as long as the range for DHCP was defined accordingly. As far as I can tell, DHCP is working and maintaining leases on those APIPA addresses. It has worked pretty well this way until XP Pro clients came on board. Makes me wonder why the many other IT's and Computer Specialist Company that setup the orginal LAN upgrade to Win2k from NT didn't change the number scheme then. Could by chance APIPA be turned off and DHCP was set up using those APIPA addresses for range and subnet? I will verify if the domain controllers have it already turned off in the registry.
As far as using Static Ip's, we have about 175 client computers and about 20 printer adddresses. There are about 400 users. Seems like we are on a 5-7 year computer upgrade and unfortunately the replacement computers are not always given the same network name they had before. Difficult to manage somewhat knowledgeable users when you are part-time and they want the new computer that just arrived up and running when you are gone but we are getting better at some details.
Thanks to you all for your wonderful kindness in sharing your knowledge. I'll be back after I do some more discovery.
Todd

 

[ftoddt]

Glen,
Just want to make sure that I understand some main points. I have been looking over some of your other comments in DHCP problems that people have had.
From what I have read it looks like you cannot use the APIPA IP numbers and or with DHCP. I haven't verified the registry settings yet of wheather APIPA is turned off or not(would that be at the client or server level?). I do remember seeing in DHCP the forward looking scope being defined with the APIPA ip numbers with a range of 169.254.1.50 to 169.254.1.255. The 1st 50 numbers are given to servers and printers as static ip's and reservations were made in DHCP. When I see new clients come on board, I see the new leases in DHCP. I also see a lot of the reverse lookup zone entries of the clients being made automatically with PTR records and all. Is DHCP just reflecting the changes or is it making the changes?
I am sure that these numbers orginated with the beginning of this network and perhaps no DHCP was available at the time but I cannot be sure. When DHCP came on board perhaps they just left the same numbers and configrued DHCP to use those ip numbers. If APIPA is turned off, is it still OK to use these numbers. They seem to be working except for that slow login of XP Clients and I have a lot to check in DNS about that.
Thanks again,
Todd

 

[GlenJohnson]

APIPA means DHCP is not working. The pc's are giving themselves ip addresses. This is how MS designed APIPA. If a pc can't get an address, the apipa kicks in. Turning off the apipa in the registry is in the pc's, not the servers. DHCP is so user freindly, I'm surprised your having problems. Have you checked the log files on the servers and see if there's anything unusual? Good luck. (Let me know if I misunderstood, you're not using the 169.254.x.x range for dhcp are you?)

Glen A. Johnson
"Fall seven times, stand up eight."
Proverb

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[ftoddt]

Glen,
I do believe that we are using the APIPA range for DHCP. I believe it was done that way because the numbers were already out there before DHCP was incorporated and the IT who set up DHCP just kept the same range.
Todd

 

[ftoddt]

More weird stuff.
When I go the run cmd window and do nslookup, it gives me the correct responses. If I do it again, it will fail and say no domain found etc. If I try and ping the domain controller, it will say it can't be found. However if I type exit, the cmd window does not close and I can so ping or nslookup but only nslookup once or else nothing else works. Pretty strange huh.
Tried netdiag.exe and netdiag/fix and both looked good. Everything passed. Still trying to figure it out.
Todd

 

[GlenJohnson]

Take a look at

Thread96-664508

See if this helps. (Not a fix, just a suggestion.)

Glen A. Johnson
"Fall seven times, stand up eight."
Proverb

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[ftoddt]

Glen,
I would dearly love only a 30 second delayd. Since that thread deals with internet browsing and both Windows 2k and xp, I would assume it would not apply to my case. I can certainly try it but its the xp logon that is killing me with a plus 17 minutes. I will keep plugging along.
Todd

 

[GlenJohnson]

Have you tried something drastic, like f-disking and re-installing, or setting it up for a dual boot? I've always been to impatient. Unless it's a server I'm dealing with, or has some special software I can't replace, f-disk is the way I go after a couple of days. Good luck.

Glen A. Johnson
"Fall seven times, stand up eight."
Proverb

Want to get great answers to your Tek-Tips questions? Have a look at FAQ219-2884

 

[ftoddt]

Oh Glen,
Man I have thought about doing that a zillion times. But I would have to fdisk about 20 laptops, format and convert them to Win2k to have any success. I know XP is here to stay so I will try to solve the problem rather than the easy or not so easy way out. One of these days I'll get it. I have some awfully good help from this site including yours.
Todd